You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2012/12/10 19:05:38 UTC
svn commit: r1419616 - in /webservices/wss4j/trunk/cxf-integration: pom.xml
src/main/java/org/swssf/cxfIntegration/interceptor/SecurityInInterceptor.java
Author: giger
Date: Mon Dec 10 18:05:36 2012
New Revision: 1419616
URL: http://svn.apache.org/viewvc?rev=1419616&view=rev
Log:
xmlStreamReader.close() issue is already fixed in newer CXF versions so revert commit 1418741 and update cxf to 2.6.3
Modified:
webservices/wss4j/trunk/cxf-integration/pom.xml
webservices/wss4j/trunk/cxf-integration/src/main/java/org/swssf/cxfIntegration/interceptor/SecurityInInterceptor.java
Modified: webservices/wss4j/trunk/cxf-integration/pom.xml
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/cxf-integration/pom.xml?rev=1419616&r1=1419615&r2=1419616&view=diff
==============================================================================
--- webservices/wss4j/trunk/cxf-integration/pom.xml (original)
+++ webservices/wss4j/trunk/cxf-integration/pom.xml Mon Dec 10 18:05:36 2012
@@ -34,7 +34,7 @@
<name>Streaming WS Security CXF Integration</name>
<properties>
- <cxf.version>2.6.2</cxf.version>
+ <cxf.version>2.6.3</cxf.version>
<spring.version>3.0.7.RELEASE</spring.version>
</properties>
Modified: webservices/wss4j/trunk/cxf-integration/src/main/java/org/swssf/cxfIntegration/interceptor/SecurityInInterceptor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/cxf-integration/src/main/java/org/swssf/cxfIntegration/interceptor/SecurityInInterceptor.java?rev=1419616&r1=1419615&r2=1419616&view=diff
==============================================================================
--- webservices/wss4j/trunk/cxf-integration/src/main/java/org/swssf/cxfIntegration/interceptor/SecurityInInterceptor.java (original)
+++ webservices/wss4j/trunk/cxf-integration/src/main/java/org/swssf/cxfIntegration/interceptor/SecurityInInterceptor.java Mon Dec 10 18:05:36 2012
@@ -22,10 +22,8 @@ import org.apache.cxf.binding.soap.SoapF
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
import org.apache.cxf.interceptor.Fault;
-import org.apache.cxf.interceptor.ServiceInvokerInterceptor;
import org.apache.cxf.interceptor.StaxInInterceptor;
-import org.apache.cxf.phase.Phase;
import org.apache.ws.security.common.ext.WSSecurityException;
import org.apache.ws.security.stax.WSSec;
import org.apache.ws.security.stax.ext.InboundWSSec;
@@ -86,23 +84,6 @@ public class SecurityInInterceptor exten
newXmlStreamReader = inboundWSSec.processInMessage(originalXmlStreamReader, requestSecurityEvents, securityEventListener);
soapMessage.setContent(XMLStreamReader.class, newXmlStreamReader);
- //workaround: CXF seems not to call xmlstreamReader.close() which is essential to complete
- //security processing. So we add another interceptor which does it.
- AbstractSoapInterceptor abstractSoapInterceptor = new AbstractSoapInterceptor(Phase.PRE_INVOKE) {
-
- @Override
- public void handleMessage(SoapMessage message) throws Fault {
- XMLStreamReader xmlStreamReader = message.getContent(XMLStreamReader.class);
- try {
- xmlStreamReader.close();
- } catch (XMLStreamException e) {
- throw new SoapFault("unexpected service error", SoapFault.FAULT_CODE_SERVER);
- }
- }
- };
- abstractSoapInterceptor.addBefore(ServiceInvokerInterceptor.class.getName());
- soapMessage.getInterceptorChain().add(abstractSoapInterceptor);
-
//Warning: The exceptions which can occur here are not security relevant exceptions but configuration-errors.
//To catch security relevant exceptions you have to catch them e.g.in the FaultOutInterceptor.
//Why? Because we do streaming security. This interceptor doesn't handle the ws-security stuff but just