Uploaded image for project: 'Spring Web Services'
  1. Spring Web Services
  2. SWS-884

Wss4jSecurityInterceptor, don't remove Security Header.

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Complete
    • Affects Version/s: 2.2.0.RELEASE
    • Fix Version/s: 2.2.1
    • Component/s: Security
    • Labels:
      None

      Description

      When Wss4jSecurityInterceptor.validateMessage successfully validates an incoming message, it automatically removes the Security element from the SOAP header.

      It would be nice to have an option to disable this functionality, so that the Security Element is left intact, so that the elements contained within (mainly X.509 certificates) can be accessed later on.

      There's one line of code to "change" - Wss4jSecurityInterceptor.java:634:
      soapMessage.getEnvelope().getHeader().removeHeaderElement(WS_SECURITY_NAME);

        Activity

        Transition Time In Source Status Execution Times Last Executer Last Execution Date
        Open Open In Progress In Progress
        32d 2h 16m 1 Greg Turnquist 12/Jan/15 8:36 AM
        In Progress In Progress Resolved Resolved
        37d 4h 52m 1 Greg Turnquist 18/Feb/15 1:29 PM
        Resolved Resolved Closed Closed
        1m 28s 1 Greg Turnquist 18/Feb/15 1:31 PM

          People

          • Assignee:
            gregturn Greg Turnquist
            Reporter:
            jinie Jimmy Selgen Nielsen
          • Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: