[
https://issues.jboss.org/browse/JBESB-3946?page=com.atlassian.jira.plugin...
]
RH Bugzilla Integration commented on JBESB-3946:
------------------------------------------------
Rick Wagner <rwagner(a)redhat.com> made a comment on [bug
991136|https://bugzilla.redhat.com/show_bug.cgi?id=991136]
Closing this BZ, we can fix 5.3.1 with the next Roll up via BZ991461.
SOA-P 5.3.1 needs to support SOAP 1.2 Authentication
----------------------------------------------------
Key: JBESB-3946
URL:
https://issues.jboss.org/browse/JBESB-3946
Project: JBoss ESB
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Web Services
Affects Versions: 4.11
Reporter: Tom Cunningham
Fix For: 4.11 CP3
From case :
We want to use SOAP 1.2 with JBoss ESB, but some of the classes are not compatible
implemented.
In "SoapExtractionUtil" hard coded QNames are used!
Code snippet:
public static boolean isStartOfHeader(final XMLEvent event)
{
return event.isStartElement() &&
((StartElement)event).getName().equals(SOAP_HEADER_QNAME);
}
When this is used by the "UsernameTokenExtractor", in the method
"extractSecurityInfo" and the security is no longer useable when using SOAP
1.2!!!
Code snippet:
public AuthenticationRequest extractSecurityInfo(final String soap)
throws ExtractionException {
if (soap == null || !soap.startsWith("<"))
return null;
XMLEventReader xmlReader = null;
User user = null;
Set<Object> credentials = new HashSet<Object>();
try {
xmlReader = XML_INPUT_FACTORY
.createXMLEventReader(new StringReader(soap));
while (xmlReader.hasNext()) {
XMLEvent xmlEvent = xmlReader.nextEvent();
if (isStartOfHeader(xmlEvent)) {
We need to support "SOAP 1.2" to communicate with customers.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:
http://www.atlassian.com/software/jira