CXF is performing digest over decrypted body, but <sp:EncryptBeforeSigning> is defined in the WSDL policy
Issue
My WSDL has a security policy to sign and encrypt messages, and that includes the order defined by the policy <sp:EncryptBeforeSigning>
. Yet CXF is trying to validate the digest over the decrypted SOAP body:
org.apache.ws.security.WSSecurityException: The signature or decryption was invalid
What is going on here?
Environment
- Red Hat JBoss Enterprise Platform (EAP)
- 6.x
- JBossWS/CXF
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.