You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cxf.apache.org by Paul Avijit <pa...@yahoo.com> on 2014/04/23 20:45:19 UTC
MTOM with WS-Security (X.509)
Hi,
I have a CXF Web Service with MTOM (separate operations for upload and download) and WS-Security (UsernameToken Timestamp Signature Encrypt).
Both upload and download operation with MTOM works fine when tested using CXF client.
When testing with SoapUI, download operation works fine.
There are no errors even for upload operation but the Web Service is not able to read the attached file. SoapUI is sending a well formed SOAP message with MTOM attachment. When SOAP message is sent by SoapUI to CXF Service, the service is able to:
1. Decrypt the message
2. Verify signature
3. Verify Timestamp
4. Verify Username token
5. Read all data elements in the SOAP body
6. Response back with a SOAP message (with Timestamp Signature Encrypt)
SoapUI is able to Decrypt, verify signature and timestamp.
Following are my CXF service In/Out Interceptors:
<bean id="UT_TimestampSignEncrypt_Request" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken Timestamp Signature Encrypt"/>
<entry key="passwordType" value="PasswordDigest"/>
<entry key="passwordCallbackRef" value-ref="myKeystorePasswordCallback"/>
<entry key="signaturePropFile" value="serviceKeystore.properties"/>
<entry key="signatureAlgorithm" value="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<entry key="decryptionPropFile" value="serviceKeystore.properties"/>
<entry key="encryptionKeyTransportAlgorithm" value="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</map>
</constructor-arg>
</bean>
<bean id="TimestampSignEncrypt_Response" class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<constructor-arg>
<map>
<entry key="action" value="Timestamp Signature Encrypt"/>
<entry key="timeToLive" value="10" />
<entry key="passwordCallbackRef" value-ref="myKeystorePasswordCallback"/>
<entry key="user" value="myservicekey"/>
<entry key="signaturePropFile" value="serviceKeystore.properties"/>
<entry key="signatureParts" value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://www.w3.org/2003/05/soap-envelope}Body"/>
<entry key="signatureAlgorithm" value="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<entry key="encryptionPropFile" value="serviceKeystore.properties"/>
<entry key="encryptionUser" value="useReqSigCert"/>
<entry key="encryptionParts" value="{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://www.w3.org/2003/05/soap-envelope}Body"/>
<entry key="encryptionSymAlgorithm" value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<entry key="encryptionKeyTransportAlgorithm" value="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</map>
</constructor-arg>
<property name="allowMTOM" value="true"/>
</bean>
But the CXF service is not able to read the file content which was uploaded as MTOM attachment. Is this a bug in CXF. Can the CXF experts in this mailing list, please help. Thanks in advance.
The SOAP message sent by SoapUI is present below:
INFO: Inbound Message
----------------------------
ID: 12
Address: http://localhost:7001/bes-hc-poc-caqhcore-web/services/Core
Encoding: ISO-8859-1
Http-Method: POST
Content-Type: multipart/related; type="application/soap+xml"; start="<ro...@soapui.org>"; boundary="----=_Part_16_808161854.1398278190760"
Headers: {accept-encoding=[gzip,deflate], connection=[Keep-Alive], Content-Length=[9093], content-type=[multipart/related; type="application/soap+xml"; start="<ro...@soapui.org>"; boundary="----=_Part_16_808161854.1398278190760"], Host=[localhost:7001], MIME-Version=[1.0], User-Agent=[Apache-HttpClient/4.1.1 (java 1.5)]}
Payload:
------=_Part_16_808161854.1398278190760
Content-Type: application/soap+xml; charset=UTF-8
Content-Transfer-Encoding: 8bit
Content-ID: <ro...@soapui.org>
<soap:Envelope xmlns:cor="http://www.caqh.org/SOAP/WSDL/CORERule2.2.0.xsd" xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
<soap:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><xenc:EncryptedKey Id="EK-E2522E1F1FA164BE57139827819075593" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference><wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">MIIBnzCCAQigAwIBAgIEU05SjzANBgkqhkiG9w0BAQUFADAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTQwNDE2MDk1MTExWhcNMTYwNDE1MDk1MTExWjAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAImydZjGWfawadlhFR5DCXEA704TmG9NVbIkmGZugNDH9NHOrnEpk9SAaaZ63lpy9Buow0dJZnlVvZao/LEGJSyFdHrL+gNQU0F1UF+dGsHSKV0PZw/7miH0qWEb9x7aSpK7RAsWAdLUGRbSQgQ3NgfJuExLjEc1ThXWEWO/DmENAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAg7aSHDXDuOgUU2qeg7T+VwCisz1EtJUSCS8Zb958+lRBpe2kbphqbcFsrLVB10/05ogx7s8G8w+73v6+HBUksf9GbPM/C9yaSdg1JmJ6mNO9NwxvJzD1HrAZ7bVCLy1YzXAmcF4QCny+tRrzTceEC4lI1cw+PqmjXPeGetw0YmI=</wsse:KeyIdentifier></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>CUVqfx2tci9+qt9k2KQjWSjoUcAWU35jozfAqmGwy6B2PuolHuVPBuHmV1lF58sLlH0dFXr1twywlJfOdwg/wIem5qfPENxNB9U8A+gAqDUpRrOE88kvJ4LUk0ksplhp+rcpSCm3Kt0EvIe9RMSCbJLTwkp6LUT87cvE63kT87E=</xenc:CipherValue></xenc:CipherData>
<xenc:ReferenceList><xenc:DataReference URI="#ED-133"/><xenc:DataReference URI="#ED-134"/></xenc:ReferenceList></xenc:EncryptedKey><xenc:EncryptedData Id="ED-133" Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"><wsse:Reference
URI="#EK-E2522E1F1FA164BE57139827819075593"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>gKCxK4+oKTcIelErCFz/EljSnr3IQ0XUZmt/WW0fl5AntuJOFQxFQg7gbGwUYpeI1o5vAFyyANS4jcOSJEna9HQmpVG5ZQsmkp8yoimyANdP4MteGWT3OPPlXjDxOkD3Th9k+QojobToSAiVaC+EEHeENycDJF0qg/IxFxu7E/+MMjaK7oeNnHING5CiyRyNqGI+N/PUmrVFp4AhgpKpyv4PddkKxsm7/aR1A2vF2t6BO7TSrkKyrLeTvGcC7zZspkPXNlT2WD7nYKEO25TLMge3EEmQYCDIHrKOx+cOIpOOp+Oh1b5QV5/hTdObLHxVtkabCl9+ggJelghoT2zBrPl4C8GCpLGPP9CqSxie19uSP4eIg6qnJ/mdlg/grY/bX1qdV7GNLkj0lGst4gMJ0Z6rrrveRMszhP4J4O3E5OrKaXLo455aQEpOX8BV4cjXnXcwS+mLd4M7KOus402sCEE8LbX8/D4Wa+qgmyZ4FElRIdkbERL29UxFbN8FgjLUMHugCppZyutgHUdJor6TazixqlAfKxOYtkjp35+KEQtIiOfPbr+v8e73DmvJOi4kSY8RyVFfm6fR2WWpzy/QW1zt12jPVo7tIwjDepGIMDrQ50r8rErWSAoWLn6zSVZb+B+LntvK8i5sMwaHEasedsI8lGEtfj6WySUTGDw4NYsBLYEXrsZX2RCp9FzGlmjLc5CkHi5AeYczqF3QP7i5IvsJFakzC770zyYPnIWDjUfIsOKzZAtP9K1KmU6KMw6t8bAYNUiWxgHcQqvbgRf8O8HUHrUYI/3GG959mKm1OvodFuAqMQK7DHQ6dY2Ltfkzfi/ZYx5oFci
GiH8WTcJmOHFoqR/llOHeFhuuJx6E3hDr1v6UjWjLt17VTbaAuu917wsc36sMffgcDBafxsL2I/XM8FbwUUGkI+jvot14QIdkguuiHehSvulLWaC6Fg8uAZnvFFlV8hyJ9axL+YTk7Kj01/uW93b3NMd3kECiirdJmZjrJQP1zthrLB834xUVjp6xOJ8UooB859IMOS+RlgWfZRKJ/aQJKYQGydrAsn8zO5M0gRtgVpWLajqPI0adEX8JXoRkmganr9zwQc6aXcoroWnwRkw1yY118JprXtW4SXbvPF2t2cv9/mJ0Wi/GQ50yxqUncvlSxiRcdfrvGCsz6TEeu1Dm99t73rscTq3yHCxJJVZ5bffaN36ApeT7IGLKPkDLxECoSkiVItdqpfI1hjXUvcIg7R+Sg8OtVTGshny7di6p7wlfWmThcrMph4IoRazzmAXrs3bsTiGM4Gk1YXjos5655Rf2/UAjkxilAAYW/pHAyqEMckwnNj3jhP9azuq0vNL9334LEuiQY+VDJ59d9oonfaCw88EdkZYJcYKFgXv/SOL+mncXeFwnH3CWGhu+todn4Av/QyWJ4SVAttAgwR85IctTMSt7b0wPhX3CDQ/8HvPuYTW4hco7Zp3TNzGId0YXxJaKeuakGxWAk6Sh8d9lRISjLgZRDndq7Zw2fiIUkI6jlKGR2uiNJoK5vqx6CuBvfEOOkP9V+881H1qXD4Xu6LQqz3427P0tyL2Zs/XVzuFY9uS44nriOHHskHOSIlOcijEdyarE0yZTnrJD3Vbb7Vnp9VCHIq6UWzhb48Rth1HSQzrD7CMMB8BBmCPfScYXoUgfdvSaN+7tFKLiNdWDi3fbFfmFA5oJKJ6zV4dzF9M0gWWK0QHINDzdrZUJIx/cGgsODZvG1z6VATmY9EGbDi3Iw1J/RnKgJ1r9IQlf7Gs7wYL+UZVcSLy5IG4Ny5dcvQyPFN
3OzWx7HwNNPYiW9sEBE8UNT3+gIgkRYxHCkRa1ZZ66BrRQ/Nj17gAELu48DTR2mRYMvvIeoXS9e6xHD0HcfqCNzBo9QATzEVghrptcQY9qCcpEOGd6jQ6nEWp/3je1pk0umMAT5ls3iDsAvj5D1MCLKA5BjU/4OGltSJBlEjouC7r442xPI9X9QqvE1PLT1ScKRUG+l7o9CJf08NjK23SFdbml4ZYNfL1Go/CbMrWJmy5qRgmkD2/BUj6WewVUfd0yEhYM1qhVYkZPX3dLbBTltoj6GjK4cr1Rwostz+zwYF9DbnltFOANPSAkNdZmkXo1gBfBt+GKis/diftnSgflKm2tQqH27mUdzfZkOex3pEdh5yaiZbxO7bYQwveDvpCnzBn8CfaWWDwi4kZ79ND1A75hvW+z6pqlEgavm4C9X+xgobjfhOe9xQtzY8P5NEMEvIFDXorGWciz5y6RJk6SVlvADF53+8VGWkt62OBXIP6QhoF9u2Q1i429rgUDJRJ/XA2yX9u9cf7WpXWzp+5pxBiP54MhD9AVUnZ0W48iKTIiKACgteq+no0qprQRXhT47EdWxfnjbaEd4AyM6xioFLzuTOz6E5EkDw0hEIzmukJIDJiY48E+ggJEiuUhCKeyjIy1SXiL1FqYFFSKsAswwt9v+yDCDZGM8HpEn4bTugFOnqRT5x98iHn8IBTY6nb+BVyluGLIJtBLncZHKiPFlk7khDswrEpc3zeoXw+PPU1h8SAQiOK8XwARN9GNQA+QYKeFt5j8favMdqzNdBKPPs0FXnrhq3I7iCYeu6w9mAtnfkCIouRQSshMGtQ3uRGH06eGxFwPiSiBx/MKCx2Z9P31nuNLnyhHkwCym9yd4qrY8TLewpb4SEMjXZ5RbfFGN2muLDMeC4MAbj8cezgIZNDiwE4zTZjESjnw3B3AR1ZoGtY+rLwi8AtyV5eT9tDYbLLq2
e5QHIKoyg8ZilEcWkW1jRyiuqLAvjI//urz6O6MvX5G4XQhhaT5MF52BWcdE5WUwYBLY8Qdst4Y9qioj1r8WytNtTJTceqEImuFTImcL8GhbDLnX72CFRkMVM24sUprMPDpvISB60DOid+KsYSgmWnGOC+pgkylDMVLcmIMTSESGOtrFFvemltbv3LwAjj5qNEi6cwsZjhPNra9I4UU+Za430NKYBugVAlRR738UrOtktmRwY7DSXpc1MWQVoBJUpggIoL1kbQ1wSirP8TWerBxGB1rincrSNOec56iAq+Jzfxz3g2ijjdwJ8dJTG7SQbsCA8wUYbssH0KVKPNnOeb2YbfGGDQYQYGpXnq4DOfU4rvD4uw2dazNy4kp301ewZ+i7nS+d9IaO53Bgr0g/iVR+NUw5XZQ/H08Z7You8tVCfnNQE6+CzZasGiqmfyK22ANJF5zHQChA9RIr2hXPzd0brfoxfHv81Mqnf70w93zq7tEP/AdeWfhq19HzjcubibADVrXfutcbG4jlyY2bP/2nmPzDv8PfRNnNp/8t43UHbzPE6e4y/BPtdoyxCRNikubbqU0W1y54YcTHHg5qai6oQYldaTtw3uaRwZSBeV/+cB7mjmQdHUImvXKpE60jN61dj5eQumFBOC9y0sYBrYH7NljMJMkFE9RojJhGQbHxsXmM5C+a9DPYnCQpYkusCCgyc4iQyUIC3XMr+PrvnLf8nQQo7Ub8YCVYkuS7TRj3gNtfuOMd64ibMUR9Eb5EDksm7ft/Y4m+0qYaiw7vxtAWgjeTGJ7Ginf3nFS7BRDfgTMk+04LwjiwwqK6+ex28RYoKdjpLNwabIxic0SqaI0EC9LEzGIe34CsrsXg8gqBMA1tr5b8eNIkU504SRXcvfRhUKHPwFEhjcuoJWeO/r9xSi2Ng4B/bTp/0CneT9djjG7agfnDnknA8s+Sn+Sw3gx7WnV
</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData><wsu:Timestamp wsu:Id="TS-130"><wsu:Created>2014-04-23T18:36:30.742Z</wsu:Created><wsu:Expires>2014-04-23T18:36:35.742Z</wsu:Expires></wsu:Timestamp><wsse:UsernameToken wsu:Id="UsernameToken-129"><wsse:Username>POC-Username</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">tCrB/vJpre8aByMQKsrZ3I6e//M=</wsse:Password><wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">1ytxvtj+pZkkAP65sxkoQg==</wsse:Nonce><wsu:Created>2014-04-23T18:36:30.741Z</wsu:Created></wsse:UsernameToken></wsse:Security></soap:Header>
<soap:Body wsu:Id="id-131" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><xenc:EncryptedData Id="ED-134" Type="http://www.w3.org/2001/04/xmlenc#Content" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"><wsse:Reference
URI="#EK-E2522E1F1FA164BE57139827819075593"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>Q3xcabuAsMPxc623YPtXNXPewOg1Zew2i5lc6pCZSFW93gu8t8Q2S5GsP+J0sHFXbHVdU2KwiBSZGReK0oAa3U73oHs5T2YB2Ib0x7C9Ygi2amt1WU3mP782znUWdAaKlsS7U+/hY6PJOHc6WGUQP/sqW6ncZ20VquVsw7ZGBAcxYluUAahzxGlyDD2v9rmBSK7hX+uFe93avwg4vJbsCqhaBrN1gkvbWBC0gDg+Pybm1CIgf3tfOmfNmY0qESuw3ljljMy8zMpRb/qfHdf2wLDkrs+0vs26C0qotXhKKS+4i9qUGg3HaGM/sCl4rcCM+/HNYL9c1am+vJsKfhBu8fEewCQEJui+spPUxIRYM2cp9GpZOL0pK2M9V3BT/9inuJzxj8V3ckp1f3S9fuFk8vgZNfYCHtQXmajtJ4MWOlMeHE2KtcSpRLuFbLDGn0DNtugZx7aonheKIRpXNYqBskAwSETWpIxGMvoLYnH9PIjB3T4HUB+4mwc724PJ1wVMDwu45zVeO4pUNeL7XQ98gfMC+C0tfitDIBOv75d/YsgigMnc+sGKBtoX4Y7F6j1tEM4BdqA58S/AEyRoMdOoRVP4YJq+VTRbetIVIutpBK+nJGJ7MweDlkLZT7+sxEHoptqLLDfZg7Y/cwL7ro0S4UxVz7I2H2dZo26D5r/nhGzhzLei5VvNYvEG/YYSUyE1uuR/sGxzxavFQ2ssA72RltMqy5C9z5y5</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></soap:Body>
</soap:Envelope>
------=_Part_16_808161854.1398278190760
Content-Type: text/plain; charset=us-ascii; name=test.txt
Content-Transfer-Encoding: 7bit
Content-ID: <85277029681>
Content-Disposition: attachment; name="test.txt"; filename="test.txt"
This is Test file for testing MTOM File Upload...
------=_Part_16_808161854.1398278190760--
--------------------------------------
Regards
Paul
Re: MTOM with WS-Security (X.509)
Posted by Paul Avijit <pa...@yahoo.com>.
Hi,
Please help on this topic.
When CXF is not at both ends of the wire, MTOM upload is not working with WS-Security. I am testing a CXF Web service with SoapUI. It works fine when CXF is at both ends of the wire.
