You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by "S.Uthaiyashankar (JIRA)" <ji...@apache.org> on 2010/12/22 14:57:01 UTC
[jira] Updated: (RAMPART-197) Rampart handler not processing empty
security header with mustUnderstand="1"
[ https://issues.apache.org/jira/browse/RAMPART-197?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
S.Uthaiyashankar updated RAMPART-197:
-------------------------------------
Fix Version/s: (was: 1.5.1)
> Rampart handler not processing empty security header with mustUnderstand="1"
> ----------------------------------------------------------------------------
>
> Key: RAMPART-197
> URL: https://issues.apache.org/jira/browse/RAMPART-197
> Project: Rampart
> Issue Type: Improvement
> Affects Versions: 1.4
> Environment: Oracle application server 10.1.3, embedded OC4J in JDeveloper & Eclipse used for testing.
> Reporter: Taariq Levack
> Assignee: Nandana Mihindukulasooriya
>
> The application server returns a response that contains an empty security header and this is not processed by the Rampart handler and a fault is generated.
> As per Nandana the solution is to flag the empty header as processed when it expects nothing in the security header, for interoperability.
> This is the request header, simple username token....
> <soapenv:Header>
> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
> <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-3201085">
> <wsse:Username>USERNAME</wsse:Username>
> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">PASSWORD</wsse:Password>
> </wsse:UsernameToken>
> </wsse:Security>
> </soapenv:Header>
> And this is the response header
> <env:Header>
> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" env:mustUnderstand="1"/>
> </env:Header>
> Exception in thread "main" org.apache.axis2.AxisFault: Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd : Security
> at org.apache.axis2.engine.AxisEngine.checkMustUnderstand(AxisEngine.java:102)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:166)
> at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:363)
> at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
> at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
> at org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
> at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:548)
> at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:528)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org