You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "J.Cranendonk (JIRA)" <ji...@apache.org> on 2017/11/07 14:39:00 UTC

[jira] [Created] (CXF-7550) StaxActionInInterceptor can't function completely with WSS4JStaxInInterceptor

J.Cranendonk created CXF-7550:
---------------------------------

             Summary: StaxActionInInterceptor can't function completely with WSS4JStaxInInterceptor
                 Key: CXF-7550
                 URL: https://issues.apache.org/jira/browse/CXF-7550
             Project: CXF
          Issue Type: Bug
    Affects Versions: 3.2.0
            Reporter: J.Cranendonk
            Priority: Minor


The StaxActionInInterceptor class uses [NO_SECURITY|https://github.com/apache/cxf/blob/2b5c45ebd897745c83d78a125ea554b0489f6262/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java#L76] and [OPERATION|https://github.com/apache/cxf/blob/2b5c45ebd897745c83d78a125ea554b0489f6262/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java#L79] Security events.

These are passed in the soap message under a [SecurityEvent.class.getName() + ".in" key|https://github.com/apache/cxf/blob/2b5c45ebd897745c83d78a125ea554b0489f6262/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java#L64]

The events are stored there in the [WSS4JStaxInInterceptor|https://github.com/apache/cxf/blob/2b5c45ebd897745c83d78a125ea554b0489f6262/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java#L189]. Only the events used are actually filtered out!
I assume this is a bug, or a badly documented feature :)

The reason I'm looking at this, is I wanted to use the same events in my own interceptor, but they never appeared. I think I might override the WSS4JStaxInInterceptor for now to do that.






--
This message was sent by Atlassian JIRA
(v6.4.14#64029)