Crypto cache issues due and the PolicyBasedWSS4JInInterceptor used as a
singleton
---------------------------------------------------------------------------------
Key: CXF-4052
URL: https://issues.apache.org/jira/browse/CXF-4052
Project: CXF
Issue Type: Bug
Components: WS-* Components
Affects Versions: 2.4.5
Environment: JBossWS-CXF integration, using Apache CXF 2.4.x
Reporter: Alessio Soldano
When using WS-Policy to setup WS-Security interceptors, the
WSSecurityInterceptorProvider runs:
{code}
...
this.getInInterceptors().add(PolicyBasedWSS4JInInterceptor.INSTANCE);
this.getInFaultInterceptors().add(PolicyBasedWSS4JInInterceptor.INSTANCE);
...
{code}
which causes the same instance of PolicyBasedWSS4JInInterceptor to be added to
any bus.
Unfortunately, the PolicyBasedWSS4JInInterceptor ends up extending
org.apache.ws.security.handler.WSHandler which has a Map<String, Crypto>
attribute. That is used whenever loading a Crypto instance and caches instances
with keys basically given by the Merlin prop file name the user specified for
the endpoint.
So, when having multiple deployments referencing properties files with the same
name, the first crypto instance is always used.
If we want to keep the singleton approach on using the
PolicyBasedWSS4JInInterceptor, we should probably at least use a different
mechanism for creating keys so that prop files from different deployments are
kept separate.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