Is this a CXF issue or a SoapUI issue. I can see SoapUI constructing a valid input SOAP message but Service after receiving request is not able to read the MTOM attachment.
Regards
Paul
On Wednesday, April 23, 2014 2:45 PM, Paul Avijit <pa...@yahoo.com> wrote:
Hi,
I have a CXF Web Service with MTOM (separate operations for upload and download) and WS-Security (UsernameToken Timestamp Signature Encrypt).
Both upload and download operation with MTOM works fine when tested using CXF client.
When testing with SoapUI, download operation works fine.
There are no errors even for upload operation but the Web Service is not able to read the attached file. SoapUI is sending a well formed SOAP message with MTOM attachment. When SOAP message is sent by SoapUI to CXF Service, the service is able to:
1. Decrypt the message
2. Verify signature
3. Verify Timestamp
4. Verify Username token
5. Read all data elements in the SOAP body
6. Response back with a SOAP message (with Timestamp Signature Encrypt)
SoapUI is able to Decrypt, verify signature and timestamp.
Following are my CXF service In/Out Interceptors:
<bean id="UT_TimestampSignEncrypt_Request" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken Timestamp Signature Encrypt"/>
<entry key="passwordType" value="PasswordDigest"/>
<entry key="passwordCallbackRef" value-ref="myKeystorePasswordCallback"/>
<entry key="signaturePropFile" value="serviceKeystore.properties"/>
<entry key="signatureAlgorithm" value="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<entry key="decryptionPropFile" value="serviceKeystore.properties"/>
<entry key="encryptionKeyTransportAlgorithm" value="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</map>
</constructor-arg>
</bean>
<bean id="TimestampSignEncrypt_Response" class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<constructor-arg>
<map>
<entry key="action" value="Timestamp Signature Encrypt"/>
<entry key="timeToLive" value="10" />
<entry key="passwordCallbackRef" value-ref="myKeystorePasswordCallback"/>
<entry key="user" value="myservicekey"/>
<entry key="signaturePropFile" value="serviceKeystore.properties"/>
<entry key="signatureParts" value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://www.w3.org/2003/05/soap-envelope}Body"/>
<entry key="signatureAlgorithm" value="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<entry key="encryptionPropFile" value="serviceKeystore.properties"/>
<entry key="encryptionUser" value="useReqSigCert"/>
<entry key="encryptionParts" value="{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://www.w3.org/2003/05/soap-envelope}Body"/>
<entry key="encryptionSymAlgorithm" value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<entry key="encryptionKeyTransportAlgorithm" value="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</map>
</constructor-arg>
<property name="allowMTOM" value="true"/>
</bean>
But the CXF service is not able to read the file content which was uploaded as MTOM attachment. Is this a bug in CXF. Can the CXF experts in this mailing list, please help. Thanks in advance.
The SOAP message sent by SoapUI is present below:
INFO: Inbound Message
----------------------------
ID: 12
Address: http://localhost:7001/bes-hc-poc-caqhcore-web/services/Core
Encoding: ISO-8859-1
Http-Method: POST
Content-Type: multipart/related; type="application/soap+xml"; start="<ro...@soapui.org>"; boundary="----=_Part_16_808161854.1398278190760"
Headers: {accept-encoding=[gzip,deflate], connection=[Keep-Alive], Content-Length=[9093], content-type=[multipart/related; type="application/soap+xml"; start="<ro...@soapui.org>"; boundary="----=_Part_16_808161854.1398278190760"], Host=[localhost:7001], MIME-Version=[1.0], User-Agent=[Apache-HttpClient/4.1.1 (java 1.5)]}
Payload:
------=_Part_16_808161854.1398278190760
Content-Type: application/soap+xml; charset=UTF-8
Content-Transfer-Encoding: 8bit
Content-ID: <ro...@soapui.org>
<soap:Envelope xmlns:cor="http://www.caqh.org/SOAP/WSDL/CORERule2.2.0.xsd" xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
<soap:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><xenc:EncryptedKey Id="EK-E2522E1F1FA164BE57139827819075593" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference><wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">MIIBnzCCAQigAwIBAgIEU05SjzANBgkqhkiG9w0BAQUFADAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTQwNDE2MDk1MTExWhcNMTYwNDE1MDk1MTExWjAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAImydZjGWfawadlhFR5DCXEA704TmG9NVbIkmGZugNDH9NHOrnEpk9SAaaZ63lpy9Buow0dJZnlVvZao/LEGJSyFdHrL+gNQU0F1UF+dGsHSKV0PZw/7miH0qWEb9x7aSpK7RAsWAdLUGRbSQgQ3NgfJuExLjEc1ThXWEWO/DmENAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAg7aSHDXDuOgUU2qeg7T+VwCisz1EtJUSCS8Zb958+lRBpe2kbphqbcFsrLVB10/05ogx7s8G8w+73v6+HBUksf9GbPM/C9yaSdg1JmJ6mNO9NwxvJzD1HrAZ7bVCLy1YzXAmcF4QCny+tRrzTceEC4lI1cw+PqmjXPeGetw0YmI=</wsse:KeyIdentifier></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>CUVqfx2tci9+qt9k2KQjWSjoUcAWU35jozfAqmGwy6B2PuolHuVPBuHmV1lF58sLlH0dFXr1twywlJfOdwg/wIem5qfPENxNB9U8A+gAqDUpRrOE88kvJ4LUk0ksplhp+rcpSCm3Kt0EvIe9RMSCbJLTwkp6LUT87cvE63kT87E=<
/xenc:CipherValue></xenc:CipherData><xenc:ReferenceList><xenc:DataReference URI="#ED-133"/><xenc:DataReference URI="#ED-134"/></xenc:ReferenceList></xenc:EncryptedKey><xenc:EncryptedData Id="ED-133" Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"><wsse:Reference
URI="#EK-E2522E1F1FA164BE57139827819075593"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>gKCxK4+oKTcIelErCFz/EljSnr3IQ0XUZmt/WW0fl5AntuJOFQxFQg7gbGwUYpeI1o5vAFyyANS4jcOSJEna9HQmpVG5ZQsmkp8yoimyANdP4MteGWT3OPPlXjDxOkD3Th9k+QojobToSAiVaC+EEHeENycDJF0qg/IxFxu7E/+MMjaK7oeNnHING5CiyRyNqGI+N/PUmrVFp4AhgpKpyv4PddkKxsm7/aR1A2vF2t6BO7TSrkKyrLeTvGcC7zZspkPXNlT2WD7nYKEO25TLMge3EEmQYCDIHrKOx+cOIpOOp+Oh1b5QV5/hTdObLHxVtkabCl9+ggJelghoT2zBrPl4C8GCpLGPP9CqSxie19uSP4eIg6qnJ/mdlg/grY/bX1qdV7GNLkj0lGst4gMJ0Z6rrrveRMszhP4J4O3E5OrKaXLo455aQEpOX8BV4cjXnXcwS+mLd4M7KOus402sCEE8LbX8/D4Wa+qgmyZ4FElRIdkbERL29UxFbN8FgjLUMHugCppZyutgHUdJor6TazixqlAfKxOYtkjp35+KEQtIiOfPbr+v8e73DmvJOi4kSY8RyVFfm6fR2WWpzy/QW1zt12jPVo7tIwjDepGIMDrQ50r8rErWSAoWLn6zSVZb+B+LntvK8i5sMwaHEasedsI8lGEtfj6WySUTGDw4NYsBLYEXrsZX2RCp9FzGlmjLc5CkHi5AeYczqF3QP7i5IvsJFakzC770zyYPnIWDjUfIsOKzZAtP9K1KmU6KMw6t8bAYNUiWxgHcQqvbgRf8O8HUHrUYI/3GG959mKm1OvodFuAq
MQK7DHQ6dY2Ltfkzfi/ZYx5oFciGiH8WTcJmOHFoqR/llOHeFhuuJx6E3hDr1v6UjWjLt17VTbaAuu917wsc36sMffgcDBafxsL2I/XM8FbwUUGkI+jvot14QIdkguuiHehSvulLWaC6Fg8uAZnvFFlV8hyJ9axL+YTk7Kj01/uW93b3NMd3kECiirdJmZjrJQP1zthrLB834xUVjp6xOJ8UooB859IMOS+RlgWfZRKJ/aQJKYQGydrAsn8zO5M0gRtgVpWLajqPI0adEX8JXoRkmganr9zwQc6aXcoroWnwRkw1yY118JprXtW4SXbvPF2t2cv9/mJ0Wi/GQ50yxqUncvlSxiRcdfrvGCsz6TEeu1Dm99t73rscTq3yHCxJJVZ5bffaN36ApeT7IGLKPkDLxECoSkiVItdqpfI1hjXUvcIg7R+Sg8OtVTGshny7di6p7wlfWmThcrMph4IoRazzmAXrs3bsTiGM4Gk1YXjos5655Rf2/UAjkxilAAYW/pHAyqEMckwnNj3jhP9azuq0vNL9334LEuiQY+VDJ59d9oonfaCw88EdkZYJcYKFgXv/SOL+mncXeFwnH3CWGhu+todn4Av/QyWJ4SVAttAgwR85IctTMSt7b0wPhX3CDQ/8HvPuYTW4hco7Zp3TNzGId0YXxJaKeuakGxWAk6Sh8d9lRISjLgZRDndq7Zw2fiIUkI6jlKGR2uiNJoK5vqx6CuBvfEOOkP9V+881H1qXD4Xu6LQqz3427P0tyL2Zs/XVzuFY9uS44nriOHHskHOSIlOcijEdyarE0yZTnrJD3Vbb7Vnp9VCHIq6UWzhb48Rth1HSQzrD7CMMB8BBmCPfScYXoUgfdvSaN+7tFKLiNdWDi3fbFfmFA5oJKJ6zV4dzF9M0gWWK0QHINDzdrZUJIx/cGgsODZvG1z6VATmY9EGbDi3Iw1J/RnKgJ1r9IQlf7Gs
7wYL+UZVcSLy5IG4Ny5dcvQyPFN3OzWx7HwNNPYiW9sEBE8UNT3+gIgkRYxHCkRa1ZZ66BrRQ/Nj17gAELu48DTR2mRYMvvIeoXS9e6xHD0HcfqCNzBo9QATzEVghrptcQY9qCcpEOGd6jQ6nEWp/3je1pk0umMAT5ls3iDsAvj5D1MCLKA5BjU/4OGltSJBlEjouC7r442xPI9X9QqvE1PLT1ScKRUG+l7o9CJf08NjK23SFdbml4ZYNfL1Go/CbMrWJmy5qRgmkD2/BUj6WewVUfd0yEhYM1qhVYkZPX3dLbBTltoj6GjK4cr1Rwostz+zwYF9DbnltFOANPSAkNdZmkXo1gBfBt+GKis/diftnSgflKm2tQqH27mUdzfZkOex3pEdh5yaiZbxO7bYQwveDvpCnzBn8CfaWWDwi4kZ79ND1A75hvW+z6pqlEgavm4C9X+xgobjfhOe9xQtzY8P5NEMEvIFDXorGWciz5y6RJk6SVlvADF53+8VGWkt62OBXIP6QhoF9u2Q1i429rgUDJRJ/XA2yX9u9cf7WpXWzp+5pxBiP54MhD9AVUnZ0W48iKTIiKACgteq+no0qprQRXhT47EdWxfnjbaEd4AyM6xioFLzuTOz6E5EkDw0hEIzmukJIDJiY48E+ggJEiuUhCKeyjIy1SXiL1FqYFFSKsAswwt9v+yDCDZGM8HpEn4bTugFOnqRT5x98iHn8IBTY6nb+BVyluGLIJtBLncZHKiPFlk7khDswrEpc3zeoXw+PPU1h8SAQiOK8XwARN9GNQA+QYKeFt5j8favMdqzNdBKPPs0FXnrhq3I7iCYeu6w9mAtnfkCIouRQSshMGtQ3uRGH06eGxFwPiSiBx/MKCx2Z9P31nuNLnyhHkwCym9yd4qrY8TLewpb4SEMjXZ5RbfFGN2muLDMeC4MAbj8cezgIZNDiwE4zTZjESjnw3B3AR1
ZoGtY+rLwi8AtyV5eT9tDYbLLq2e5QHIKoyg8ZilEcWkW1jRyiuqLAvjI//urz6O6MvX5G4XQhhaT5MF52BWcdE5WUwYBLY8Qdst4Y9qioj1r8WytNtTJTceqEImuFTImcL8GhbDLnX72CFRkMVM24sUprMPDpvISB60DOid+KsYSgmWnGOC+pgkylDMVLcmIMTSESGOtrFFvemltbv3LwAjj5qNEi6cwsZjhPNra9I4UU+Za430NKYBugVAlRR738UrOtktmRwY7DSXpc1MWQVoBJUpggIoL1kbQ1wSirP8TWerBxGB1rincrSNOec56iAq+Jzfxz3g2ijjdwJ8dJTG7SQbsCA8wUYbssH0KVKPNnOeb2YbfGGDQYQYGpXnq4DOfU4rvD4uw2dazNy4kp301ewZ+i7nS+d9IaO53Bgr0g/iVR+NUw5XZQ/H08Z7You8tVCfnNQE6+CzZasGiqmfyK22ANJF5zHQChA9RIr2hXPzd0brfoxfHv81Mqnf70w93zq7tEP/AdeWfhq19HzjcubibADVrXfutcbG4jlyY2bP/2nmPzDv8PfRNnNp/8t43UHbzPE6e4y/BPtdoyxCRNikubbqU0W1y54YcTHHg5qai6oQYldaTtw3uaRwZSBeV/+cB7mjmQdHUImvXKpE60jN61dj5eQumFBOC9y0sYBrYH7NljMJMkFE9RojJhGQbHxsXmM5C+a9DPYnCQpYkusCCgyc4iQyUIC3XMr+PrvnLf8nQQo7Ub8YCVYkuS7TRj3gNtfuOMd64ibMUR9Eb5EDksm7ft/Y4m+0qYaiw7vxtAWgjeTGJ7Ginf3nFS7BRDfgTMk+04LwjiwwqK6+ex28RYoKdjpLNwabIxic0SqaI0EC9LEzGIe34CsrsXg8gqBMA1tr5b8eNIkU504SRXcvfRhUKHPwFEhjcuoJWeO/r9xSi2Ng4B/bTp/0CneT9dj
jG7agfnDnknA8s+Sn+Sw3gx7WnV</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData><wsu:Timestamp wsu:Id="TS-130"><wsu:Created>2014-04-23T18:36:30.742Z</wsu:Created><wsu:Expires>2014-04-23T18:36:35.742Z</wsu:Expires></wsu:Timestamp><wsse:UsernameToken wsu:Id="UsernameToken-129"><wsse:Username>POC-Username</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">tCrB/vJpre8aByMQKsrZ3I6e//M=</wsse:Password><wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">1ytxvtj+pZkkAP65sxkoQg==</wsse:Nonce><wsu:Created>2014-04-23T18:36:30.741Z</wsu:Created></wsse:UsernameToken></wsse:Security></soap:Header>
<soap:Body wsu:Id="id-131" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><xenc:EncryptedData Id="ED-134" Type="http://www.w3.org/2001/04/xmlenc#Content" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"><wsse:Reference
URI="#EK-E2522E1F1FA164BE57139827819075593"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>Q3xcabuAsMPxc623YPtXNXPewOg1Zew2i5lc6pCZSFW93gu8t8Q2S5GsP+J0sHFXbHVdU2KwiBSZGReK0oAa3U73oHs5T2YB2Ib0x7C9Ygi2amt1WU3mP782znUWdAaKlsS7U+/hY6PJOHc6WGUQP/sqW6ncZ20VquVsw7ZGBAcxYluUAahzxGlyDD2v9rmBSK7hX+uFe93avwg4vJbsCqhaBrN1gkvbWBC0gDg+Pybm1CIgf3tfOmfNmY0qESuw3ljljMy8zMpRb/qfHdf2wLDkrs+0vs26C0qotXhKKS+4i9qUGg3HaGM/sCl4rcCM+/HNYL9c1am+vJsKfhBu8fEewCQEJui+spPUxIRYM2cp9GpZOL0pK2M9V3BT/9inuJzxj8V3ckp1f3S9fuFk8vgZNfYCHtQXmajtJ4MWOlMeHE2KtcSpRLuFbLDGn0DNtugZx7aonheKIRpXNYqBskAwSETWpIxGMvoLYnH9PIjB3T4HUB+4mwc724PJ1wVMDwu45zVeO4pUNeL7XQ98gfMC+C0tfitDIBOv75d/YsgigMnc+sGKBtoX4Y7F6j1tEM4BdqA58S/AEyRoMdOoRVP4YJq+VTRbetIVIutpBK+nJGJ7MweDlkLZT7+sxEHoptqLLDfZg7Y/cwL7ro0S4UxVz7I2H2dZo26D5r/nhGzhzLei5VvNYvEG/YYSUyE1uuR/sGxzxavFQ2ssA72RltMqy5C9z5y5</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData><
/soap:Body>
</soap:Envelope>
------=_Part_16_808161854.1398278190760
Content-Type: text/plain; charset=us-ascii; name=test.txt
Content-Transfer-Encoding: 7bit
Content-ID: <85277029681>
Content-Disposition: attachment; name="test.txt"; filename="test.txt"
This is Test file for testing MTOM File Upload...
------=_Part_16_808161854.1398278190760--
--------------------------------------
Regards
Paul
Re: MTOM with WS-Security (X.509)
Posted by Paul Avijit <pa...@yahoo.com>.
Hi,
Please help on this topic.
When CXF is not at both ends of the wire, MTOM upload is not working with WS-Security. I am testing a CXF Web service with SoapUI. It works fine when CXF is at both ends of the wire.
Is this a CXF issue or a SoapUI issue. I can see SoapUI constructing a valid input SOAP message but Service after receiving request is not able to read the MTOM attachment.
Regards
Paul
On Wednesday, April 23, 2014 2:45 PM, Paul Avijit <pa...@yahoo.com> wrote:
Hi,
I have a CXF Web Service with MTOM (separate operations for upload and download) and WS-Security (UsernameToken Timestamp Signature Encrypt).
Both upload and download operation with MTOM works fine when tested using CXF client.
When testing with SoapUI, download operation works fine.
There are no errors even for upload operation but the Web Service is not able to read the attached file. SoapUI is sending a well formed SOAP message with MTOM attachment. When SOAP message is sent by SoapUI to CXF Service, the service is able to:
1. Decrypt the message
2. Verify signature
3. Verify Timestamp
4. Verify Username token
5. Read all data elements in the SOAP body
6. Response back with a SOAP message (with Timestamp Signature Encrypt)
SoapUI is able to Decrypt, verify signature and timestamp.
Following are my CXF service In/Out Interceptors:
<bean id="UT_TimestampSignEncrypt_Request" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken Timestamp Signature Encrypt"/>
<entry key="passwordType" value="PasswordDigest"/>
<entry key="passwordCallbackRef" value-ref="myKeystorePasswordCallback"/>
<entry key="signaturePropFile" value="serviceKeystore.properties"/>
<entry key="signatureAlgorithm" value="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<entry key="decryptionPropFile" value="serviceKeystore.properties"/>
<entry key="encryptionKeyTransportAlgorithm" value="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</map>
</constructor-arg>
</bean>
<bean id="TimestampSignEncrypt_Response" class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<constructor-arg>
<map>
<entry key="action" value="Timestamp Signature Encrypt"/>
<entry key="timeToLive" value="10" />
<entry key="passwordCallbackRef" value-ref="myKeystorePasswordCallback"/>
<entry key="user" value="myservicekey"/>
<entry key="signaturePropFile" value="serviceKeystore.properties"/>
<entry key="signatureParts" value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://www.w3.org/2003/05/soap-envelope}Body"/>
<entry key="signatureAlgorithm" value="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<entry key="encryptionPropFile" value="serviceKeystore.properties"/>
<entry key="encryptionUser" value="useReqSigCert"/>
<entry key="encryptionParts" value="{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://www.w3.org/2003/05/soap-envelope}Body"/>
<entry key="encryptionSymAlgorithm" value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<entry key="encryptionKeyTransportAlgorithm" value="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</map>
</constructor-arg>
<property name="allowMTOM" value="true"/>
</bean>
But the CXF service is not able to read the file content which was uploaded as MTOM attachment. Is this a bug in CXF. Can the CXF experts in this mailing list, please help. Thanks in advance.
The SOAP message sent by SoapUI is present below:
INFO: Inbound Message
----------------------------
ID: 12
Address: http://localhost:7001/bes-hc-poc-caqhcore-web/services/Core
Encoding: ISO-8859-1
Http-Method: POST
Content-Type: multipart/related; type="application/soap+xml"; start="<ro...@soapui.org>"; boundary="----=_Part_16_808161854.1398278190760"
Headers: {accept-encoding=[gzip,deflate], connection=[Keep-Alive], Content-Length=[9093], content-type=[multipart/related; type="application/soap+xml"; start="<ro...@soapui.org>"; boundary="----=_Part_16_808161854.1398278190760"], Host=[localhost:7001], MIME-Version=[1.0], User-Agent=[Apache-HttpClient/4.1.1 (java 1.5)]}
Payload:
------=_Part_16_808161854.1398278190760
Content-Type: application/soap+xml; charset=UTF-8
Content-Transfer-Encoding: 8bit
Content-ID: <ro...@soapui.org>
<soap:Envelope xmlns:cor="http://www.caqh.org/SOAP/WSDL/CORERule2.2.0.xsd" xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
<soap:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><xenc:EncryptedKey Id="EK-E2522E1F1FA164BE57139827819075593" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference><wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">MIIBnzCCAQigAwIBAgIEU05SjzANBgkqhkiG9w0BAQUFADAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTQwNDE2MDk1MTExWhcNMTYwNDE1MDk1MTExWjAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAImydZjGWfawadlhFR5DCXEA704TmG9NVbIkmGZugNDH9NHOrnEpk9SAaaZ63lpy9Buow0dJZnlVvZao/LEGJSyFdHrL+gNQU0F1UF+dGsHSKV0PZw/7miH0qWEb9x7aSpK7RAsWAdLUGRbSQgQ3NgfJuExLjEc1ThXWEWO/DmENAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAg7aSHDXDuOgUU2qeg7T+VwCisz1EtJUSCS8Zb958+lRBpe2kbphqbcFsrLVB10/05ogx7s8G8w+73v6+HBUksf9GbPM/C9yaSdg1JmJ6mNO9NwxvJzD1HrAZ7bVCLy1YzXAmcF4QCny+tRrzTceEC4lI1cw+PqmjXPeGetw0YmI=</wsse:KeyIdentifier></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>CUVqfx2tci9+qt9k2KQjWSjoUcAWU35jozfAqmGwy6B2PuolHuVPBuHmV1lF58sLlH0dFXr1twywlJfOdwg/wIem5qfPENxNB9U8A+gAqDUpRrOE88kvJ4LUk0ksplhp+rcpSCm3Kt0EvIe9RMSCbJLTwkp6LUT87cvE63kT87E=<
/xenc:CipherValue></xenc:CipherData><xenc:ReferenceList><xenc:DataReference URI="#ED-133"/><xenc:DataReference URI="#ED-134"/></xenc:ReferenceList></xenc:EncryptedKey><xenc:EncryptedData Id="ED-133" Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"><wsse:Reference
