Thank you very much, Colm for detailed and complete responses. I tried
building client with CXF 3, but it seems to break even the calls that
worked before. I now get:
Caused by: *org.apache.wss4j.common.ext.WSSecurityException*: An error was
discovered processing the <wsse:Security> header
Thrown by org.apache.wss4j.dom.processor.EncryptedKeyProcessor:
if
(WSConstants.KEYTRANSPORT_RSA15.equals(encryptedKeyTransportMethod)
&& !data.isAllowRSA15KeyTransportAlgorithm()
&&
!algorithmSuite.getKeyWrapAlgorithms().contains(WSConstants.KEYTRANSPORT_RSA15))
{
log.debug(
"The Key transport method does not match the requirement"
);
throw new
WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
}
I would greatly appreciate any pointers for implementing a CXF 2.7-based
solution for the decryption...
On Mon, Feb 10, 2014 at 11:38 AM, Colm O hEigeartaigh
<[email protected]>wrote:
> Here is a blog article describing how to use this new functionality in
> CXF...
>
> http://coheigea.blogspot.ie/2014/02/apache-wss4j-200-part-v.html
>
> Colm.
>
>
> On Fri, Feb 7, 2014 at 3:27 PM, Colm O hEigeartaigh <[email protected]
> >wrote:
>
> >
> > Signing + encrypting/decrypting SOAP Attachments is not supported in CXF
> > 2.7.x. However it is supported on CXF trunk at the moment, and will be
> > included in the forthcoming CXF 3.0.0 release. Here are some tests if you
> > are interested:
> >
> >
> >
> http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/swa/
> >
> > Colm.
> >
> >
> > On Fri, Feb 7, 2014 at 3:19 PM, Wabi Sabi <[email protected]>
> wrote:
> >
> >> Hello,
> >>
> >> I wonder if CXF can be configured to decrypt attachments that come as a
> >> web
> >> service response?
> >>
> >> I hoped that WSS4JInInterceptor will take care of this use case, but it
> >> fails with "The signature or decryption was invalid" exception, which is
> >> caused by "org.apache.xml.security.encryption.XMLEncryptionException:
> >> Could
> >> not find a resolver for URI
> >> cid:urn%3Auuid%@apache.org and Base null
> >>
> >> I managed to write a custom resolver to provide attachment data, but
> then
> >> it fails with yet another exception:
> >> org.apache.xml.security.encryption.XMLEncryptionException:
> >> Unknown transformation. No handler installed for URI
> >>
> >>
> http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Ciphertext-Transform
> >>
> >> Can somebody point me in the right direction, please? Any help is
> greatly
> >> appreciated.
> >>
> >> Thanks in advance.
> >>
> >
> >
> >
> > --
> > Colm O hEigeartaigh
> >
> > Talend Community Coder
> > http://coders.talend.com
> >
>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>
