You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@synapse.apache.org by Gary Snider <ga...@gmail.com> on 2008/08/08 21:49:01 UTC
Synapse Axis2FlexibleMEPClient removes AddressingHeaders?!
Just curious but why does the
org.apache.synapse.core.axis2.Axis2FlexibleMEPClient remove addressing
headers?
I've tried using synapse in proxy mode as well but here is the scenario and
why removing the headers is wrong for what we're doing:
1) A WS-Security message comes in to synapse (with wsa:MessageID signed &
referenced in the digital signature )
2) Synapse Axis2FlexibleMEPClient removes the wsa:MessageID in the original
message (Axis2FlexibleMEPClient.removeAddressingHeaders)
3) The endpoint gets the 'forwarded' request and it fails ws-security
validation. Why? Because synapse removed the wsa:MessageID which is
referenced in the digital signature!
Why even in 'transparent' proxy mode would synapse remove that? And what
are my options?
Re: Synapse Axis2FlexibleMEPClient removes AddressingHeaders?!
Posted by Ruwan Linton <ru...@gmail.com>.
Garry,
I found this same post earlier and answered on that thread, please do refer
to that...
Thanks,
Ruwan
On Sat, Aug 9, 2008 at 1:19 AM, Gary Snider <ga...@gmail.com> wrote:
> Just curious but why does the
> org.apache.synapse.core.axis2.Axis2FlexibleMEPClient remove addressing
> headers?
>
> I've tried using synapse in proxy mode as well but here is the scenario and
> why removing the headers is wrong for what we're doing:
>
> 1) A WS-Security message comes in to synapse (with wsa:MessageID signed &
> referenced in the digital signature )
> 2) Synapse Axis2FlexibleMEPClient removes the wsa:MessageID in the original
> message (Axis2FlexibleMEPClient.removeAddressingHeaders)
> 3) The endpoint gets the 'forwarded' request and it fails ws-security
> validation. Why? Because synapse removed the wsa:MessageID which is
> referenced in the digital signature!
>
> Why even in 'transparent' proxy mode would synapse remove that? And what
> are my options?
>
--
Ruwan Linton
http://wso2.org - "Oxygenating the Web Services Platform"
http://ruwansblog.blogspot.com/