Uploaded image for project: 'Spring Web Services'
  1. Spring Web Services
  2. SWS-193

XwsSecurityInterceptor : funtionality for skipping the validate of a SOAP message when there are no WSSE headers in SOAP envelope.

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Minor
    • Resolution: Complete
    • Affects Version/s: 1.0
    • Fix Version/s: 2.0 M2
    • Component/s: Security
    • Labels:
      None

      Description

      Is it possible to skip the validateMessage(SoapMessage soapMessage) when a SOAP message has no WSSE headers?
      I'm building a web service which have to support multiple authentication mechanisms, such as X509 client certificates, BASIC authentication.
      All mechanisms are implemented using Acegi Security.

      As workaround i have built an endpoint interceptor that will look for a WSSE security header in the SOAP envelope and decides to continue or stops processing.

        Activity

        Transition Time In Source Status Execution Times Last Executer Last Execution Date
        Open Open In Progress In Progress
        958d 11h 52m 1 Tareq Abedrabbo 28/Apr/10 4:58 AM
        In Progress In Progress Resolved Resolved
        1d 3h 5m 1 Tareq Abedrabbo 29/Apr/10 8:04 AM
        Resolved Resolved Closed Closed
        735d 22h 59m 1 Arjen Poutsma 04/May/12 7:03 AM

          People

          • Assignee:
            tareq Tareq Abedrabbo
            Reporter:
            avthart Albert van 't Hart
          • Votes:
            1 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: