Hi all.
We've continued testing MTOM+WS-Security Signature, we need interoperation with
Microsoft clients, so swaRef is not an option and we need MTOM and signatures
working well.
We have found the following problems:
1) On the server side:
1.a) The WS-Security handlers are not invoked, to
Hi Martin,
for sure what you say is interesting, please attach the patch to a jira issue
and link it here. Thank you!
We'll take a look at it and merge it to the trunk; point 2.b might be solved by
http://jira.jboss.org/jira/browse/JBWS-1973.
View the original post :
Associated JIRA issue: http://jira.jboss.org/jira/browse/JBWS-2014
View the original post :
http://www.jboss.com/index.html?module=bbop=viewtopicp=4132268#4132268
Reply to the post :
http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4132268
Hi, we are also trying to use WS-Security + MTOM in JBossWS 2.0.1 and 2.0.3, we
are sending big files so we need binary attachments instead of inline encoded
data.
Here is the result of our tests:
- In JBossWS 2.0.1 you must change the configuration of the endpoint by adding
##SOAP11_HTTP_MTOM
Hello!
Thanks for your answers,
richard_opalka wrote : MTOM attachments do not need to be inlined.
I agree, but if mtom is used and it is inlined, I don't see the point of using
mtom: we can have the binary parameter inlined like the others. I thought that
one of the advantages of mtom was
mr_d wrote :
| I agree, but if mtom is used and it is inlined, I don't see the point of
using mtom: we can have the binary parameter inlined like the others. I thought
that one of the advantages of mtom was to use xop which describes how to
package binary data as an attachment.
@mr_d
Well
richard_opalka wrote :
| * if attachment size is lesser than some preconfigured size then MTOM
attachment is inlined
| * if attachment size is greater than some preconfigured size then MTOM
attachment is sent as MIME part.
|
Thank you for this explanation,
Yes, Im working with
davideling wrote : Ok,
| but have the MTOM attachment to be inlined or not
| when WS-Security signature or encryption is activated?
|
| Thanks
|
MTOM attachments do not need to be inlined.
For example Microsoft Indigo and some other Java stacks (I don't know if
JBossWS too)
provide
Hello Rio,
i agree with You.
Do You know how to develop a
JBossWS Web Service with both attachment and
WS-Security encryption?
View the original post :
http://www.jboss.com/index.html?module=bbop=viewtopicp=4057570#4057570
Reply to the post :
This time I'm trying a simpler example
MTOM/WS-Security onl with username and password
In my service client,
if I comment out
// ((StubExt) port).setConfigName(Standard WSSecurity Client);
I get MTOM work correctly
| POST
davideling wrote :
| But if I enable WS-Security MTOM doesn't work any more.
| The client doesn't send a multipart related message,
| but inserts the xop:include tag with the attachment reference.
|
| I use JBoss 4.2.0 GA, JDK 1.5.0_12 on Linux 32 bit
|
Hi davideling,
I don't
I'm sorry Rio, I'm at work now and
I can't look JBossWS sources now.
All I can do now is look at client log4j logs.
If I enable WS-Security I can see this where I can find
two times
...HEADER={SOAPAction=, Content-Type=text/xml...
| ...
| DEBUG main
Maybe the two standards are not compatible to work together. I didn't found any
information that says: no, no, no don't use mtom with ws-security.
Hi mr_d,
MTOM + WS-Security are fully compatible standards. MTOM is a new attachment
approach and was designed with WS security in mind. Before
Ok,
but have the MTOM attachment to be inlined or not
when WS-Security signature or encryption is activated?
Thanks
View the original post :
http://www.jboss.com/index.html?module=bbop=viewtopicp=4057316#4057316
Reply to the post :
Thank you for your links mr_d, they are very interesting.
Now I'm sure that my Web Services behaviour is not correct :-( .
Request Headers
| POST
/servizioJBossCipheredSigned/ServizioJBossCipheredSigned?datatype=JBossWSMessage
HTTP/1.1
|
| Authorization: Basic
Exposed interface method
| @WebMethod
| @WebResult(name=responseMessage)
| public ResponseMessage eleaborateMessage(
| @WebParam(name=requestMessage)
| RequestMessage message);
|
Request bean
| public class RequestMessage
Hello,
Thanks for your answers,
@richard_opalka:
I agree, they are compatible, so to use attachments with WS Security, MTOM is
the only and right way.
@davideling:
I have the same config. As I said on my first post, mtom only works, and ws
security only also works.
Are you sure that your
Hello,
i did it,
and i got the attachment inlined in the soap body
encrypted (is it right?).
Be sure you annotated the service implementation class
| @BindingType(javax.xml.ws.soap.SOAPBinding.SOAP11HTTP_MTOM_BINDING)
| @EndpointConfig(configName = Standard WSSecurity Endpoint)
| public
Ehm... sorry my last reply was only a code snippet...
Service implementation
|
@WebService(endpointInterface=serviceJBossCipheredSigned.ServiceJBossCipheredSigned,
| portName=ServiceJBossCipheredSignedSOAP,
| serviceName=ServiceJBossCipheredSigned
| )
|
Hello davideling,
Thanks for your reply,
My annotations on my service implementation are:
| @BindingType(javax.xml.ws.soap.SOAPBinding.SOAP11HTTP_MTOM_BINDING)
| @SOAPBinding(style = SOAPBinding.Style.DOCUMENT, parameterStyle =
SOAPBinding.ParameterStyle.BARE)
|
20 matches
Mail list logo
