Hi, we are also trying to use WS-Security + MTOM in JBossWS 2.0.1 and 2.0.3, we are sending big files so we need binary attachments instead of inline encoded data. Here is the result of our tests:
- In JBossWS 2.0.1 you must change the configuration of the endpoint by adding ##SOAP11_HTTP_MTOM to the bindings protocol: | <javaee:protocol-bindings>##SOAP11_HTTP ##SOAP11_HTTP_MTOM</javaee:protocol-bindings> | If ##SOAP11_HTTP_MTOM is not present, the handler is ignored, and the signature is not verified. - In JBossWS 2.0.3 you don't need to add ##SOAP11_HTTP_MTOM, it seems to consider the handler anyway. - In both versions we had problems sending the binary as an attachment (using SoapUI), we always receive: Signature is invalid - Using a JBossWS client, we didn't find a way to send the binary data as an attachment, it is sent always encoded inline. - If the binary data is sent inline the signature is verified (from the JBossWS client and also from SoapUI) - So, we could not make MTOM + Attachments + WS-Security work together Instead, we have moved to swaRef (simply annotating with @XmlAttachmentRef a DataHandler field) and everything works fine, you can remove the BindingType for MTOM. - So, we have now swaRef + WS-Security working fine There is some important difference between MTOM and swaRef? swaRef comes from ws-i, so I expect no interoperability problems. Somebody has MTOM and WS-Security working? Thanks, Martin View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4131550#4131550 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4131550 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
