Open
Description
Paul Nyheim opened SWS-519 and commented
AbstractWsSecurityInterceptor should allow fault responses to be secured.
WCF clients seem to require that responses are secured - at least with Timestamp, so we had to subclass Wss4jSecurityInterceptor and override handleFault so that fault responses could be secured. I suggest that this is implemented in AbstractWsSecurityInterceptor in the same way that handleRequest is implemented, where a property, secureFault, will enable/disable this feature. And by setting it to false by default, backwards compatibility is ensured.
I'll upload a patch for this shortly.
Affects: 1.5.7
Attachments:
1 votes, 1 watchers