You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2019/06/27 10:13:23 UTC
svn commit: r1862204 - in /webservices/wss4j/branches/2_2_x-fixes:
ws-security-common/src/main/java/org/apache/wss4j/common/token/
ws-security-dom/src/main/java/org/apache/wss4j/dom/message/
ws-security-dom/src/main/java/org/apache/wss4j/dom/transform/...
Author: coheigea
Date: Thu Jun 27 10:13:22 2019
New Revision: 1862204
URL: http://svn.apache.org/viewvc?rev=1862204&view=rev
Log:
WSS-652 - MTOM Content-Id handling doesn't comply with RFC2392: .NET issues
Modified:
webservices/wss4j/branches/2_2_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/token/BinarySecurity.java
webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java
webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureBase.java
webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/transform/AttachmentContentSignatureTransform.java
webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/EncryptionUtils.java
webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/XOPAttachmentTest.java
webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java
webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java
webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptOutputProcessor.java
webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/WSSSignatureOutputProcessor.java
Modified: webservices/wss4j/branches/2_2_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/token/BinarySecurity.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_2_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/token/BinarySecurity.java?rev=1862204&r1=1862203&r2=1862204&view=diff
==============================================================================
--- webservices/wss4j/branches/2_2_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/token/BinarySecurity.java (original)
+++ webservices/wss4j/branches/2_2_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/token/BinarySecurity.java Thu Jun 27 10:13:22 2019
@@ -21,6 +21,9 @@ package org.apache.wss4j.common.token;
import java.io.ByteArrayInputStream;
import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.UUID;
@@ -218,7 +221,11 @@ public class BinarySecurity {
element.setAttributeNS(XMLUtils.XMLNS_NS, "xmlns:xop", WSS4JConstants.XOP_NS);
Element xopInclude =
document.createElementNS(WSS4JConstants.XOP_NS, "xop:Include");
- xopInclude.setAttributeNS(null, "href", "cid:" + attachmentId);
+ try {
+ xopInclude.setAttributeNS(null, "href", "cid:" + URLEncoder.encode(attachmentId, StandardCharsets.UTF_8.name()));
+ } catch (UnsupportedEncodingException e) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
+ }
element.appendChild(xopInclude);
Attachment resultAttachment = new Attachment();
Modified: webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java?rev=1862204&r1=1862203&r2=1862204&view=diff
==============================================================================
--- webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java (original)
+++ webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java Thu Jun 27 10:13:22 2019
@@ -344,7 +344,7 @@ public class Encryptor {
}
AttachmentRequestCallback attachmentRequestCallback = new AttachmentRequestCallback();
- String id = attachmentEncryptionPart.getId().substring(4);
+ String id = AttachmentUtils.getAttachmentId(attachmentEncryptionPart.getId());
attachmentRequestCallback.setAttachmentId(id);
try {
attachmentCallbackHandler.handle(new Callback[]{attachmentRequestCallback});
Modified: webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureBase.java?rev=1862204&r1=1862203&r2=1862204&view=diff
==============================================================================
--- webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureBase.java (original)
+++ webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureBase.java Thu Jun 27 10:13:22 2019
@@ -39,6 +39,7 @@ import org.apache.wss4j.common.WSEncrypt
