SOAP Header element is returned to the client even if detached in a JAXWS
Handler
---------------------------------------------------------------------------------
Key: CXF-827
URL: https://issues.apache.org/jira/browse/CXF-827
Project: CXF
Issue Type: Bug
Components: JAX-WS Runtime
Affects Versions: 2.0
Reporter: Matthias Germann
If a JAXWS Handler detaches a SOAP Header element with the the detachNode()
Method of the SOAPElement Class during inbound processing of a SOAP Message,
the Header is still returned to the client in the SOAP Response.
public boolean handleMessage(SOAPMessageContext msgCtx) {
if (isOutboundMessage(msgCtx)) {
return true;
}
try {
SOAPHeader header =
msgCtx.getMessage().getSOAPPart().getEnvelope().getHeader();
if (header == null) {
return true;
}
List<SOAPElement> toRemove = new
ArrayList<SOAPElement>();
for (Iterator iter = header.getChildElements();
iter.hasNext();) {
Object obj = iter.next();
if (obj instanceof SOAPElement) {
SOAPElement element = (SOAPElement) obj;
// Security Headers suchen
Name name = element.getElementName();
if
(NsConstants.WSS.equals(name.getURI())
&&
HandlerConstants.WSS_SECURITY_ELEM.equals(name.getLocalName())) {
log.debug("WSS Security Header
found");
toRemove.add(element);
}
}
}
// Security Headers, welche erfoglreich bearbeitet
wurden, entfernen
for (SOAPElement elem : toRemove) {
elem.detachNode();
}
return true;
} catch(SOAPException e) {
log.error("Can't remove security header", e);
throw new RuntimeException("Can't remove security
header", e);
}
}
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