URI="#EK-E2522E1F1FA164BE57139827819075593"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>gKCxK4+oKTcIelErCFz/EljSnr3IQ0XUZmt/WW0fl5AntuJOFQxFQg7gbGwUYpeI1o5vAFyyANS4jcOSJEna9HQmpVG5ZQsmkp8yoimyANdP4MteGWT3OPPlXjDxOkD3Th9k+QojobToSAiVaC+EEHeENycDJF0qg/IxFxu7E/+MMjaK7oeNnHING5CiyRyNqGI+N/PUmrVFp4AhgpKpyv4PddkKxsm7/aR1A2vF2t6BO7TSrkKyrLeTvGcC7zZspkPXNlT2WD7nYKEO25TLMge3EEmQYCDIHrKOx+cOIpOOp+Oh1b5QV5/hTdObLHxVtkabCl9+ggJelghoT2zBrPl4C8GCpLGPP9CqSxie19uSP4eIg6qnJ/mdlg/grY/bX1qdV7GNLkj0lGst4gMJ0Z6rrrveRMszhP4J4O3E5OrKaXLo455aQEpOX8BV4cjXnXcwS+mLd4M7KOus402sCEE8LbX8/D4Wa+qgmyZ4FElRIdkbERL29UxFbN8FgjLUMHugCppZyutgHUdJor6TazixqlAfKxOYtkjp35+KEQtIiOfPbr+v8e73DmvJOi4kSY8RyVFfm6fR2WWpzy/QW1zt12jPVo7tIwjDepGIMDrQ50r8rErWSAoWLn6zSVZb+B+LntvK8i5sMwaHEasedsI8lGEtfj6WySUTGDw4NYsBLYEXrsZX2RCp9FzGlmjLc5CkHi5AeYczqF3QP7i5IvsJFakzC770zyYPnIWDjUfIsOKzZAtP9K1KmU6KMw6t8bAYNUiWxgHcQqvbgRf8O8HUHrUYI/3GG959mKm1OvodFuAq
MQK7DHQ6dY2Ltfkzfi/ZYx5oFciGiH8WTcJmOHFoqR/llOHeFhuuJx6E3hDr1v6UjWjLt17VTbaAuu917wsc36sMffgcDBafxsL2I/XM8FbwUUGkI+jvot14QIdkguuiHehSvulLWaC6Fg8uAZnvFFlV8hyJ9axL+YTk7Kj01/uW93b3NMd3kECiirdJmZjrJQP1zthrLB834xUVjp6xOJ8UooB859IMOS+RlgWfZRKJ/aQJKYQGydrAsn8zO5M0gRtgVpWLajqPI0adEX8JXoRkmganr9zwQc6aXcoroWnwRkw1yY118JprXtW4SXbvPF2t2cv9/mJ0Wi/GQ50yxqUncvlSxiRcdfrvGCsz6TEeu1Dm99t73rscTq3yHCxJJVZ5bffaN36ApeT7IGLKPkDLxECoSkiVItdqpfI1hjXUvcIg7R+Sg8OtVTGshny7di6p7wlfWmThcrMph4IoRazzmAXrs3bsTiGM4Gk1YXjos5655Rf2/UAjkxilAAYW/pHAyqEMckwnNj3jhP9azuq0vNL9334LEuiQY+VDJ59d9oonfaCw88EdkZYJcYKFgXv/SOL+mncXeFwnH3CWGhu+todn4Av/QyWJ4SVAttAgwR85IctTMSt7b0wPhX3CDQ/8HvPuYTW4hco7Zp3TNzGId0YXxJaKeuakGxWAk6Sh8d9lRISjLgZRDndq7Zw2fiIUkI6jlKGR2uiNJoK5vqx6CuBvfEOOkP9V+881H1qXD4Xu6LQqz3427P0tyL2Zs/XVzuFY9uS44nriOHHskHOSIlOcijEdyarE0yZTnrJD3Vbb7Vnp9VCHIq6UWzhb48Rth1HSQzrD7CMMB8BBmCPfScYXoUgfdvSaN+7tFKLiNdWDi3fbFfmFA5oJKJ6zV4dzF9M0gWWK0QHINDzdrZUJIx/cGgsODZvG1z6VATmY9EGbDi3Iw1J/RnKgJ1r9IQlf7Gs
7wYL+UZVcSLy5IG4Ny5dcvQyPFN3OzWx7HwNNPYiW9sEBE8UNT3+gIgkRYxHCkRa1ZZ66BrRQ/Nj17gAELu48DTR2mRYMvvIeoXS9e6xHD0HcfqCNzBo9QATzEVghrptcQY9qCcpEOGd6jQ6nEWp/3je1pk0umMAT5ls3iDsAvj5D1MCLKA5BjU/4OGltSJBlEjouC7r442xPI9X9QqvE1PLT1ScKRUG+l7o9CJf08NjK23SFdbml4ZYNfL1Go/CbMrWJmy5qRgmkD2/BUj6WewVUfd0yEhYM1qhVYkZPX3dLbBTltoj6GjK4cr1Rwostz+zwYF9DbnltFOANPSAkNdZmkXo1gBfBt+GKis/diftnSgflKm2tQqH27mUdzfZkOex3pEdh5yaiZbxO7bYQwveDvpCnzBn8CfaWWDwi4kZ79ND1A75hvW+z6pqlEgavm4C9X+xgobjfhOe9xQtzY8P5NEMEvIFDXorGWciz5y6RJk6SVlvADF53+8VGWkt62OBXIP6QhoF9u2Q1i429rgUDJRJ/XA2yX9u9cf7WpXWzp+5pxBiP54MhD9AVUnZ0W48iKTIiKACgteq+no0qprQRXhT47EdWxfnjbaEd4AyM6xioFLzuTOz6E5EkDw0hEIzmukJIDJiY48E+ggJEiuUhCKeyjIy1SXiL1FqYFFSKsAswwt9v+yDCDZGM8HpEn4bTugFOnqRT5x98iHn8IBTY6nb+BVyluGLIJtBLncZHKiPFlk7khDswrEpc3zeoXw+PPU1h8SAQiOK8XwARN9GNQA+QYKeFt5j8favMdqzNdBKPPs0FXnrhq3I7iCYeu6w9mAtnfkCIouRQSshMGtQ3uRGH06eGxFwPiSiBx/MKCx2Z9P31nuNLnyhHkwCym9yd4qrY8TLewpb4SEMjXZ5RbfFGN2muLDMeC4MAbj8cezgIZNDiwE4zTZjESjnw3B3AR1
ZoGtY+rLwi8AtyV5eT9tDYbLLq2e5QHIKoyg8ZilEcWkW1jRyiuqLAvjI//urz6O6MvX5G4XQhhaT5MF52BWcdE5WUwYBLY8Qdst4Y9qioj1r8WytNtTJTceqEImuFTImcL8GhbDLnX72CFRkMVM24sUprMPDpvISB60DOid+KsYSgmWnGOC+pgkylDMVLcmIMTSESGOtrFFvemltbv3LwAjj5qNEi6cwsZjhPNra9I4UU+Za430NKYBugVAlRR738UrOtktmRwY7DSXpc1MWQVoBJUpggIoL1kbQ1wSirP8TWerBxGB1rincrSNOec56iAq+Jzfxz3g2ijjdwJ8dJTG7SQbsCA8wUYbssH0KVKPNnOeb2YbfGGDQYQYGpXnq4DOfU4rvD4uw2dazNy4kp301ewZ+i7nS+d9IaO53Bgr0g/iVR+NUw5XZQ/H08Z7You8tVCfnNQE6+CzZasGiqmfyK22ANJF5zHQChA9RIr2hXPzd0brfoxfHv81Mqnf70w93zq7tEP/AdeWfhq19HzjcubibADVrXfutcbG4jlyY2bP/2nmPzDv8PfRNnNp/8t43UHbzPE6e4y/BPtdoyxCRNikubbqU0W1y54YcTHHg5qai6oQYldaTtw3uaRwZSBeV/+cB7mjmQdHUImvXKpE60jN61dj5eQumFBOC9y0sYBrYH7NljMJMkFE9RojJhGQbHxsXmM5C+a9DPYnCQpYkusCCgyc4iQyUIC3XMr+PrvnLf8nQQo7Ub8YCVYkuS7TRj3gNtfuOMd64ibMUR9Eb5EDksm7ft/Y4m+0qYaiw7vxtAWgjeTGJ7Ginf3nFS7BRDfgTMk+04LwjiwwqK6+ex28RYoKdjpLNwabIxic0SqaI0EC9LEzGIe34CsrsXg8gqBMA1tr5b8eNIkU504SRXcvfRhUKHPwFEhjcuoJWeO/r9xSi2Ng4B/bTp/0CneT9dj
jG7agfnDnknA8s+Sn+Sw3gx7WnV</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData><wsu:Timestamp wsu:Id="TS-130"><wsu:Created>2014-04-23T18:36:30.742Z</wsu:Created><wsu:Expires>2014-04-23T18:36:35.742Z</wsu:Expires></wsu:Timestamp><wsse:UsernameToken wsu:Id="UsernameToken-129"><wsse:Username>POC-Username</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">tCrB/vJpre8aByMQKsrZ3I6e//M=</wsse:Password><wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">1ytxvtj+pZkkAP65sxkoQg==</wsse:Nonce><wsu:Created>2014-04-23T18:36:30.741Z</wsu:Created></wsse:UsernameToken></wsse:Security></soap:Header>
<soap:Body wsu:Id="id-131" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><xenc:EncryptedData Id="ED-134" Type="http://www.w3.org/2001/04/xmlenc#Content" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"><wsse:Reference
URI="#EK-E2522E1F1FA164BE57139827819075593"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>Q3xcabuAsMPxc623YPtXNXPewOg1Zew2i5lc6pCZSFW93gu8t8Q2S5GsP+J0sHFXbHVdU2KwiBSZGReK0oAa3U73oHs5T2YB2Ib0x7C9Ygi2amt1WU3mP782znUWdAaKlsS7U+/hY6PJOHc6WGUQP/sqW6ncZ20VquVsw7ZGBAcxYluUAahzxGlyDD2v9rmBSK7hX+uFe93avwg4vJbsCqhaBrN1gkvbWBC0gDg+Pybm1CIgf3tfOmfNmY0qESuw3ljljMy8zMpRb/qfHdf2wLDkrs+0vs26C0qotXhKKS+4i9qUGg3HaGM/sCl4rcCM+/HNYL9c1am+vJsKfhBu8fEewCQEJui+spPUxIRYM2cp9GpZOL0pK2M9V3BT/9inuJzxj8V3ckp1f3S9fuFk8vgZNfYCHtQXmajtJ4MWOlMeHE2KtcSpRLuFbLDGn0DNtugZx7aonheKIRpXNYqBskAwSETWpIxGMvoLYnH9PIjB3T4HUB+4mwc724PJ1wVMDwu45zVeO4pUNeL7XQ98gfMC+C0tfitDIBOv75d/YsgigMnc+sGKBtoX4Y7F6j1tEM4BdqA58S/AEyRoMdOoRVP4YJq+VTRbetIVIutpBK+nJGJ7MweDlkLZT7+sxEHoptqLLDfZg7Y/cwL7ro0S4UxVz7I2H2dZo26D5r/nhGzhzLei5VvNYvEG/YYSUyE1uuR/sGxzxavFQ2ssA72RltMqy5C9z5y5</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData><
/soap:Body>
</soap:Envelope>
------=_Part_16_808161854.1398278190760
Content-Type: text/plain; charset=us-ascii; name=test.txt
Content-Transfer-Encoding: 7bit
Content-ID: <85277029681>
Content-Disposition: attachment; name="test.txt"; filename="test.txt"
This is Test file for testing MTOM File Upload...
------=_Part_16_808161854.1398278190760--
--------------------------------------
Regards
Paul
Re: MTOM with WS-Security (X.509)
Posted by Paul Avijit <pa...@yahoo.com>.
Hi,
Please help on this topic.
When CXF is not at both ends of the wire, MTOM upload is not working with WS-Security. I am testing a CXF Web service with SoapUI. It works fine when CXF is at both ends of the wire.
Is this a CXF issue or a SoapUI issue. I can see SoapUI constructing a valid input SOAP message but Service after receiving request is not able to read the MTOM attachment.
Regards
Paul
On Wednesday, April 23, 2014 2:45 PM, Paul Avijit <pa...@yahoo.com> wrote:
Hi,
I have a CXF Web Service with MTOM (separate operations for upload and download) and WS-Security (UsernameToken Timestamp Signature Encrypt).
Both upload and download operation with MTOM works fine when tested using CXF client.
When testing with SoapUI, download operation works fine.
There are no errors even for upload operation but the Web Service is not able to read the attached file. SoapUI is sending a well formed SOAP message with MTOM attachment. When SOAP message is sent by SoapUI to CXF Service, the service is able to:
1. Decrypt the message
2. Verify signature
3. Verify Timestamp
4. Verify Username token
5. Read all data elements in the SOAP body
6. Response back with a SOAP message (with Timestamp Signature Encrypt)
SoapUI is able to Decrypt, verify signature and timestamp.
Following are my CXF service In/Out Interceptors:
<bean id="UT_TimestampSignEncrypt_Request" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken Timestamp Signature Encrypt"/>
<entry key="passwordType" value="PasswordDigest"/>
<entry key="passwordCallbackRef" value-ref="myKeystorePasswordCallback"/>
<entry key="signaturePropFile" value="serviceKeystore.properties"/>
<entry key="signatureAlgorithm" value="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<entry key="decryptionPropFile" value="serviceKeystore.properties"/>
<entry key="encryptionKeyTransportAlgorithm" value="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</map>
</constructor-arg>
</bean>
<bean id="TimestampSignEncrypt_Response" class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<constructor-arg>
<map>
<entry key="action" value="Timestamp Signature Encrypt"/>
<entry key="timeToLive" value="10" />
<entry key="passwordCallbackRef" value-ref="myKeystorePasswordCallback"/>
<entry key="user" value="myservicekey"/>
<entry key="signaturePropFile" value="serviceKeystore.properties"/>
<entry key="signatureParts" value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://www.w3.org/2003/05/soap-envelope}Body"/>
<entry key="signatureAlgorithm" value="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<entry key="encryptionPropFile" value="serviceKeystore.properties"/>
<entry key="encryptionUser" value="useReqSigCert"/>
<entry key="encryptionParts" value="{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://www.w3.org/2003/05/soap-envelope}Body"/>
<entry key="encryptionSymAlgorithm" value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<entry key="encryptionKeyTransportAlgorithm" value="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</map>
</constructor-arg>
<property name="allowMTOM" value="true"/>
</bean>
But the CXF service is not able to read the file content which was uploaded as MTOM attachment. Is this a bug in CXF. Can the CXF experts in this mailing list, please help. Thanks in advance.
The SOAP message sent by SoapUI is present below:
INFO: Inbound Message
----------------------------
ID: 12
Address: http://localhost:7001/bes-hc-poc-caqhcore-web/services/Core
Encoding: ISO-8859-1
Http-Method: POST
Content-Type: multipart/related; type="application/soap+xml"; start="<ro...@soapui.org>"; boundary="----=_Part_16_808161854.1398278190760"
Headers: {accept-encoding=[gzip,deflate], connection=[Keep-Alive], Content-Length=[9093], content-type=[multipart/related; type="application/soap+xml"; start="<ro...@soapui.org>"; boundary="----=_Part_16_808161854.1398278190760"], Host=[localhost:7001], MIME-Version=[1.0], User-Agent=[Apache-HttpClient/4.1.1 (java 1.5)]}
Payload:
------=_Part_16_808161854.1398278190760
Content-Type: application/soap+xml; charset=UTF-8
Content-Transfer-Encoding: 8bit
Content-ID: <ro...@soapui.org>
<soap:Envelope xmlns:cor="http://www.caqh.org/SOAP/WSDL/CORERule2.2.0.xsd" xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
<soap:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><xenc:EncryptedKey Id="EK-E2522E1F1FA164BE57139827819075593" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference><wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">MIIBnzCCAQigAwIBAgIEU05SjzANBgkqhkiG9w0BAQUFADAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTQwNDE2MDk1MTExWhcNMTYwNDE1MDk1MTExWjAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAImydZjGWfawadlhFR5DCXEA704TmG9NVbIkmGZugNDH9NHOrnEpk9SAaaZ63lpy9Buow0dJZnlVvZao/LEGJSyFdHrL+gNQU0F1UF+dGsHSKV0PZw/7miH0qWEb9x7aSpK7RAsWAdLUGRbSQgQ3NgfJuExLjEc1ThXWEWO/DmENAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAg7aSHDXDuOgUU2qeg7T+VwCisz1EtJUSCS8Zb958+lRBpe2kbphqbcFsrLVB10/05ogx7s8G8w+73v6+HBUksf9GbPM/C9yaSdg1JmJ6mNO9NwxvJzD1HrAZ7bVCLy1YzXAmcF4QCny+tRrzTceEC4lI1cw+PqmjXPeGetw0YmI=</wsse:KeyIdentifier></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>CUVqfx2tci9+qt9k2KQjWSjoUcAWU35jozfAqmGwy6B2PuolHuVPBuHmV1lF58sLlH0dFXr1twywlJfOdwg/wIem5qfPENxNB9U8A+gAqDUpRrOE88kvJ4LUk0ksplhp+rcpSCm3Kt0EvIe9RMSCbJLTwkp6LUT87cvE63kT87E=<
/xenc:CipherValue></xenc:CipherData><xenc:ReferenceList><xenc:DataReference URI="#ED-133"/><xenc:DataReference URI="#ED-134"/></xenc:ReferenceList></xenc:EncryptedKey><xenc:EncryptedData Id="ED-133" Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"><wsse:Reference
URI="#EK-E2522E1F1FA164BE57139827819075593"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>gKCxK4+oKTcIelErCFz/EljSnr3IQ0XUZmt/WW0fl5AntuJOFQxFQg7gbGwUYpeI1o5vAFyyANS4jcOSJEna9HQmpVG5ZQsmkp8yoimyANdP4MteGWT3OPPlXjDxOkD3Th9k+QojobToSAiVaC+EEHeENycDJF0qg/IxFxu7E/+MMjaK7oeNnHING5CiyRyNqGI+N/PUmrVFp4AhgpKpyv4PddkKxsm7/aR1A2vF2t6BO7TSrkKyrLeTvGcC7zZspkPXNlT2WD7nYKEO25TLMge3EEmQYCDIHrKOx+cOIpOOp+Oh1b5QV5/hTdObLHxVtkabCl9+ggJelghoT2zBrPl4C8GCpLGPP9CqSxie19uSP4eIg6qnJ/mdlg/grY/bX1qdV7GNLkj0lGst4gMJ0Z6rrrveRMszhP4J4O3E5OrKaXLo455aQEpOX8BV4cjXnXcwS+mLd4M7KOus402sCEE8LbX8/D4Wa+qgmyZ4FElRIdkbERL29UxFbN8FgjLUMHugCppZyutgHUdJor6TazixqlAfKxOYtkjp35+KEQtIiOfPbr+v8e73DmvJOi4kSY8RyVFfm6fR2WWpzy/QW1zt12jPVo7tIwjDepGIMDrQ50r8rErWSAoWLn6zSVZb+B+LntvK8i5sMwaHEasedsI8lGEtfj6WySUTGDw4NYsBLYEXrsZX2RCp9FzGlmjLc5CkHi5AeYczqF3QP7i5IvsJFakzC770zyYPnIWDjUfIsOKzZAtP9K1KmU6KMw6t8bAYNUiWxgHcQqvbgRf8O8HUHrUYI/3GG959mKm1OvodFuAq
MQK7DHQ6dY2Ltfkzfi/ZYx5oFciGiH8WTcJmOHFoqR/llOHeFhuuJx6E3hDr1v6UjWjLt17VTbaAuu917wsc36sMffgcDBafxsL2I/XM8FbwUUGkI+jvot14QIdkguuiHehSvulLWaC6Fg8uAZnvFFlV8hyJ9axL+YTk7Kj01/uW93b3NMd3kECiirdJmZjrJQP1zthrLB834xUVjp6xOJ8UooB859IMOS+RlgWfZRKJ/aQJKYQGydrAsn8zO5M0gRtgVpWLajqPI0adEX8JXoRkmganr9zwQc6aXcoroWnwRkw1yY118JprXtW4SXbvPF2t2cv9/mJ0Wi/GQ50yxqUncvlSxiRcdfrvGCsz6TEeu1Dm99t73rscTq3yHCxJJVZ5bffaN36ApeT7IGLKPkDLxECoSkiVItdqpfI1hjXUvcIg7R+Sg8OtVTGshny7di6p7wlfWmThcrMph4IoRazzmAXrs3bsTiGM4Gk1YXjos5655Rf2/UAjkxilAAYW/pHAyqEMckwnNj3jhP9azuq0vNL9334LEuiQY+VDJ59d9oonfaCw88EdkZYJcYKFgXv/SOL+mncXeFwnH3CWGhu+todn4Av/QyWJ4SVAttAgwR85IctTMSt7b0wPhX3CDQ/8HvPuYTW4hco7Zp3TNzGId0YXxJaKeuakGxWAk6Sh8d9lRISjLgZRDndq7Zw2fiIUkI6jlKGR2uiNJoK5vqx6CuBvfEOOkP9V+881H1qXD4Xu6LQqz3427P0tyL2Zs/XVzuFY9uS44nriOHHskHOSIlOcijEdyarE0yZTnrJD3Vbb7Vnp9VCHIq6UWzhb48Rth1HSQzrD7CMMB8BBmCPfScYXoUgfdvSaN+7tFKLiNdWDi3fbFfmFA5oJKJ6zV4dzF9M0gWWK0QHINDzdrZUJIx/cGgsODZvG1z6VATmY9EGbDi3Iw1J/RnKgJ1r9IQlf7Gs
7wYL+UZVcSLy5IG4Ny5dcvQyPFN3OzWx7HwNNPYiW9sEBE8UNT3+gIgkRYxHCkRa1ZZ66BrRQ/Nj17gAELu48DTR2mRYMvvIeoXS9e6xHD0HcfqCNzBo9QATzEVghrptcQY9qCcpEOGd6jQ6nEWp/3je1pk0umMAT5ls3iDsAvj5D1MCLKA5BjU/4OGltSJBlEjouC7r442xPI9X9QqvE1PLT1ScKRUG+l7o9CJf08NjK23SFdbml4ZYNfL1Go/CbMrWJmy5qRgmkD2/BUj6WewVUfd0yEhYM1qhVYkZPX3dLbBTltoj6GjK4cr1Rwostz+zwYF9DbnltFOANPSAkNdZmkXo1gBfBt+GKis/diftnSgflKm2tQqH27mUdzfZkOex3pEdh5yaiZbxO7bYQwveDvpCnzBn8CfaWWDwi4kZ79ND1A75hvW+z6pqlEgavm4C9X+xgobjfhOe9xQtzY8P5NEMEvIFDXorGWciz5y6RJk6SVlvADF53+8VGWkt62OBXIP6QhoF9u2Q1i429rgUDJRJ/XA2yX9u9cf7WpXWzp+5pxBiP54MhD9AVUnZ0W48iKTIiKACgteq+no0qprQRXhT47EdWxfnjbaEd4AyM6xioFLzuTOz6E5EkDw0hEIzmukJIDJiY48E+ggJEiuUhCKeyjIy1SXiL1FqYFFSKsAswwt9v+yDCDZGM8HpEn4bTugFOnqRT5x98iHn8IBTY6nb+BVyluGLIJtBLncZHKiPFlk7khDswrEpc3zeoXw+PPU1h8SAQiOK8XwARN9GNQA+QYKeFt5j8favMdqzNdBKPPs0FXnrhq3I7iCYeu6w9mAtnfkCIouRQSshMGtQ3uRGH06eGxFwPiSiBx/MKCx2Z9P31nuNLnyhHkwCym9yd4qrY8TLewpb4SEMjXZ5RbfFGN2muLDMeC4MAbj8cezgIZNDiwE4zTZjESjnw3B3AR1
ZoGtY+rLwi8AtyV5eT9tDYbLLq2e5QHIKoyg8ZilEcWkW1jRyiuqLAvjI//urz6O6MvX5G4XQhhaT5MF52BWcdE5WUwYBLY8Qdst4Y9qioj1r8WytNtTJTceqEImuFTImcL8GhbDLnX72CFRkMVM24sUprMPDpvISB60DOid+KsYSgmWnGOC+pgkylDMVLcmIMTSESGOtrFFvemltbv3LwAjj5qNEi6cwsZjhPNra9I4UU+Za430NKYBugVAlRR738UrOtktmRwY7DSXpc1MWQVoBJUpggIoL1kbQ1wSirP8TWerBxGB1rincrSNOec56iAq+Jzfxz3g2ijjdwJ8dJTG7SQbsCA8wUYbssH0KVKPNnOeb2YbfGGDQYQYGpXnq4DOfU4rvD4uw2dazNy4kp301ewZ+i7nS+d9IaO53Bgr0g/iVR+NUw5XZQ/H08Z7You8tVCfnNQE6+CzZasGiqmfyK22ANJF5zHQChA9RIr2hXPzd0brfoxfHv81Mqnf70w93zq7tEP/AdeWfhq19HzjcubibADVrXfutcbG4jlyY2bP/2nmPzDv8PfRNnNp/8t43UHbzPE6e4y/BPtdoyxCRNikubbqU0W1y54YcTHHg5qai6oQYldaTtw3uaRwZSBeV/+cB7mjmQdHUImvXKpE60jN61dj5eQumFBOC9y0sYBrYH7NljMJMkFE9RojJhGQbHxsXmM5C+a9DPYnCQpYkusCCgyc4iQyUIC3XMr+PrvnLf8nQQo7Ub8YCVYkuS7TRj3gNtfuOMd64ibMUR9Eb5EDksm7ft/Y4m+0qYaiw7vxtAWgjeTGJ7Ginf3nFS7BRDfgTMk+04LwjiwwqK6+ex28RYoKdjpLNwabIxic0SqaI0EC9LEzGIe34CsrsXg8gqBMA1tr5b8eNIkU504SRXcvfRhUKHPwFEhjcuoJWeO/r9xSi2Ng4B/bTp/0CneT9dj
jG7agfnDnknA8s+Sn+Sw3gx7WnV</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData><wsu:Timestamp wsu:Id="TS-130"><wsu:Created>2014-04-23T18:36:30.742Z</wsu:Created><wsu:Expires>2014-04-23T18:36:35.742Z</wsu:Expires></wsu:Timestamp><wsse:UsernameToken wsu:Id="UsernameToken-129"><wsse:Username>POC-Username</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">tCrB/vJpre8aByMQKsrZ3I6e//M=</wsse:Password><wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">1ytxvtj+pZkkAP65sxkoQg==</wsse:Nonce><wsu:Created>2014-04-23T18:36:30.741Z</wsu:Created></wsse:UsernameToken></wsse:Security></soap:Header>
<soap:Body wsu:Id="id-131" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><xenc:EncryptedData Id="ED-134" Type="http://www.w3.org/2001/04/xmlenc#Content" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"><wsse:Reference
URI="#EK-E2522E1F1FA164BE57139827819075593"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>Q3xcabuAsMPxc623YPtXNXPewOg1Zew2i5lc6pCZSFW93gu8t8Q2S5GsP+J0sHFXbHVdU2KwiBSZGReK0oAa3U73oHs5T2YB2Ib0x7C9Ygi2amt1WU3mP782znUWdAaKlsS7U+/hY6PJOHc6WGUQP/sqW6ncZ20VquVsw7ZGBAcxYluUAahzxGlyDD2v9rmBSK7hX+uFe93avwg4vJbsCqhaBrN1gkvbWBC0gDg+Pybm1CIgf3tfOmfNmY0qESuw3ljljMy8zMpRb/qfHdf2wLDkrs+0vs26C0qotXhKKS+4i9qUGg3HaGM/sCl4rcCM+/HNYL9c1am+vJsKfhBu8fEewCQEJui+spPUxIRYM2cp9GpZOL0pK2M9V3BT/9inuJzxj8V3ckp1f3S9fuFk8vgZNfYCHtQXmajtJ4MWOlMeHE2KtcSpRLuFbLDGn0DNtugZx7aonheKIRpXNYqBskAwSETWpIxGMvoLYnH9PIjB3T4HUB+4mwc724PJ1wVMDwu45zVeO4pUNeL7XQ98gfMC+C0tfitDIBOv75d/YsgigMnc+sGKBtoX4Y7F6j1tEM4BdqA58S/AEyRoMdOoRVP4YJq+VTRbetIVIutpBK+nJGJ7MweDlkLZT7+sxEHoptqLLDfZg7Y/cwL7ro0S4UxVz7I2H2dZo26D5r/nhGzhzLei5VvNYvEG/YYSUyE1uuR/sGxzxavFQ2ssA72RltMqy5C9z5y5</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData><
/soap:Body>
</soap:Envelope>
------=_Part_16_808161854.1398278190760
Content-Type: text/plain; charset=us-ascii; name=test.txt
Content-Transfer-Encoding: 7bit
Content-ID: <85277029681>
Content-Disposition: attachment; name="test.txt"; filename="test.txt"
This is Test file for testing MTOM File Upload...
------=_Part_16_808161854.1398278190760--
--------------------------------------
Regards
Paul