Hello Colm,
thanks. My configuration was wrong. I configured:
<entry key="encryptionParts" value="{Element}{
http://schemas.xmlsoap.org/soap/envelope/}Body; {}cid:Attachments" />
I oriented myself on https://ws.apache.org/wss4j/attachments.html
Now I am using (like in your test):
<entry key="encryptionParts" value="{}{
http://schemas.xmlsoap.org/soap/envelope/}Body;{Element}cid:Attachments;";>
and it works fine.
The documentation states {}cid:Attachments. Maybe it can be updated to
{Element}cid:Attachments.
Is there an special reason, why I have to use in signatureParts {Element}{
http://schemas.xmlsoap.org/soap/envelope/}Body and in encryptionParts {}{
http://schemas.xmlsoap.org/soap/envelope/}Body?
Thanks.
Best regards
Kai
2016-06-27 12:10 GMT+02:00 Colm O hEigeartaigh <[email protected]>:
> I can't reproduce...I added a similar test to CXF and it works fine:
>
> https://git1-us-west.apache.org/repos/asf?p=cxf.git;a=commit;h=0eafb7f8
>
> Colm.
>
> On Mon, Jun 27, 2016 at 10:02 AM, Kai Rommel <[email protected]>
> wrote:
>
>> Hello Colm,
>>
>> I configured a WS-Consumer with WS-Security.
>> Works fine for body encryption, when message is send to WS-Provider. The
>> soap envelope contains beside soap header also soap body:
>>
>> ...</wsse:Security></soap:Header><soap:Body xmlns:wsu="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>> wsu:Id="id-f2366587-d90a-44c5-9b03-22dccc6a177d"><xenc:EncryptedData .....
>>
>>
>> Now I enhanced my scenario by encrypting attachments, too.
>> My WSS4J Interceptor looks like this:
>> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"
>> id="Sign_Request">
>> <constructor-arg>
>> <map>
>> <entry key="action" value="Timestamp Signature Encrypt" />
>> <entry key="user" value="wss" />
>> <entry key="signatureUser" value="wss" />
>> <entry key="signaturePropFile" value="jks/client.properties" />
>> <entry key="signatureKeyIdentifier" value="DirectReference" />
>> <entry key="passwordCallbackClass"
>> value="demo.ws_rm.client.CallBack" />
>> <!-- with attachments -->
>> <entry key="signatureParts"
>> value="{}cid:Attachments;
>> {Element}{
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp
>> ;
>> {Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>
>> <entry key="encryptionUser" value="wss" />
>> <entry key="encryptionPropFile" value="jks/client.properties" />
>> <entry key="encryptionParts"
>> value="{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body;
>> {}cid:Attachments" />
>> </map>
>> </constructor-arg>
>> </bean>
>>
>> Now the soap:body is missing in the soap:envelope. Header element is
>> closed, but body not opened
>> ...</wsse:Security></soap:Header><xenc:EncryptedData xmlns:....
>>
>> Attachments are encrypted fine. But message can not be decrypted on
>> WS-Provider side, because of missing body element.
>>
>> I am using cxf 3.2.0-SNAPSHOT and wss4j 2.2.0-SNAPSHOT.
>>
>> Are you able to reproduce the error, or is my WSS4J interceptor
>> configuration wrong?
>>
>> Thanks for your help.
>>
>> Best regards
>> Kai
>>
>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>
