Hi, I tested that the problem occurs if I enable WS-Security. Below the test case.
Service Interface: @WebService(name = "BatchManagerService", targetNamespace = "http://www.satanet.it/kfi";) public interface IBatchManagerService { @WebResult(targetNamespace = "http://www.satanet.it/kfi";) public String echo(@WebParam(name="text") String txt); } Service implementation: @WebService(endpointInterface = "it.satanet.karthaForInvoice.commonInterfaces.batchManager.IBatchManagerService", serviceName = "BatchManagerService", targetNamespace = "http://www.satanet.it/kfi";) public class BatchManagerServiceImpl implements IBatchManagerService { @Override public String echo(String txt) { System.out.println(txt); return txt; } } Service Spring cfg: <bean id="aegisDatabinding" class="org.apache.cxf.aegis.databinding.AegisDatabinding" scope="prototype" /> <bean id="myPasswordCallback" class="it.satanet.karthaForInvoice.commonInterfaces.ws_util.ServerPasswordCallback"/> <!-- WS --> <bean id="wsService" class="it.satanet.karthaForInvoice.batchManager.service.BatchManagerServiceImpl" /> <bean id="serviceFactory" class="org.apache.cxf.jaxws.support.JaxWsServiceFactoryBean" scope="prototype"> <property name="dataBinding" ref="aegisDatabinding" /> </bean> <jaxws:server id="wsServiceEndpoint" serviceBean="#wsService" serviceClass="it.satanet.karthaForInvoice.batchManager.service.BatchManagerServiceImpl" address="/ws"> <jaxws:serviceFactory> <ref bean="serviceFactory" /> </jaxws:serviceFactory> <jaxws:inInterceptors> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> <constructor-arg> <map> <entry key="action" value="UsernameToken"/> <entry key="passwordType" value="PasswordText"/> <entry key="passwordCallbackRef"> <ref bean="myPasswordCallback"/> </entry> </map> </constructor-arg> </bean> </jaxws:inInterceptors> <jaxws:properties> <entry key="mtom-enabled" value="true" /> </jaxws:properties> </jaxws:server> Client (generic, but you can replace T with the service interface): @SuppressWarnings("unchecked") public T getClientProxy(Class<T> c) { JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean(); // logging // factory.getInInterceptors().add(new LoggingInInterceptor()); // factory.getOutInterceptors().add(new LoggingOutInterceptor()); Map<String, Object> outProps = new HashMap<String, Object>(); WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps); factory.getOutInterceptors().add(wssOut); outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN); // Specify our username outProps.put(WSHandlerConstants.USER, ServerPasswordCallback.WS_SECURITY_USER); // Password type : plain text outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT); // for hashed password use: // properties.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST); outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, ClientPasswordHandler.class.getName()); // invocation factory.setServiceClass(c); AegisDatabinding dataBinding = new AegisDatabinding(); dataBinding.setMtomEnabled(MTOM_ENABLED); dataBinding.setMtomUseXmime(MTOM_ENABLED); factory.setDataBinding(dataBinding); factory.setAddress(wsUrl); Map<String, Object> properties = factory.getProperties(); if (properties == null) { properties = new HashMap<String, Object>(); factory.setProperties(properties); } properties.put("mtom-enabled", MTOM_ENABLED); return (T) factory.create(); } By disabling WSS4J support, everything works fine. Right now, I think I can do without WSS4J but I'd like to know what goes wrong. Marco dkulp wrote: > > > A simple testcase for this would be great if at all possible. > > I just tested this by adding the string "john&marry" to the testString > stuff > in our type tests and it passed fine. The full string was properly > echoed > back. Thus, I'm not sure what would be going on. A test case would > definitely be useful. > > > Dan > > > > On Fri May 1 2009 3:38:44 am marcob wrote: >> That was my first reaction as well! >> Yes, I have CXF at both ends. I don't know if it might help, but in the >> previous post I forgot to say that my WS stack also includes a WS >> Security >> Interceptor. When I come back to the office (Monday), I'll test the same >> code without WS-Security and check whether exists a more updated version >> of >> woodstox library. >> In the meanwhile, any further suggestion is very welcome! >> Marco >> >> bimargulies wrote: >> > My first reaction is that I don't believe it. It is the woodstox code >> > that handles all of this, not us. Is the CXF on both ends? >> > >> > On Thu, Apr 30, 2009 at 12:21 PM, marcob <[email protected]> wrote: >> >> Hi, >> >> >> >> I've found this unexpected behaviour while using cxf 2.2.x + JaxWS + >> >> Aegis. >> >> If I define a method that accepts string parameters, e.g. >> >> >> >> public void echo(String text) { >> >> System.out.println(text); >> >> } >> >> >> >> and I pass a string containing the ampersand character (&), e.g. >> >> "john&lucy", the echo method only prints "john". I investigated the >> >> problem >> >> with an HTTP Monitor and it seems that at client side the string is >> >> correctly escaped (the SOAP request contains the "john&amp;lucy" >> >> text) >> >> but, at server side, the string is truncated at the & character >> >> position. >> >> >> >> From my point of view, it seems to be a bug. >> >> Any solution? >> >> Thanks >> >> Marco >> >> -- >> >> View this message in context: >> >> >> http://www.nabble.com/CXF-2.2.x-ampersand-issue-tp23319655p23319655.html >> >> Sent from the cxf-user mailing list archive at Nabble.com. > > -- > Daniel Kulp > [email protected] > http://www.dankulp.com/blog > > -- View this message in context: http://www.nabble.com/CXF-2.2.x-ampersand-issue-tp23319655p23407586.html Sent from the cxf-user mailing list archive at Nabble.com.
