Hello Colm, I configured a WS-Consumer with WS-Security. Works fine for body encryption, when message is send to WS-Provider. The soap envelope contains beside soap header also soap body:
...</wsse:Security></soap:Header><soap:Body xmlns:wsu=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="id-f2366587-d90a-44c5-9b03-22dccc6a177d"><xenc:EncryptedData ..... Now I enhanced my scenario by encrypting attachments, too. My WSS4J Interceptor looks like this: <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor" id="Sign_Request"> <constructor-arg> <map> <entry key="action" value="Timestamp Signature Encrypt" /> <entry key="user" value="wss" /> <entry key="signatureUser" value="wss" /> <entry key="signaturePropFile" value="jks/client.properties" /> <entry key="signatureKeyIdentifier" value="DirectReference" /> <entry key="passwordCallbackClass" value="demo.ws_rm.client.CallBack" /> <!-- with attachments --> <entry key="signatureParts" value="{}cid:Attachments; {Element}{ http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp ; {Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"/> <entry key="encryptionUser" value="wss" /> <entry key="encryptionPropFile" value="jks/client.properties" /> <entry key="encryptionParts" value="{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body; {}cid:Attachments" /> </map> </constructor-arg> </bean> Now the soap:body is missing in the soap:envelope. Header element is closed, but body not opened ...</wsse:Security></soap:Header><xenc:EncryptedData xmlns:.... Attachments are encrypted fine. But message can not be decrypted on WS-Provider side, because of missing body element. I am using cxf 3.2.0-SNAPSHOT and wss4j 2.2.0-SNAPSHOT. Are you able to reproduce the error, or is my WSS4J interceptor configuration wrong? Thanks for your help. Best regards Kai
