You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Frizz <fr...@googlemail.com> on 2014/07/02 16:48:51 UTC

Re: wsse:Security: MustUnderstand headers are not understood

Is there a way to ignore ALL mustUnderstand?

E.g. not matter if the Consumer sends:
"http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"
or:
"
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
"
or whatever.




On Thu, Jun 26, 2014 at 11:34 AM, Colm O hEigeartaigh <co...@apache.org>
wrote:

> You can just copy the approach the WSS4JInInterceptor does. In particular
> take a look at the subclass:
>
>
> https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob_plain;f=rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java;hb=HEAD
>
> So write an interceptor that implements SoapInterceptor, and add in
> something like:
>
>  private static final Set<QName> HEADERS = new HashSet<QName>();
>     static {
>         HEADERS.add(new QName(WSConstants.WSSE_NS, "Security"));
>         HEADERS.add(new QName(WSConstants.WSSE11_NS, "Security"));
>     }
>  }
>
>  public Set<QName> getUnderstoodHeaders() {
>    return HEADERS;
>  }
>
> Colm.
>
>
>
>
>
>
> On Thu, Jun 26, 2014 at 8:45 AM, Frizz <fr...@googlemail.com> wrote:
>
> > I have a Consumer that sends messages with Security enabled, so something
> > like this:
> >
> > <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
> >     <soap:Header>
> >     ...
> >         <wsse:Security xmlns:wsse="
> >
> >
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> > "
> > xmlns:wsu="
> >
> >
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> > "
> > soap:mustUnderstand="1">
> >             ...
> >         </wsse:Security>
> >     </soap:Header>
> >     ...
> > </soap:Envelope>
> >
> >
> > My Provider has NO Security enabled, but I'd like to process those
> messages
> > anyway (please don't ask why ;-)
> >
> > Of course I get a "MustUnderstand headers are not understood" exeption.
> >
> > Setting mustUnderstand="0" in the Consumer code would solve this problem
> -
> > but is not an option.
> >
> > Question:
> > - Can I "patch" this mustUnderstand from 1 to 0 using an Interceptor on
> the
> > Provider side?
> > - Could I use a dummy handler that marks ALL headers as 'understood'? How
> > would I do this?
> >
>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>