import org.apache.wss4j.common.ext.Attachment;
import org.apache.wss4j.common.ext.AttachmentRequestCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.AttachmentUtils;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSDocInfo;
@@ -188,7 +189,7 @@ public class WSSecSignatureBase extends
}
for (Element elementToSign : elementsToSign) {
String wsuId = setWsuId(elementToSign);
-
+
cloneElement(elementToSign);
TransformParameterSpec transformSpec = null;
@@ -239,7 +240,7 @@ public class WSSecSignatureBase extends
// Clone the Element to be signed + insert the clone into the tree at the same level
// We will expand the xop:Include for one of the nodes + sign that (and then remove it),
// while leaving the original in the tree to be sent in the message
-
+
clonedElements.add(element);
Document doc = this.getSecurityHeader().getSecurityHeaderDoc();
element.getParentNode().appendChild(WSSecurityUtil.cloneElement(doc, element));
@@ -264,7 +265,7 @@ public class WSSecSignatureBase extends
AttachmentRequestCallback attachmentRequestCallback = new AttachmentRequestCallback();
//no mime type must be set for signature:
//attachmentCallback.setResultingMimeType(null);
- String id = encPart.getId().substring(4);
+ String id = AttachmentUtils.getAttachmentId(encPart.getId());
attachmentRequestCallback.setAttachmentId(id);
try {
attachmentCallbackHandler.handle(new Callback[]{attachmentRequestCallback});
Modified: webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/transform/AttachmentContentSignatureTransform.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/transform/AttachmentContentSignatureTransform.java?rev=1862204&r1=1862203&r2=1862204&view=diff
==============================================================================
--- webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/transform/AttachmentContentSignatureTransform.java (original)
+++ webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/transform/AttachmentContentSignatureTransform.java Thu Jun 27 10:13:22 2019
@@ -22,6 +22,8 @@ import org.apache.jcp.xml.dsig.internal.
import org.apache.wss4j.common.ext.Attachment;
import org.apache.wss4j.common.ext.AttachmentRequestCallback;
import org.apache.wss4j.common.ext.AttachmentResultCallback;
+import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.AttachmentUtils;
import org.apache.wss4j.common.util.CRLFOutputStream;
import org.apache.wss4j.dom.WSConstants;
import org.apache.xml.security.c14n.CanonicalizationException;
@@ -102,7 +104,12 @@ public class AttachmentContentSignatureT
public Data transform(Data data, XMLCryptoContext context, OutputStream os) throws TransformException {
String attachmentUri = ((ApacheOctetStreamData) data).getURI();
- String attachmentId = attachmentUri.substring(4);
+ String attachmentId = null;
+ try {
+ attachmentId = AttachmentUtils.getAttachmentId(attachmentUri);
+ } catch (WSSecurityException e) {
+ throw new TransformException(e);
+ }
Attachment attachment;
if (attachmentTransformParameterSpec != null) {
Modified: webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/EncryptionUtils.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/EncryptionUtils.java?rev=1862204&r1=1862203&r2=1862204&view=diff
==============================================================================
--- webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/EncryptionUtils.java (original)
+++ webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/EncryptionUtils.java Thu Jun 27 10:13:22 2019
@@ -300,7 +300,7 @@ public final class EncryptionUtils {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK);
}
- final String attachmentId = uri.substring("cid:".length());
+ final String attachmentId = AttachmentUtils.getAttachmentId(uri);
AttachmentRequestCallback attachmentRequestCallback = new AttachmentRequestCallback();
attachmentRequestCallback.setAttachmentId(attachmentId);
@@ -364,7 +364,7 @@ public final class EncryptionUtils {
