THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
When request or response attachment parts are about to be submitted to the Multipart serialization provider, JWS Multipart Output Filter (JwsMultipartClientRequestFilter and/or JwsMultipartContainerResponseFilter) initializes a JWSSignature object. Next every parts's output stream is replaced with the filtering output stream which updates the signature object on every write operation. Finally this multipart filter adds one more attachment part to the list of the attachments to be written - this part holds a reference to JWS Signature. When this last part is written, JWSSignature produces the signature bytes which are encoded using either JWS Compact or JWS JSON format, with the detached and unencoded content already being pushed to the output stream.
When the attachment parts are about to be read by the Multipart deserialization provider, their signature carried over in the last part will need to be verified. Just before the parts are about to be read in order to be made available to the application code, JWS Multipart Input Filter (JwsMultipartContainerRequestFilter and/or JwsMultipartClientResponseFilter) checks the last part and initializes a JWSVerificationSignature object. Next for every attachment but the last one it replaces the input stream with the filtering input stream which updates the signature verification object on every read operation. Once all the data have been read it compares the calculated signature with the received signature.
Note all of when the multipart attachments parts can be secured this way but by default, unless filters set a 'supportSinglePartOnly' property to 'false', the attachments with more than one data part will be rejected. This is done to avoid some possible security side-effects when the receiving side starts processing the parts as soon as they become available, before all of the multipart payload has been read.attachments are accessed by the receiving application code, the read process will fail to complete if the validation fails. For example, if the application code copies a given part's InputStream to the disk then this copy operation will fail.
However, if the receiver starts acting immediately on the attachment's InputStream, for example, the attachment data returned from the service to the client are streamed to a UI display which can activate a script then it is important that a 'bufferPayload' property is enabled on either JwsMultipartContainerRequestFilter or JwsMultipartClientResponseFilter. It will ensure that the data streams are validated first before the application gets an access to them.
Here is the example showing how a Book object (represented as an XML attachment on the wire) can be secured.
...