Forum Discussion

jahmad's avatar
13 years ago

Encrypt MTOM attachment

Hi,

I am trying to send an encrypted soap request with an MTOM attachment and want to ensure the attachment data is encrypted.

I have added an Outgoing WS-Security Configuration which uses a key from my keystore and have added a part 'Body' with the soap namespace to encrypt the soap:Body which works fine. I can see the soap:Body is encrypted when I check the Raw data sent.

As I am sending an MTOM attachment I have added a reference to this in the appropriate base64 element as shown in the example below. I have then added the attachment (myDocument.txt) via the attachments tab in my soap request window setting the ContentID to 'myDocument.txt'.

<soap:Envelope>
<soap:Header>
</soap:Header>
<soap:Body>
<fcc:Document>
<fcc:DocumentObject>cid:myDocument.txt</fcc:DocumentObject>
</fcc:Document>
</soap:Body>
</soap:Envelope>

When I check the raw request data I can see the attachment has been added as MTOM as the Content-Type has been set to application/xop+xml and the request has two parts; one contains the soap message and another containing the attachment data. The problem I am having is only the first part i.e. the soap body is encrypted and the attachment data is unencrypted.

Is there a way to encrypt this MTOM attachment data in soapUI?

Thanks.