Default WSSecurity configurations should support both SOAP protocol versions
----------------------------------------------------------------------------
Key: JBWS-3040
URL:
https://jira.jboss.org/browse/JBWS-3040
Project: JBoss Web Services
Issue Type: Feature Request
Security Level: Public (Everyone can see)
Components: jbossws-native
Reporter: Richard Opalka
Assignee: Richard Opalka
Fix For: jbossws-native-3.3.0
Hi,
I'm using JBossWS 3.1.1.GA, and I've discovered a possible problem when mixing the
support for WS-Policy, WS-Security and a web service with SOAP1.2 binding.
The problem is that by default, if no specific client configuration is provided, the
client wsdl parser will parse the provided policy, detect that WS-Security is required and
load the "Standard WSSecurity Client" configuration from the embedded
standard-jaxws-client-confix.xml, which correcly adds the WS-Security handler, but only
for the SOAP11 binding. As the web services requires SOAP12, the client will send the
message using this protocol, the handler will not be activated, and of course the message
will be rejected.
There a two fixes: first provide a custom client configuration that adds the WS-Security
handler for both protocols bindings (which is what I've done), second modify the
standard configuration provided with the bundled library to activate the handler for both
protocols. I not sure if later versions have already fixed this problems but, if not,
would it possible to include this change in the standard config?
All the best,
Riccardo.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira