Two Laptop Bag*
The moose likes Web Services and the fly likes Problem with MTOM attachment in secured WS Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "Problem with MTOM attachment in secured WS" Watch "Problem with MTOM attachment in secured WS" New topic

Problem with MTOM attachment in secured WS

Grzegorz Swatowski

Joined: Aug 13, 2012
Posts: 1
Short story:
I've got a problem with calling secured WS when attachment is in MTOM mode. Digest of request and one calculated on server side don't match.
I use soapUI 4.5.1. Digest alghorithm is default (although I tried all of them).

Long story:
Enviroment description:
WS (Axis2 1.6.2) secured with Rampart allowed to recieve MTOM attachements.
SoapUI request settings:
Enable MTOM: true
Force MTOM: true
Pretty print: false
Strip whitespaces:true

SoapUI Outgoing WS-Security Configuration:
Timestamp+Signature (in that order)

Key Identifier Type: Binary Security Token
SA, SC and DA - default
Use single certificate: checked
Parts are empty

I have followed instructions from this topic ( but with no positive result.

Any idea why?

Best regards.


Manuel Hartl

Joined: Jan 08, 2013
Posts: 1
Did you solve the problem? i have a problem with soapUI 4.5.1 using a mockedService that has to support MTOM and ws security.
also the latest snapshot (January 2013) does not work.

a non MTOM message works, with MTOM:
Tue Jan 08 12:21:35 CET 2013:ERROR:An error occured [Missing operation for soapAction [...] and body element [{...}EncryptedData] with SOAP Version [SOAP 1.1]], see error log for details

the error log only shows details..

subject: Problem with MTOM attachment in secured WS
Similar Threads
SOAP Header missing using (Hash values do not match ) Rampart/Axis2
Add SAML Sender-vouches assertion to SOAP Header on WebService(WebSphere)
Axis 2 & Rampart - Only apply security to outbound requests.
Help with SAML Sender vouches with a JAXWS Web Service and IBM Websphere please
Axis 2 & Rampart - Missing Security Header