You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "J.Cranendonk (JIRA)" <ji...@apache.org> on 2017/11/07 14:39:00 UTC
[jira] [Created] (CXF-7550) StaxActionInInterceptor can't function
completely with WSS4JStaxInInterceptor
J.Cranendonk created CXF-7550:
---------------------------------
Summary: StaxActionInInterceptor can't function completely with WSS4JStaxInInterceptor
Key: CXF-7550
URL: https://issues.apache.org/jira/browse/CXF-7550
Project: CXF
Issue Type: Bug
Affects Versions: 3.2.0
Reporter: J.Cranendonk
Priority: Minor
The StaxActionInInterceptor class uses [NO_SECURITY|https://github.com/apache/cxf/blob/2b5c45ebd897745c83d78a125ea554b0489f6262/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java#L76] and [OPERATION|https://github.com/apache/cxf/blob/2b5c45ebd897745c83d78a125ea554b0489f6262/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java#L79] Security events.
These are passed in the soap message under a [SecurityEvent.class.getName() + ".in" key|https://github.com/apache/cxf/blob/2b5c45ebd897745c83d78a125ea554b0489f6262/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java#L64]
The events are stored there in the [WSS4JStaxInInterceptor|https://github.com/apache/cxf/blob/2b5c45ebd897745c83d78a125ea554b0489f6262/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java#L189]. Only the events used are actually filtered out!
I assume this is a bug, or a badly documented feature :)
The reason I'm looking at this, is I wanted to use the same events in my own interceptor, but they never appeared. I think I might override the WSS4JStaxInInterceptor for now to do that.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)