[
https://issues.apache.org/jira/browse/CXF-2298?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Kulp resolved CXF-2298.
------------------------------
Resolution: Fixed
Fix Version/s: 2.2.3
2.1.6
Assignee: Daniel Kulp
> encryptionUser=useReqSigCert fails to find request certificate
> --------------------------------------------------------------
>
> Key: CXF-2298
> URL: https://issues.apache.org/jira/browse/CXF-2298
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.2.2
> Reporter: Jim Hansen
> Assignee: Daniel Kulp
> Fix For: 2.1.6, 2.2.3
>
> Attachments: application-context.xml, Exception.txt,
> FixedWSS4JOutInterceptor.java
>
> Original Estimate: 10h
> Remaining Estimate: 10h
>
> When setting encryptionUser=useReqSigCert, CXF should locate the request
> certificate and use it to encrypt the response. The logic is to retrieve the
> RECV_RESULTS from the msgContext, and then retrieve the request certificate
> from the RECV_RESULTS. The WSS4JOutInterceptor attempts to retrieve the
> RECV_RESULTS by calling WSS4JOutInterceptor.getProperty(msgContext,
> WSHandlerConstants.RECV_RESULTS), but getProperty() fails to find the
> RECV_RESULTS. The underlying implementation of getProperty() looks in various
> places for the RECV_RESULTS, but fails to look in ((Message)
> msgContext).getExchange().getInMessage(), where the RECV_RESULTS are actually
> located. So the incoming message is located in the Exchange, and it is this
> extra level of indirection that seems to be missing from the search for
> RECV_RESULTS. I'm not familiar enough with the code to identify the root
> cause, but it seems to be an incompatibility between CXF and the underlying
> WSS4J implementation (just a guess).
> I am attaching three files:
> 1) Exception.txt shows the text of the exception that is thrown
> 2) application-context.xml is the CXF configuration for the
> WSS4JOutInterceptor
> 3) FixedWSS4JOutInterceptor.java is a fixed version of the
> WSS4JOutInterceptor that retrieves the RCV_RESULTS from the correct location.
> This is provided for illustrative purposes only, and is not intended as a fix
> - my guess is that the correct fix to this problem is at a lower level in the
> code, and I would appreciate it if someone would take this further and
> determine the root cause of this problem, and a more appropriate fix.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
