MTOM + WS-Security X.509 Certificate Token Profile Question

Wed, 04 Mar 2009 08:25:43 -0800 

Hi All

I have client abd server that use MTOM to send message with attachment. (it
works fine I can see 
<xop:Include xmlns:xop="http://www.w3.org/2004/08/xop/include";
href="$reference"/> in message and attachment bytes afterwards in Outbound
log)

I am wondering if it is possible to combine MTOM and WS-Security X.509
Certificate Token Profile  signing


I checked out WS-Security and MTOM tutorials available on CXF page and now I
have  client code as follows:


 UploadService ss = new UploadService(wsdlURL, SERVICE_NAME);
        UploadServicePortType port = ss.getUploadServicePort();

        
        //WS-Security via API
     
        Map<String,Object> outProps = new HashMap<String,Object>();
        
        outProps.put(WSHandlerConstants.ACTION, "Signature");
        outProps.put(WSHandlerConstants.USER, "myAlias");
        outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ClientPasswordCallback.class.getName());
        outProps.put(WSHandlerConstants.SIG_PROP_FILE,
"client_sign.properties");

        org.apache.cxf.endpoint.Client client =
org.apache.cxf.frontend.ClientProxy.getClient(port);
        org.apache.cxf.endpoint.Endpoint cxfEndpoint = client.getEndpoint();
        
        WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
        cxfEndpoint.getOutInterceptors().add(wssOut);
        cxfEndpoint.getOutInterceptors().add(new SAAJOutInterceptor()); //
2.0.x only; not needed in 2.1+

        //WS-Security via API END
        
        Binding binding = ((BindingProvider)port).getBinding();
        ((SOAPBinding)binding).setMTOMEnabled(true);


I've made matching changes on server side and everything works fine.
However there is no 
<xop:Include xmlns:xop="http://www.w3.org/2004/08/xop/include";
href="$reference"/>
in client Inbound anymore. Instead of reference in message there is
attachment data coded with base64 :/


Please confirm whether my client configuration is not correct or combining
MTOM and WS-Security at the same time is not possible.

Any help would be appreciated,
Maciej
 
-- 
View this message in context: 
http://www.nabble.com/MTOM-%2B-WS-Security-X.509-Certificate-Token-Profile-Question-tp22333460p22333460.html
Sent from the cxf-user mailing list archive at Nabble.com.

Reply via email to