You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2019/07/02 14:03:00 UTC

[jira] [Commented] (CXF-8051) Request gets corrupted when calling a stateful streamed secure conversation

    [ https://issues.apache.org/jira/browse/CXF-8051?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16877001#comment-16877001 ] 

Colm O hEigeartaigh commented on CXF-8051:
------------------------------------------

I created a pull request for an initial attempt at solving this problem:

[https://github.com/apache/cxf/pull/564]

Here the code inlines any attachment bytes for a SecurityContextToken if MTOM is enabled. I can't test it though as I have no reproducible testcase. Any chance you could apply the change locally + see if it works (or if not where it fails)?

 

> Request gets corrupted when calling a stateful streamed secure conversation
> ---------------------------------------------------------------------------
>
>                 Key: CXF-8051
>                 URL: https://issues.apache.org/jira/browse/CXF-8051
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-WS Runtime
>    Affects Versions: 3.3.2
>         Environment: The request is running in a console application hosted in Netbeans on Windows Server 2012 R2. The service is a .NET WCF service on Windows Server 2012 R2.
>            Reporter: Henning Normann
>            Assignee: Colm O hEigeartaigh
>            Priority: Major
>         Attachments: EcBad.txt, EcGood.txt, ResponseFromSecurityTokenService.txt
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> The request to a streamed secure conversation web service gets corrupted if the service (.NET WCF) is configured as stateless (with a stateful token carrying the state in soap cookies). If the service as configured as stateful (no soap cookies), the request is valid.
> Updated 2nd time: When the request is streamed, CXF doesn't stream the payload of the content of the token cookie, and the reference from the cookie is "unresolved". When the request is not-streamed, the cookie payload is included as base64 inside the cookie element, and everything works fine. The attached formatted requests EcBad.txt (failing from CXF) and EcGood.txt (valid request from a .NET WCF client) show the issue.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)