You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by "M.-Leander Reimer (JIRA)" <ji...@apache.org> on 2009/06/04 18:09:07 UTC
[jira] Commented: (AXIS2-3407) MTOM with WS-Security
[ https://issues.apache.org/jira/browse/AXIS2-3407?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12716304#action_12716304 ]
M.-Leander Reimer commented on AXIS2-3407:
------------------------------------------
I am experiencing the same under Axis2 1.4.1 using Rampart 1.4.1.
Possible solution:
I have added the <optimizeParts> element to my OutflowSecurity, in my case
<parameter name="OutflowSecurity">
<action>
<items>UsernameToken</items>
<passwordType>PasswordText</passwordType>
<optimizeParts>//file/data</optimizeParts>
</action>
</parameter>
Don't know about your namespaces, I think with a policy you could do the same with something like (not sure really):
<ramp:RampartConfig>
<ramp:optimizeParts>
<ramp:expressions>
<ramp:expression>//ns1:uploadFile/ns1:data</ramp:expression>
</ramp:expressions>
<ramp:namespaces>
<nampespace uri="http://pojo.poc.adp.com" prefix="ns1"/>
</ramp:namespaces>
</ramp:optimizeParts>
</ramp:RampartConfig>
But the issue https://issues.apache.org/jira/browse/RAMPART-77 will remain, if you send large documents you will get OutOfMemory exceptions.
Regards,
Leander
> MTOM with WS-Security
> ---------------------
>
> Key: AXIS2-3407
> URL: https://issues.apache.org/jira/browse/AXIS2-3407
> Project: Axis 2.0 (Axis2)
> Issue Type: Task
> Components: kernel
> Affects Versions: 1.3
> Environment: Windows XP Professional
> Reporter: Kondala Rao Vayineni
> Priority: Critical
>
> Hi,
> I am doing a simple example with MTOM and WS-Security(Rampart). If I don't engage rampart then MTOM is working fine. But if engage rampart and use OutflowSecurity UsernameToken then MTOM is not working. In this case binery data is going as a part of body.
> Find the SOAP request in the both scenarios.
> MTOM with WS Security SOAP Request
> -----------------------------------
> POST /axis2/services/PayloadTransport?wsdl HTTP/1.1
> Content-Type: multipart/related; boundary=MIMEBoundaryurn_uuid_B98B9F8C95A886E8931197587620317; type="application/xop+xml"; start="0.urn:uuid:B98B9F8C95A886E8931197587620318@apache.org"; start-info="application/soap+xml"; action="urn:uploadFile"
> User-Agent: Axis2
> Host: 10.50.25.230:8082
> Transfer-Encoding: chunked
> 57b
> --MIMEBoundaryurn_uuid_B98B9F8C95A886E8931197587620317
> Content-Type: application/xop+xml; charset=UTF-8; type="application/soap+xml"
> Content-Transfer-Encoding: binary
> Content-ID: <0....@apache.org>
> <?xml version='1.0' encoding='UTF-8'?>
> <soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope" xmlns:wsa="http://www.w3.org/2005/08/addressing">
> <soapenv:Header>
> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="true">
> <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-29420695">
> <wsse:Username>kondala</wsse:Username>
> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">kondala</wsse:Password>
> </wsse:UsernameToken>
> </wsse:Security>
> <wsa:To>http://10.50.25.230:8082/axis2/services/PayloadTransport?wsdl</wsa:To>
> <wsa:MessageID>urn:uuid:B98B9F8C95A886E8931197587620034</wsa:MessageID>
> <wsa:Action>urn:uploadFile</wsa:Action>
> </soapenv:Header>
> <soapenv:Body>
> <ns1:uploadFile xmlns:ns1="http://pojo.poc.adp.com">
> <ns1:data>QSBzYW1wbGUgTVRPTSBBdHRhY2htZW50</ns1:data>
> <ns1:fileName>xmlrules.xml.upload</ns1:fileName>
> </ns1:uploadFile>
> </soapenv:Body>
> </soapenv:Envelope>--MIMEBoundaryurn_uuid_B98B9F8C95A886E8931197587620317--0
> ---------------------------------
> MTOM without WS Security SOAP Request
> -----------------------------------
> POST /axis2/services/PayloadTransport?wsdl HTTP/1.1
> Content-Type: multipart/related; boundary=MIMEBoundaryurn_uuid_9E8BD1C1934D690B4E1197587662146; type="application/xop+xml"; start="0.urn:uuid:9E8BD1C1934D690B4E1197587662147@apache.org"; start-info="application/soap+xml"; action="urn:uploadFile"
> User-Agent: Axis2
> Host: 10.50.25.230:8082
> Transfer-Encoding: chunked
> 4c9
> --MIMEBoundaryurn_uuid_9E8BD1C1934D690B4E1197587662146
> Content-Type: application/xop+xml; charset=UTF-8; type="application/soap+xml"
> Content-Transfer-Encoding: binary
> Content-ID: <0....@apache.org>
> <?xml version='1.0' encoding='UTF-8'?>
> <soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope" xmlns:wsa="http://www.w3.org/2005/08/addressing">
> <soapenv:Header>
> <wsa:To>http://10.50.25.230:8082/axis2/services/PayloadTransport?wsdl</wsa:To>
> <wsa:MessageID>urn:uuid:9E8BD1C1934D690B4E1197587661942</wsa:MessageID>
> <wsa:Action>urn:uploadFile</wsa:Action>
> </soapenv:Header>
> <soapenv:Body>
> <ns1:uploadFile xmlns:ns1="http://pojo.poc.adp.com">
> <ns1:data>
> <xop:Include href="cid:1.urn:uuid:9E8BD1C1934D690B4E1197587662257@apache.org" xmlns:xop="http://www.w3.org/2004/08/xop/include" />
> </ns1:data>
> <ns1:fileName>xmlrules.xml.upload</ns1:fileName>
> </ns1:uploadFile>
> </soapenv:Body>
> </soapenv:Envelope>--MIMEBoundaryurn_uuid_9E8BD1C1934D690B4E1197587662146Content-Type: application/octet-streamContent-Transfer-Encoding: binaryContent-ID:
> <1....@apache.org>A sample MTOM Attachment--MIMEBoundaryurn_uuid_9E8BD1C1934D690B4E1197587662146--0
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.