You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ws.apache.org by "Andreas Veithen (JIRA)" <ji...@apache.org> on 2010/12/02 16:22:11 UTC

[jira] Commented: (WSS-257) Avoid converting the SOAP Body to DOM on the processing side if possible

    [ https://issues.apache.org/jira/browse/WSS-257?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12966141#action_12966141 ] 

Andreas Veithen commented on WSS-257:
-------------------------------------

I think that the signature of the second method should be changed to something like this:

InputStream getAttachment(Object msgContext, Node node)

Rationale: In DOM/SAAJ, the optimized base64 data is represented as an Element (with name xop:Include), while Axiom represents it as an OMText node (referring to a DataHandler instead of a String). With the modified signature we should be able to support both models.

> Avoid converting the SOAP Body to DOM on the processing side if possible
> ------------------------------------------------------------------------
>
>                 Key: WSS-257
>                 URL: https://issues.apache.org/jira/browse/WSS-257
>             Project: WSS4J
>          Issue Type: Improvement
>    Affects Versions: 1.5.10
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 1.6
>
>
> On an inbound request, WSS4J currently iterates through each security token in the security header and processes each one. However it also requires the entire SOAP request be converted into a DOM structure, even though it might not be necessary to access the SOAP body as part of processing the security header, e.g. processing a Timestamp, or a Username Token.
> This task is to enhance WSS4J on the processing side, so that it does not require access to the SOAP body. If it needs to find an element in the SOAP request, it should use a callback mechanism, to obtain e.g. the SOAP body if required. This mechanism could potentially provide support for signed MTOM. WSS4J should supply a default implementation that more or less parallels the current implementation. CXF/Rampart etc. could define their own callback implementations for their specific needs.
> The callback class could look something like:
> public abstract class LookupCallbacks {
> //for the wsu:ID, get the element
> Element getElementForID(Object msgContext, String i) {
>    return null;
> }
> //for processing of MTOM things eventually
> InputStream getAttachment(Object msgContext, String contentId) {
>    return null;
> }
> }

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org