Hi all:
I have my own interceptor that I used in CXF 2.2.2 to handle WS-Security. My
interceptor runs in the pre-protocol phase directly after the
SAAJInInterceptor. I recently ran into a problem with encryption after
upgrading to CXF 2.2.9. In my incoming SOAP messages, I decrypt the
EncryptedData nodes and remove them from the DOM then replace them with the
decrypted elements (the content of the SOAP body is encrypted as well as the
UsernameToken in the header). This worked fine in CXF 2.2.2 but after
upgrading I now get an error being thrown from the DocLiteralInInterceptor
(which runs after my interceptor). The stacktrace is included below. From
the looks of the error it seems that the DocLiteralInInterceptor is still
getting the encrypted SOAP data even though I removed them from the SOAP
message. I compared the interceptor chains for CXF 2.2.2 and 2.2.9 and saw
that the SOAPHandlerInterceptor and LogicalHandlerInInterceptors are no
longer present. I suspect this may be the cause of my problems. Does anyone
have any ideas about how I can overcome this?
Aug 1, 2010 10:13:39 PM org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Interceptor for {
http://example.com/DummyCompany/F5/WS/Record/V1}RecordService#{http://example.com/DummyCompany/F5/WS/Record/V1}CreateRecordhas
thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Unexpected wrapper element {
http://www.w3.org/2001/04/xmlenc#}EncryptedData found. Expected {
http://example.com/DummyCompany/F5/WS/Record/V1}CreateRecord.
at
org.apache.cxf.interceptor.DocLiteralInInterceptor.handleMessage(DocLiteralInInterceptor.java:103)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243)
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:110)
at
org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:98)
at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:423)
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:178)
at
org.apache.cxf.transport.servlet.AbstractCXFServlet.invoke(AbstractCXFServlet.java:142)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:179)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:103)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:159)
at
weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at
weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183)
at
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3686)
at
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
at
weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at
weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
at
weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
at
weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Aug 1, 2010 10:13:39 PM
org.apache.cxf.interceptor.LoggingOutInterceptor$LoggingCallback onClose
