Signing + encrypting/decrypting SOAP Attachments is not supported in CXF 2.7.x. However it is supported on CXF trunk at the moment, and will be included in the forthcoming CXF 3.0.0 release. Here are some tests if you are interested:
http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/swa/ Colm. On Fri, Feb 7, 2014 at 3:19 PM, Wabi Sabi <[email protected]> wrote: > Hello, > > I wonder if CXF can be configured to decrypt attachments that come as a web > service response? > > I hoped that WSS4JInInterceptor will take care of this use case, but it > fails with "The signature or decryption was invalid" exception, which is > caused by "org.apache.xml.security.encryption.XMLEncryptionException: Could > not find a resolver for URI > cid:urn%3Auuid%@apache.org and Base null > > I managed to write a custom resolver to provide attachment data, but then > it fails with yet another exception: > org.apache.xml.security.encryption.XMLEncryptionException: > Unknown transformation. No handler installed for URI > > http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Ciphertext-Transform > > Can somebody point me in the right direction, please? Any help is greatly > appreciated. > > Thanks in advance. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
