You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by de...@gmail.com on 2009/09/11 17:26:39 UTC
Disengagement of module which is not globally engaged removes
module's handlers from the global phase chain
Hi guys,
We have an Axis2 1.4.1 runtime, which has addressing and rampart modules
deployed. However, only addressing is engaged globally, Rampart is not.
We have two services, one is secured (has Rampart engaged), the other one is
not. When Rampart is engaged on the unsecured service and subsequently
disengaged, it happens that the Rampart handler is removed from the security
phase. This practically disables access to the other secured service, since
secured service requests are not handled by Rampart anymore (no handler in
security phase) and Axis2 throws a mustUnderstand check failed for the
security header.
We examined the module disengage logic, and it seems that the handler
removal takes place in AxisOperation#onDisengage(AxisModule module). The
code there would remove module's handlers from global chains if the module
is not engaged on service nor on gloabal level. What is the reason for this,
and what if the module is engaged on another service (as in our case)?
I'm not sure whether this is the reason for the problem, since this is
pretty old code and nobody else seem to complain about it, if the above
logic is valid could someone please explain the reason behind it?
Regards,
Detelin
Re: Disengagement of module which is not globally engaged removes
module's handlers from the global phase chain
Posted by Amila Suriarachchi <am...@gmail.com>.
On Fri, Sep 11, 2009 at 8:56 PM, <de...@gmail.com> wrote:
> Hi guys,
> We have an Axis2 1.4.1 runtime, which has addressing and rampart modules
> deployed. However, only addressing is engaged globally, Rampart is not.
>
> We have two services, one is secured (has Rampart engaged), the other one
> is not. When Rampart is engaged on the unsecured service and subsequently
> disengaged, it happens that the Rampart handler is removed from the security
> phase. This practically disables access to the other secured service, since
> secured service requests are not handled by Rampart anymore (no handler in
> security phase) and Axis2 throws a mustUnderstand check failed for the
> security header.
>
> We examined the module disengage logic, and it seems that the handler
> removal takes place in AxisOperation#onDisengage(AxisModule module). The
> code there would remove module's handlers from global chains if the module
> is not engaged on service nor on gloabal level. What is the reason for this,
> and what if the module is engaged on another service (as in our case)?
>
hi,
I think global handlers should not remove when disengaging because of the
above reason.
Global handlers any way get invoked for all messages and hence they must
check the service is engaged for that module or not if the module is not
supposed to invoke on all services. (eg. rampart). So this should not make
any problem.
thanks,
Amila.
>
> I'm not sure whether this is the reason for the problem, since this is
> pretty old code and nobody else seem to complain about it, if the above
> logic is valid could someone please explain the reason behind it?
>
> Regards,
> Detelin
>
--
Amila Suriarachchi
WSO2 Inc.
blog: http://amilachinthaka.blogspot.com/