Hi, I have a CXF endpoint that uses @WebServiceProvider to process the SOAP XML.
The sender uses WS-Security so the message includes in its SOAP header:<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; soap:mustUnderstand="1">
This causes CXF to throw an Exception saying:23 Νοε 2009 10:30:22 πμ org.apache.cxf.phase.PhaseInterceptorChain doIntercept
WARNING: Interceptor has thrown exception, unwinding noworg.apache.cxf.binding.soap.SoapFault: MustUnderstand headers: [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security] are not understood. at org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor$UltimateReceiverMustUnderstandInterceptor.handleMessage(MustUnderstandInterceptor.java:221)
... stack trace continues...Now, I don't care about the encrypted portion of the message. I just want to use the XML API-s to process the message in my:
@WebServiceProvider(...)
@ServiceMode(Mode.MESSAGE)
@BindingType(value = HTTPBinding.HTTP_BINDING)
public class AsyncMessagingServiceProvider implements Provider<Source> {
public Source invoke(Source request) {
// I need to look at the XML here, no need to decrypt / verify the
secured elements
}So how can I tell CXF to just perform the invocation and not worry about "understanding" that header? What are my options? I am thinking that it is possible for an interceptor to mark a header as "understood" so that CXF will not complain. Is there indeed an API for that?
