ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kai Rommel <krommel2...@googlemail.com>
Subject WS Security with attachment encryption
Date Mon, 27 Jun 2016 09:02:50 GMT
Hello Colm,

I configured a WS-Consumer with WS-Security.
Works fine for body encryption, when message is send to WS-Provider. The
soap envelope contains beside soap header also soap body:

...</wsse:Security></soap:Header><soap:Body xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="id-f2366587-d90a-44c5-9b03-22dccc6a177d"><xenc:EncryptedData .....


Now I enhanced my scenario by encrypting attachments, too.
My WSS4J Interceptor looks like this:
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"
 id="Sign_Request">
 <constructor-arg>
     <map>
         <entry key="action" value="Timestamp Signature Encrypt" />
         <entry key="user" value="wss" />
         <entry key="signatureUser" value="wss" />
         <entry key="signaturePropFile" value="jks/client.properties" />
         <entry key="signatureKeyIdentifier" value="DirectReference" />
         <entry key="passwordCallbackClass"
value="demo.ws_rm.client.CallBack" />
         <!-- with attachments -->
         <entry key="signatureParts"
             value="{}cid:Attachments;
             {Element}{
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp
;
             {Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>
         <entry key="encryptionUser" value="wss" />
         <entry key="encryptionPropFile" value="jks/client.properties" />
         <entry key="encryptionParts"
          value="{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body;
{}cid:Attachments" />
     </map>
 </constructor-arg>
</bean>

Now the soap:body is missing in the soap:envelope. Header element is
closed, but body not opened
...</wsse:Security></soap:Header><xenc:EncryptedData xmlns:....

Attachments are encrypted fine. But message can not be decrypted on
WS-Provider side, because of missing body element.

I am using cxf 3.2.0-SNAPSHOT and wss4j 2.2.0-SNAPSHOT.

Are you able to reproduce the error, or is my WSS4J interceptor
configuration wrong?

Thanks for your help.

Best regards
Kai

Mime
View raw message