Add method in Wss4jSecurityInterceptor to allow setting ADD_INCLUSIVE_PREFIXES. This configuration was added in WSS4J 2.0.0 and sets whether to add an InclusiveNamespaces PrefixList as a CanonicalizationMethod child when generating Signatures using WSConstants.C14N_EXCL_OMIT_COMMENTS.

rmagrin · rmagrin · commit 65dc74212fe2 · 2020-01-08T00:48:59.000-03:00
diff --git a/spring-ws-security/src/main/java/org/springframework/ws/soap/security/wss4j2/Wss4jSecurityInterceptor.java b/spring-ws-security/src/main/java/org/springframework/ws/soap/security/wss4j2/Wss4jSecurityInterceptor.java
@@ -141,6 +141,8 @@ public class Wss4jSecurityInterceptor extends AbstractWsSecurityInterceptor impl
 
 	private boolean bspCompliant;
 
+	private boolean addInclusivePrefixes;
+
 	private boolean securementUseDerivedKey;
 	
 	private CallbackHandler samlCallbackHandler;
@@ -503,7 +505,16 @@ public void setBspCompliant(boolean bspCompliant) {
 		this.handler.setOption(WSHandlerConstants.IS_BSP_COMPLIANT, bspCompliant);
 		this.bspCompliant = bspCompliant;
 	}
-	
+
+	/**
+	 * Sets whether to add an InclusiveNamespaces PrefixList as a CanonicalizationMethod child
+	 * when generating Signatures using WSConstants.C14N_EXCL_OMIT_COMMENTS. Default is {@code true}.
+	 */
+	public void setAddInclusivePrefixes(boolean addInclusivePrefixes) {
+		this.handler.setOption(WSHandlerConstants.ADD_INCLUSIVE_PREFIXES, addInclusivePrefixes);
+		this.addInclusivePrefixes = addInclusivePrefixes;
+	}
+
 	/**
 	 * Sets whether the RSA 1.5 key transport algorithm is allowed.
 	 */
@@ -643,6 +654,9 @@ protected RequestData initializeValidationRequestData(MessageContext messageCont
 		if (requestData.getBSPEnforcer() != null) {
 			requestData.getBSPEnforcer().setDisableBSPRules(!bspCompliant);
 		}
+
+		requestData.setAddInclusivePrefixes(addInclusivePrefixes);
+
 		// allow for qualified password types for .Net interoperability
 		requestData.setAllowNamespaceQualifiedPasswordTypes(true);
 
diff --git a/spring-ws-security/src/test/java/org/springframework/ws/soap/security/wss4j2/Wss4jMessageInterceptorUsernameTokenTestCase.java b/spring-ws-security/src/test/java/org/springframework/ws/soap/security/wss4j2/Wss4jMessageInterceptorUsernameTokenTestCase.java
@@ -147,6 +147,8 @@ protected Wss4jSecurityInterceptor prepareInterceptor(String actions, boolean va
 		interceptor.setValidationCallbackHandler(callbackHandler);
 		
 		interceptor.setBspCompliant(false);
+
+		interceptor.setAddInclusivePrefixes(false);
 		
 		interceptor.afterPropertiesSet();
 		return interceptor;
