Add support for providing an AttachmentCallbackHandler to WSS4J RequestData

[elfogre]

Hello Spring-ws comunity,

I'm using spring-ws to develope an AS4 server. Everything works correct (SAAJ + Wss4j2) except when I want to sign/encrypt Soap attachments in a request. When I try it, I get an error:

Caused by: org.apache.wss4j.common.ext.WSSecurityException: Error during Signature: 
	at org.apache.wss4j.dom.action.SignatureAction.execute(SignatureAction.java:162)
	at org.apache.wss4j.dom.handler.WSHandler.doSenderAction(WSHandler.java:234)
	at org.springframework.ws.soap.security.wss4j2.Wss4jHandler.doSenderAction(Wss4jHandler.java:63)
	at org.springframework.ws.soap.security.wss4j2.Wss4jSecurityInterceptor.secureMessage(Wss4jSecurityInterceptor.java:563)
	... 32 common frames omitted
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Cannot setup signature data structure
	at org.apache.wss4j.dom.message.WSSecSignatureBase.addReferencesToSign(WSSecSignatureBase.java:208)
	at org.apache.wss4j.dom.message.WSSecSignature.addReferencesToSign(WSSecSignature.java:412)
	at org.apache.wss4j.dom.action.SignatureAction.execute(SignatureAction.java:147)
	... 35 common frames omitted
Caused by: org.apache.wss4j.common.ext.WSSecurityException: no attachment callbackhandler supplied
	at org.apache.wss4j.dom.message.WSSecSignatureBase.addAttachmentReferences(WSSecSignatureBase.java:228)
	at org.apache.wss4j.dom.message.WSSecSignatureBase.addReferencesToSign(WSSecSignatureBase.java:111)
	... 37 common frames omitted

Wss4j2 needs an attachmentCallbackHandler to work, but it can't be set it via Wss4jSecurityInterceptor. I've add a new field, it's setter and I add a line in initializeRequestData method to set it in the request. After this I could sign without problems attachments in SOAP.

A SAAJ attachmentCallbackHandler implementation with its test is also included in the pull request.

[pivotal-issuemaster]

@elfogre Please sign the Contributor License Agreement!

Click here to manually synchronize the status of this Pull Request.

See the FAQ for frequently asked questions.

[pivotal-issuemaster]

@elfogre Thank you for signing the Contributor License Agreement!

[veithen]

Shouldn't this use the MimeMessage API so that it works with both SAAJ and Axiom?

[elfogre]

My first approach was with org.springframework.ws.mime.Attachment instead of SAAJ dependant AttachmentPart . However there is a design problem with org.springframework.ws.mime.Attachment that requires a big change. I'll try to explain:

• Attachment interface declare getters for attachment contentId, contentType and InputStream for the content itself, but it lacks for a getter for mimeHeaders (like Content-Transfer-Encoding or Content-Location).

• Axiom implementation of attachment (org.springframework.ws.soap.axiom.AxiomAttachment) stores all its data in a String for contentId and a DataHandler for contentType and content itself. There is no space for mime headers.

• Saaj implementation (org.springframework.ws.soap.saaj.SaajAttachment) stores its data in a javax.xml.soap.AttachmentPart that have accessors for mime Headers.

As I need all attachment mime-headers to be correctly processed in the attachmentCallbackHandler, I can't use Axiom and I have to access javax.xml.soap.AttachmentPart in SAAJ implementation. This is the reason why this callback is only for SAAJ.

If we write accesors for mime-header in Attachment interface and in saaj and axiom attachment implementations, we can easily change this CallbackHandler to use SoapMessage API.

I can write that code if you think it's useful

[snicoll]

Thanks for the PR and I apologize for taking this long to review it. We'll add the setter. As for the implementation, I'd rather keep it on your side for now. We can revisit this based on interest from the community.