IMHO, we should generally decide whether a combination of CR+LF is valid for an incomming
message.
If it is valid (even for a normal incoming message) the stack should preserve it.
It can possibly be invalid for an incoming message that uses WS-Security, in which case we
should have a clear error message if possible.
If it is invalid, our stack should not produce it.
Generally, I believe we should be strict rather than lenient with respect to message
integrity. Axis opted to be lenient and tried to tolerate all sorts of inconsistencies -
AFAICS they ended up with an unmaintainable code base.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4132091#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...