I am trying to send an encrypted soap request with an MTOM attachment and want to ensure the attachment data is encrypted.
I have added an Outgoing WS-Security Configuration which uses a key from my keystore and have added a part 'Body' with the soap namespace to encrypt the soap:Body which works fine. I can see the soap:Body is encrypted when I check the Raw data sent.
As I am sending an MTOM attachment I have added a reference to this in the appropriate base64 element as shown in the example below. I have then added the attachment (myDocument.txt) via the attachments tab in my soap request window setting the ContentID to 'myDocument.txt'.
When I check the raw request data I can see the attachment has been added as MTOM as the Content-Type has been set to application/xop+xml and the request has two parts; one contains the soap message and another containing the attachment data. The problem I am having is only the first part i.e. the soap body is encrypted and the attachment data is unencrypted.
Is there a way to encrypt this MTOM attachment data in soapUI?