David Lakatos created CXF-8705: ---------------------------------- Summary: Multiple encrypted XML elements fail crypto coverage check Key: CXF-8705 URL: https://issues.apache.org/jira/browse/CXF-8705 Project: CXF Issue Type: Bug Components: JAX-WS Runtime Affects Versions: 3.5.2 Environment: * Apache Maven 3.8.5 * Java version: 11.0.12, vendor: Eclipse Foundation * Apache Tomcat 9.0.62 * openSUSE Tumbleweed 20220509 Reporter: David Lakatos
Hello colleagues, I probably found a bug in {{org.apache.cxf.ws.security.wss4j.CryptoCoverageChecker}}. * Issue: SOAP XML message encryption coverage checking for more than 1 XML elements does not work. If only 1 XML element encryption coverage is checked, everything works fine. * Symptoms: [CryptoCoverageUtil.matchElement(Collection<WSDataRef>, CoverageScope, Element)|https://github.com/apache/cxf/blob/cxf-3.5.2/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java#L381] compares objects via references ({{r.getProtectedElement() == el}}) but they are always different objects * Reproducer JUnit tests are provided on GitHub: [greatit/crypto-coverage-test|https://github.com/greatit/crypto-coverage-test] Fixing the issue would be much appreciated. Thank you. -- This message was sent by Atlassian Jira (v8.20.7#820007)