Hi,
SHORT STORY:
I need to encrypt an element in my SOAP message. Therefore I configure
my sending endpoint as follows:
This generally works, but breaks if I enable WS-ReliableMessaging (with
a policy in the WSDL). In that case, when trying to send a message the
interceptor fails with:
org.apache.ws.security.WSSecurityException:
General security error (WSEncryptBody/WSSignEnvelope:
Element to encrypt/sign not found:
{http://messaging/}deliver)
Now, apparently this is caused by WS-RM injecting a "CreateSequence"
message which does not contain my "target" element. I can see only three
ways out of this and I appreciate any help.
LONG STORY:
My thoughts on getting around this are below, but I need help from
someone more knowledgable:
1) I don't know if it's possible to have the WS-Security interceptor be
added _before_ the WS-RM interceptor (I assume this would result in WSS
"not seeing" RM-injected messages). Although I add the "WSS" interceptor
with code, the RM interceptor is added automatically by a policy in the
WSDL. I add WSS with:
Map<String, Object> outProps = new HashMap<String, Object>();
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
// ...
outProps.put(WSHandlerConstants.ENCRYPTION_PARTS,
"{Content}{http://messaging/}deliver");
org.apache.cxf.endpoint.Client client =
org.apache.cxf.frontend.ClientProxy.getClient(portStub);
org.apache.cxf.endpoint.Endpoint cxfEndpoint = client.getEndpoint();
cxfEndpoint.getOutInterceptors().add(wssOut);
2) Is it possible to define the "target part" as "optional" so that WSS
does not abort when it fails to find the element?
3) Are neither (1) nor (2) possible, in which case I should open a bug
report (and start coding)?