if (attachmentCallbackHandler == null) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK);
}
- final String attachmentId = xopURI.substring("cid:".length());
+ final String attachmentId = AttachmentUtils.getAttachmentId(xopURI);
AttachmentRequestCallback attachmentRequestCallback = new AttachmentRequestCallback();
attachmentRequestCallback.setAttachmentId(attachmentId);
Modified: webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java?rev=1862204&r1=1862203&r2=1862204&view=diff
==============================================================================
--- webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java (original)
+++ webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java Thu Jun 27 10:13:22 2019
@@ -44,9 +44,12 @@ import org.w3c.dom.Text;
//import com.sun.xml.internal.messaging.saaj.soap.SOAPDocumentImpl;
import java.io.ByteArrayInputStream;
+import java.io.UnsupportedEncodingException;
import java.lang.reflect.AccessibleObject;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
@@ -737,7 +740,11 @@ public final class WSSecurityUtil {
parentElement.setAttributeNS(XMLUtils.XMLNS_NS, "xmlns:xop", WSConstants.XOP_NS);
Element xopInclude =
doc.createElementNS(WSConstants.XOP_NS, "xop:Include");
- xopInclude.setAttributeNS(null, "href", "cid:" + attachmentId);
+ try {
+ xopInclude.setAttributeNS(null, "href", "cid:" + URLEncoder.encode(attachmentId, StandardCharsets.UTF_8.name()));
+ } catch (UnsupportedEncodingException e) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
+ }
parentElement.appendChild(xopInclude);
Attachment resultAttachment = new Attachment();
Modified: webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/XOPAttachmentTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/XOPAttachmentTest.java?rev=1862204&r1=1862203&r2=1862204&view=diff
==============================================================================
--- webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/XOPAttachmentTest.java (original)
+++ webservices/wss4j/branches/2_2_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/XOPAttachmentTest.java Thu Jun 27 10:13:22 2019
@@ -22,6 +22,7 @@ import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
+import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collections;
@@ -212,6 +213,59 @@ public class XOPAttachmentTest extends o
if (LOG.isDebugEnabled()) {
String outputString = XMLUtils.prettyDocumentToString(encryptedDoc);
+ LOG.debug(outputString);
+ // System.out.println(outputString);
+ }
+
+ AttachmentCallbackHandler inboundAttachmentCallback =
+ new AttachmentCallbackHandler(encryptedAttachments);
+ verify(encryptedDoc, inboundAttachmentCallback);
+
+ String processedDoc = XMLUtils.prettyDocumentToString(encryptedDoc);
+ assertTrue(processedDoc.contains(SOAP_BODY));
+ }
+
+ // See https://issues.apache.org/jira/browse/CXF-8061
+ @Test
+ public void testEncryptedSOAPBodyURLEncoding() throws Exception {
+ Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+ WSSecHeader secHeader = new WSSecHeader(doc);
+ secHeader.insertSecurityHeader();
+
+ WSSecEncrypt encrypt = new WSSecEncrypt(secHeader);
+ encrypt.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
+ encrypt.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
+
+ AttachmentCallbackHandler outboundAttachmentCallback = new AttachmentCallbackHandler();
+ encrypt.setAttachmentCallbackHandler(outboundAttachmentCallback);
+ encrypt.setStoreBytesInAttachment(true);
+
+ encrypt.getParts().add(new WSEncryptionPart("Body", "http://schemas.xmlsoap.org/soap/envelope/", "Content"));
+
+ KeyGenerator keyGen = KeyUtils.getKeyGenerator(WSConstants.AES_128);
+ SecretKey symmetricKey = keyGen.generateKey();
+ Document encryptedDoc = encrypt.build(crypto, symmetricKey);
+
+ List<Attachment> encryptedAttachments = outboundAttachmentCallback.getResponseAttachments();
+ assertNotNull(encryptedAttachments);
+ // Should have EncryptedKey + EncryptedData stored in attachments...
+ assertTrue(encryptedAttachments.size() == 2);
+
+ // Override the Attachment ID + URL encode something that will break as the Attachment ID if it is not
+ // URL encoded
+ String newId = "http://tempuri.org/1/636966400494014846";
+ String oldId = encryptedAttachments.get(1).getId();
+ encryptedAttachments.get(1).setId(newId);
+ List<Element> xopElements =
+ XMLUtils.findElements(doc.getDocumentElement(), "Include", "http://www.w3.org/2004/08/xop/include");
+ for (Element xop : xopElements) {
+ if (xop.hasAttribute("href") && xop.getAttributeNS(null, "href").equals("cid:" + oldId)) {
+ xop.setAttributeNS(null, "href", "cid:" + URLEncoder.encode(newId, StandardCharsets.UTF_8.name()));
+ }
+ }
+
+ if (LOG.isDebugEnabled()) {
+ String outputString = XMLUtils.prettyDocumentToString(encryptedDoc);
LOG.debug(outputString);
// System.out.println(outputString);
}
Modified: webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java?rev=1862204&r1=1862203&r2=1862204&view=diff
==============================================================================
--- webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java (original)
+++ webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java Thu Jun 27 10:13:22 2019
@@ -215,7 +215,7 @@ public class DecryptInputProcessor exten
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK);
}
- final String attachmentId = href.substring(4);
+ final String attachmentId = AttachmentUtils.getAttachmentId(href);
CallbackHandler attachmentCallbackHandler =
((WSSSecurityProperties) getSecurityProperties()).getAttachmentCallbackHandler();
@@ -322,7 +322,7 @@ public class DecryptInputProcessor exten
final InboundSecurityToken inboundSecurityToken = deferredAttachment.getInboundSecurityToken();
final Cipher cipher = deferredAttachment.getCipher();
final String uri = encryptedDataType.getCipherData().getCipherReference().getURI();
- final String attachmentId = uri.substring(4);
+ final String attachmentId = AttachmentUtils.getAttachmentId(uri);
CallbackHandler attachmentCallbackHandler =
((WSSSecurityProperties) getSecurityProperties()).getAttachmentCallbackHandler();
Modified: webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java?rev=1862204&r1=1862203&r2=1862204&view=diff
==============================================================================
--- webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java (original)
+++ webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureReferenceVerifyInputProcessor.java Thu Jun 27 10:13:22 2019
@@ -43,6 +43,7 @@ import org.apache.wss4j.common.ext.Attac
import org.apache.wss4j.common.ext.AttachmentRequestCallback;
import org.apache.wss4j.common.ext.AttachmentResultCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.AttachmentUtils;
import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
@@ -104,7 +105,7 @@ public class WSSSignatureReferenceVerify
);
}
- String attachmentId = referenceType.getURI().substring(4);
+ String attachmentId = AttachmentUtils.getAttachmentId(referenceType.getURI());
AttachmentRequestCallback attachmentRequestCallback = new AttachmentRequestCallback();
attachmentRequestCallback.setAttachmentId(attachmentId);
Modified: webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptOutputProcessor.java?rev=1862204&r1=1862203&r2=1862204&view=diff
==============================================================================
--- webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptOutputProcessor.java (original)
+++ webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptOutputProcessor.java Thu Jun 27 10:13:22 2019
@@ -205,7 +205,7 @@ public class EncryptOutputProcessor exte
final String externalReference = securePart.getExternalReference();
if (externalReference != null && externalReference.startsWith("cid:")) {
attachmentSecurePart = securePart;
- externalId = externalReference.substring("cid:".length());
+ externalId = AttachmentUtils.getAttachmentId(externalReference);
break;
}
}
Modified: webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/WSSSignatureOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/WSSSignatureOutputProcessor.java?rev=1862204&r1=1862203&r2=1862204&view=diff
==============================================================================
--- webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/WSSSignatureOutputProcessor.java (original)
+++ webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/WSSSignatureOutputProcessor.java Thu Jun 27 10:13:22 2019
@@ -36,6 +36,7 @@ import org.apache.wss4j.common.ext.Attac
import org.apache.wss4j.common.ext.AttachmentRequestCallback;
import org.apache.wss4j.common.ext.AttachmentResultCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.AttachmentUtils;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.impl.transformer.AttachmentContentSignatureTransform;
@@ -162,7 +163,7 @@ public class WSSSignatureOutputProcessor
}
AttachmentRequestCallback attachmentRequestCallback = new AttachmentRequestCallback();
- String id = securePart.getExternalReference().substring("cid:".length());
+ String id = AttachmentUtils.getAttachmentId(securePart.getExternalReference());
attachmentRequestCallback.setAttachmentId(id);
try {
attachmentCallbackHandler.handle(new Callback[]{attachmentRequestCallback});