You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Daniel Kulp (JIRA)" <ji...@apache.org> on 2017/03/23 18:29:41 UTC
[jira] [Updated] (CXF-6443) CXF streaming-enabled web service
cannot process MTOM/XOP-optimized content within a CipherValue element
[ https://issues.apache.org/jira/browse/CXF-6443?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Daniel Kulp updated CXF-6443:
-----------------------------
Component/s: WS-* Components
> CXF streaming-enabled web service cannot process MTOM/XOP-optimized content within a CipherValue element
> --------------------------------------------------------------------------------------------------------
>
> Key: CXF-6443
> URL: https://issues.apache.org/jira/browse/CXF-6443
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 3.0.5
> Reporter: Dallas Vaughan
> Assignee: Colm O hEigeartaigh
>
> _The DOM-based fix for this issue was implemented for [CXF-6409|https://issues.apache.org/jira/browse/CXF-6409]_
> When a CXF WS-Security streaming-enabled web service endpoint is configured to use WS-Security and MTOM, CXF cannot handle requests from .NET and Metro clients because it cannot process {{xop:Include}} elements that are children of {{enc:CipherValue}} elements, as both of these clients will optimize any large encrypted (base64-encoded binary) content by serializing it as a MIME part.
> For example, when a Metro MTOM-optimized WS-Security-based request is sent to a CXF endpoint, the following exception is thrown within {{org.apache.xml.security.stax.impl.processor.input.AbstractDecryptInputProcessor$DecryptionThread.run()}}:
> {code}org.apache.xml.security.exceptions.XMLSecurityException: Unexpected StAX-Event: START_ELEMENT{code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)