ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kai Rommel <>
Subject WS Security with attachment encryption
Date Mon, 27 Jun 2016 09:02:50 GMT
Hello Colm,

I configured a WS-Consumer with WS-Security.
Works fine for body encryption, when message is send to WS-Provider. The
soap envelope contains beside soap header also soap body:

...</wsse:Security></soap:Header><soap:Body xmlns:wsu=""
wsu:Id="id-f2366587-d90a-44c5-9b03-22dccc6a177d"><xenc:EncryptedData .....

Now I enhanced my scenario by encrypting attachments, too.
My WSS4J Interceptor looks like this:
<bean class=""
         <entry key="action" value="Timestamp Signature Encrypt" />
         <entry key="user" value="wss" />
         <entry key="signatureUser" value="wss" />
         <entry key="signaturePropFile" value="jks/" />
         <entry key="signatureKeyIdentifier" value="DirectReference" />
         <entry key="passwordCallbackClass"
value="demo.ws_rm.client.CallBack" />
         <!-- with attachments -->
         <entry key="signatureParts"
         <entry key="encryptionUser" value="wss" />
         <entry key="encryptionPropFile" value="jks/" />
         <entry key="encryptionParts"
{}cid:Attachments" />

Now the soap:body is missing in the soap:envelope. Header element is
closed, but body not opened
...</wsse:Security></soap:Header><xenc:EncryptedData xmlns:....

Attachments are encrypted fine. But message can not be decrypted on
WS-Provider side, because of missing body element.

I am using cxf 3.2.0-SNAPSHOT and wss4j 2.2.0-SNAPSHOT.

Are you able to reproduce the error, or is my WSS4J interceptor
configuration wrong?

Thanks for your help.

Best regards

View raw message