You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Dennis Kieselhorst (JIRA)" <ji...@apache.org> on 2017/05/04 18:44:04 UTC
[jira] [Commented] (CXF-7363) Support saaj-impl 1.4
[ https://issues.apache.org/jira/browse/CXF-7363?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15997204#comment-15997204 ]
Dennis Kieselhorst commented on CXF-7363:
-----------------------------------------
Is this to be fixed in CXF or WSS4J?
> Support saaj-impl 1.4
> ---------------------
>
> Key: CXF-7363
> URL: https://issues.apache.org/jira/browse/CXF-7363
> Project: CXF
> Issue Type: Bug
> Reporter: Romain Manni-Bucau
>
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor (and actions like UsernameTokenAction) don't build the dom correctly and it fails with saaj(impl 1.4, here a way to build correctly the dom for the header appending:
> {code}
> new WSS4JOutInterceptor(outProps) {
> @Override
> protected void doSenderAction(final Document doc, final RequestData reqData,
> final List<HandlerAction> actions, final boolean isRequest) throws WSSecurityException {
> final String soapNamespace = WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
> Element header = XMLUtils.getDirectChildElement(doc.getDocumentElement(), WSConstants.ELEM_HEADER, soapNamespace);
> final Element envelope = doc.getDocumentElement();
> if (header == null) {
> header = createElementInSameNamespace(envelope.getOwnerDocument(), envelope, WSConstants.ELEM_HEADER);
> final Node firstChild = envelope.getFirstChild();
> if (firstChild == null) {
> envelope.appendChild(header);
> } else {
> envelope.insertBefore(header, firstChild);
> }
> }
> Element securityHeader = WSSecurityUtil.getSecurityHeader(header, getString(WSHandlerConstants.ACTOR, reqData.getMsgContext()), WSConstants.URI_SOAP12_ENV.equals(soapNamespace));
> if (securityHeader == null) {
> securityHeader = header.getOwnerDocument().createElementNS(WSConstants.WSSE_NS, "wsse:Security");
> securityHeader.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:wsse", WSConstants.WSSE_NS);
> final Node firstChild = header.getFirstChild();
> if (firstChild == null) {
> header.appendChild(securityHeader);
> } else {
> header.insertBefore(securityHeader, firstChild);
> }
> }
> super.doSenderAction(doc, reqData, actions, isRequest);
> }
> private Element createElementInSameNamespace(final Document doc, final Element parent, final String localName) {
> String qName = localName;
> String prefix = parent.getPrefix();
> if (prefix != null && prefix.length() > 0) {
> qName = prefix + ":" + localName;
> }
> String nsUri = parent.getNamespaceURI();
> return doc.createElementNS(nsUri, qName);
> }
> }
> {code}
> Same kind of document fix should be done on the actions.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)