Hi again, so I checked the AsymmetricBuilder in trunk and the RampartUtil.getContentEncryptedElements() method. The only difference is in the RampartUtil.getContentEncryptedElements() where the WSEncryptionPart has also the appropriate XPath expression set:
encryptedElem.setXpath(expression); So I've downloaded the latest wss4j (1.5.8 version) and added the setXPath() in rampart 1.4. However, it didn't work. But this time, the EncryptedKey element had two <xenc:DataReference> elements(this was correct as there were two <xsd:insuree> elements in the message). The message was of course rejected, because the second reference was not found. So I took the message, deleted the non-existing <xenc:DataReference> and sent it with SoapUI to the service and found out, that the first <xsd:insuree> was encrypted two times. After the decryption of the element, there was <EncryptedData> with the Id from the deleted <DataReference>. So this seems to me like a wss4j bug. Regards, Filip On Fri, Nov 20, 2009 at 11:20 AM, Prabath Siriwardena <[email protected]>wrote: > IIRC this seems to be an issue with Rampart 1.4 - and fixed in 1.5 to be > released and the trunk. > > Thanks & regards. > -Prabath > > > Filip Majernik wrote: > >> Hello, >> I am using Rampart 1.4 in Apache ODE 1.3.2. Ode is sending a message with >> sequence of <xsd:insuree /> elements each of them wrapped by another >> element >> (I generate this elements with a bash script for testing, so all elements >> are the same, only the Id is different). >> I have defined a ContentEncryptedElements assertion with one XPath >> expression like this (using AsymmetricBinding): >> >> <ContentEncryptedElements> >> <XPath xmlns:xsd="...">//xsd:insuree</XPath> >> </ContentEncryptedElements> >> >> However, only the first element <xsd:insuree/> is always encrypted in the >> message and the others are left in clear text. I've checked it in Rampart >> source and the method >> RampartUtil.getContentEncryptedElements(), which searches the elements in >> the message, finds all <xsd:insuree /> elements in the message. The class >> AsymsetricBindingBuilder is not doing anything with that elements, so I >> suppose there is something with wss4j encryption? >> >> Can maybe someone help me with this issue? >> >> Thanks, >> Filip >> >> >> > >
