Uploaded image for project: 'Spring Web Services'
  1. Spring Web Services
  2. SWS-828

Setting bspCompliant = false has effect only for first request

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.1.2
    • Fix Version/s: 2.1.3
    • Component/s: None
    • Labels:
      None

      Description

      Symptom: Setting the property 'bspCompliant' on Wss4jSecurityInterceptor to false has an effect only for the first web service request after application start. Setting 'wsiBspCompliant=false' on the wssConfig object has the same result.

      Cause: WSS4J sets back the value in WssConfig to true in each WSHandler.doSenderAction() call. WSHandler.doSenderAction() asks the Spring Wss4JHandler for the value of the configuration option IS_BSP_COMPLIANT in the set of options, and Wss4JHandler returns null. The default behaviour of WSS4J is: If an option is not set in the handler, the value defaults to true.

      Possible correction: add IS_BSP_COMPLIANT to the set of options in Wss4JHandler on call to Wss4jSecurityInterceptor.setBspCompliant().

        Attachments

          Activity

            People

            • Assignee:
              arjen.poutsma Arjen Poutsma
              Reporter:
              juergene Juergen Ebert
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: