encryptionUser=useReqSigCert fails to find request certificate
--------------------------------------------------------------
Key: CXF-2298
URL: https://issues.apache.org/jira/browse/CXF-2298
Project: CXF
Issue Type: Bug
Components: WS-* Components
Affects Versions: 2.2.2
Reporter: Jim Hansen
When setting encryptionUser=useReqSigCert, CXF should locate the request
certificate and use it to encrypt the response. The logic is to retrieve the
RECV_RESULTS from the msgContext, and then retrieve the request certificate
from the RECV_RESULTS. The WSS4JOutInterceptor attempts to retrieve the
RECV_RESULTS by calling WSS4JOutInterceptor.getProperty(msgContext,
WSHandlerConstants.RECV_RESULTS), but getProperty() fails to find the
RECV_RESULTS. The underlying implementation of getProperty() looks in various
places for the RECV_RESULTS, but fails to look in ((Message)
msgContext).getExchange().getInMessage(), where the RECV_RESULTS are actually
located. So the incoming message is located in the Exchange, and it is this
extra level of indirection that seems to be missing from the search for
RECV_RESULTS. I'm not familiar enough with the code to identify the root cause,
but it seems to be an incompatibility between CXF and the underlying WSS4J
implementation (just a guess).
I am attaching three files:
1) Exception.txt shows the text of the exception that is thrown
2) application-context.xml is the CXF configuration for the WSS4JOutInterceptor
3) FixedWSS4JOutInterceptor.java is a fixed version of the WSS4JOutInterceptor
that retrieves the RCV_RESULTS from the correct location. This is provided for
illustrative purposes only, and is not intended as a fix - my guess is that the
correct fix to this problem is at a lower level in the code, and I would
appreciate it if someone would take this further and determine the root cause
of this problem, and a more appropriate fix.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
