Author: coheigea
Date: Fri Oct 2 19:16:41 2015
New Revision: 1706470
URL: http://svn.apache.org/viewvc?rev=1706470&view=rev
Log:
[WSS-557] - Using MTOM and WS-Security leads to "Attachment not found". Thanks
to Ronny Fraunhofer for the patch.
Modified:
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
Modified:
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java?rev=1706470&r1=1706469&r2=1706470&view=diff
==============================================================================
---
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
(original)
+++
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
Fri Oct 2 19:16:41 2015
@@ -49,6 +49,8 @@ import org.w3c.dom.Text;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
@@ -576,7 +578,15 @@ public final class WSSecurityUtil {
throw new
WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK);
}
- final String attachmentId = xopUri.substring("cid:".length());
+ String attachmentId = null;
+ try {
+ attachmentId =
URLDecoder.decode(xopUri.substring("cid:".length()), "UTF-8");
+ } catch (UnsupportedEncodingException e) {
+ throw new WSSecurityException(
+ WSSecurityException.ErrorCode.INVALID_SECURITY,
+ "empty", new Object[] {"Attachment ID cannot be decoded: " +
xopUri}
+ );
+ }
AttachmentRequestCallback attachmentRequestCallback = new
AttachmentRequestCallback();
attachmentRequestCallback.setAttachmentId(attachmentId);
