You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@servicemix.apache.org by "Joe Luo (JIRA)" <ji...@apache.org> on 2010/01/22 19:59:44 UTC

[jira] Updated: (SMXCOMP-703) Servicemix CXF-BC component JbiJAASInterceptor should catch UndeclaredThrowableException

     [ https://issues.apache.org/activemq/browse/SMXCOMP-703?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Joe Luo updated SMXCOMP-703:
----------------------------

    Attachment: smx-cxf-bc-patch.patch

> Servicemix CXF-BC component JbiJAASInterceptor should catch UndeclaredThrowableException
> ----------------------------------------------------------------------------------------
>
>                 Key: SMXCOMP-703
>                 URL: https://issues.apache.org/activemq/browse/SMXCOMP-703
>             Project: ServiceMix Components
>          Issue Type: Improvement
>          Components: servicemix-cxf-bc
>    Affects Versions: servicemix-cxf-bc-2009.02
>            Reporter: Joe Luo
>         Attachments: smx-cxf-bc-patch.patch
>
>
> The ServiceMix CXF-BC component JbiJAASInterceptor calls authenticate() function on JAASAuthenticationService to authenticate user:
> {code}
> for (Iterator it = hr.getResults().iterator(); it.hasNext();) {
>     WSSecurityEngineResult er = (WSSecurityEngineResult) it.next();
>     if (er != null && er.getPrincipal() instanceof WSUsernameTokenPrincipal) {
>         WSUsernameTokenPrincipal p = (WSUsernameTokenPrincipal)er.getPrincipal();
>         subject.getPrincipals().add(p);
>         this.authenticationService.authenticate(subject, domain, p.getName(), p.getPassword());
>         authenticated = true;
>     }
> }
> {code}
> The function "authenticate(...)" might throw a FailedLoginException if a wrong password is supplied. Because the CXF-BC uses an invocation handler to invoke the method on a proxy instance, an UndeclaredThrowableException will be thrown instead and wraped with the FailedLoginException. Currently we do not catch the UndeclaredThrowableException and it caused the message of real exception to be lost. Instead, a very generic message like "Fault occurred while processing." is always thrown. It is definitely is not intuitive for the client side to find out what is wrong on server side.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.