Hi Colm, thank you, I just logged Issue 4954.
I'll look at the custom AlgorithmSuites, but I am a bit sceptical: what's the use of WS-SecurityPolicy, when using an unknown, unofficial algorithm suite (identifier) that has to be communicated out of line the the web service clients anyway? (But thanks again, I am curious anyway.) Dirk -----Ursprüngliche Nachricht----- Von: Colm O hEigeartaigh [mailto:[email protected]] Gesendet: Dienstag, 9. April 2013 14:46 An: [email protected] Betreff: Re: CryptoCoverageChecker and SOAP Fault responses Hi Dirk, It appears that this is not currently supported. Could you log a JIRA? Incidentally, custom AlgorithmSuites are supported in CXF using WS-SecurityPolicy. See here for an example: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/gcm/ http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/gcm/ Colm. On Tue, Apr 9, 2013 at 8:14 AM, Lattermann, Dirk < [email protected]> wrote: > Hi, > > Using CXF 2.4.6 in JBoss EAP 6, I'm securing my web services with > WS-Security (no WS-SecurityPolicy as the algorithm suite is not > supported there). > > For this, I have configured WSS4JInInterceptors and > WSS4JOutInterceptors on both client and server, and the setup works. > > To check if incoming messages are signed, encrypted, and with > timestamp token, I also have configured a CryptoCoverageChecker on > both client and server. Now I have the problem that I cannot obtain > Fault answers from the server on the client any more because the > CryptoCoverageChecker kicks in and I don't have a chance to access the > SOAPFaultException from the server. > The server doesn't sign and encrypt Fault answers (which is ok, and > this is the case also when using easy WS-SecurityPolicy configurations). > > How can I configure the CryptoCoverageChecker to only check regular > (non-fault) web service responses? Or how can I configure CXF to only > use a CryptoCoverageChecker on non-fault responses? (With > WS-SecurityPolicy, this problem seems solved). > > Thank you, > Dirk Lattermann > -------------------------------------------------------- > DATAGROUP BGS GmbH > Dirk Lattermann > > > Auf den Tongruben 3 > D-53721 Siegburg > Fon: +49 2241 166-531 > Fax: +49 2241 166-680 > E-Mail: [email protected] > http://www.datagroup.de > > Sie finden uns auch auf: > Facebook<https://www.facebook.com/#!/datagroupag/> | Xing< > https://www.xing.com/companies/datagroupag/updates/> | Google+< > https://plus.google.com/s/datagroup#112017044868465108697/posts> | > LinkedIn<http://www.linkedin.com/company/datagroup-ag/> | Kununu< > http://www.kununu.com/de/all/de/it/datagroup/> > > Geschäftsführung: Hans-Hermann Schaber Amtsgericht Mainz, HRB 44217 > > DATAGROUP ist als einer von wenigen IT-Dienstleistern zertifiziert > nach ISO 20000, der höchstmöglichen Auszeichnung für professionelles > IT Service Management. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com -------------------------------------------------------- DATAGROUP BGS GmbH Dirk Lattermann Auf den Tongruben 3 D-53721 Siegburg Fon: +49 2241 166-531 Fax: +49 2241 166-680 E-Mail: [email protected] http://www.datagroup.de Sie finden uns auch auf: Facebook<https://www.facebook.com/#!/datagroupag/> | Xing<https://www.xing.com/companies/datagroupag/updates/> | Google+<https://plus.google.com/s/datagroup#112017044868465108697/posts> | LinkedIn<http://www.linkedin.com/company/datagroup-ag/> | Kununu<http://www.kununu.com/de/all/de/it/datagroup/> Geschäftsführung: Hans-Hermann Schaber Amtsgericht Mainz, HRB 44217 DATAGROUP ist als einer von wenigen IT-Dienstleistern zertifiziert nach ISO 20000, der höchstmöglichen Auszeichnung für professionelles IT Service Management.
