You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Herwig David (JIRA)" <ji...@apache.org> on 2010/07/28 15:34:17 UTC
[jira] Created: (RAMPART-305) If Rampart throws an AxisFault
If Rampart throws an AxisFault
--------------------------------
Key: RAMPART-305
URL: https://issues.apache.org/jira/browse/RAMPART-305
Project: Rampart
Issue Type: Bug
Components: rampart-core
Affects Versions: 1.4
Environment: Axis2-1.5..1 is installed as web app under Tomcat 5.5.28 and uses Rampart 1.4.
Running on Windows XP
Reporter: Herwig David
Assignee: Ruchith Udayanga Fernando
If I call a web service with wrong security data rampart correctly detects that 'The signature or decryption was invalid'.
Unfortunately I get a NullPointerException when returning afterwards.
Is there a way to to just send the SOAP fault back to the client instead of sending a HTML page?
is this related to issue RAMPART-164?
I've attached the log file, the wsdl file and messages send between client and server.
Thanks and regards,
Herwig
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-305) If Rampart throws an AxisFault
Posted by "Herwig David (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-305?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Herwig David updated RAMPART-305:
---------------------------------
Attachment: axis2.log
request.txt
response.txt
axis2.log , request and response
> If Rampart throws an AxisFault
> --------------------------------
>
> Key: RAMPART-305
> URL: https://issues.apache.org/jira/browse/RAMPART-305
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.4
> Environment: Axis2-1.5..1 is installed as web app under Tomcat 5.5.28 and uses Rampart 1.4.
> Running on Windows XP
> Reporter: Herwig David
> Assignee: Ruchith Udayanga Fernando
> Attachments: axis2.log, request.txt, response.txt
>
>
> If I call a web service with wrong security data rampart correctly detects that 'The signature or decryption was invalid'.
> Unfortunately I get a NullPointerException when returning afterwards.
> Is there a way to to just send the SOAP fault back to the client instead of sending a HTML page?
> is this related to issue RAMPART-164?
> I've attached the log file, the wsdl file and messages send between client and server.
> Thanks and regards,
> Herwig
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-305) If Rampart detects a security error a
HTML page is send to the client instead of a SOAP fault
Posted by "Herwig David (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-305?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Herwig David updated RAMPART-305:
---------------------------------
Summary: If Rampart detects a security error a HTML page is send to the client instead of a SOAP fault (was: If Rampart throws an AxisFault )
Description:
If I call a web service with wrong security data rampart correctly detects that 'The signature or decryption was invalid'. That's fine.
Unfortunately I get a NullPointerException when returning to the client afterwards.
Is there a way to just send the SOAP fault back to the client instead of sending a HTML page?
Is this related to issue RAMPART-164?
I've attached the log file, the wsdl file and messages send between client and server.
Thanks and regards,
Herwig
was:
If I call a web service with wrong security data rampart correctly detects that 'The signature or decryption was invalid'.
Unfortunately I get a NullPointerException when returning afterwards.
Is there a way to to just send the SOAP fault back to the client instead of sending a HTML page?
is this related to issue RAMPART-164?
I've attached the log file, the wsdl file and messages send between client and server.
Thanks and regards,
Herwig
> If Rampart detects a security error a HTML page is send to the client instead of a SOAP fault
> ---------------------------------------------------------------------------------------------
>
> Key: RAMPART-305
> URL: https://issues.apache.org/jira/browse/RAMPART-305
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.4
> Environment: Axis2-1.5..1 is installed as web app under Tomcat 5.5.28 and uses Rampart 1.4.
> Running on Windows XP
> Reporter: Herwig David
> Assignee: Ruchith Udayanga Fernando
> Attachments: axis2.log, request.txt, response.txt, WS7X4AssortmentOrder.wsdl
>
>
> If I call a web service with wrong security data rampart correctly detects that 'The signature or decryption was invalid'. That's fine.
> Unfortunately I get a NullPointerException when returning to the client afterwards.
> Is there a way to just send the SOAP fault back to the client instead of sending a HTML page?
> Is this related to issue RAMPART-164?
> I've attached the log file, the wsdl file and messages send between client and server.
> Thanks and regards,
> Herwig
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (RAMPART-305) If Rampart detects a security error
a HTML page is send to the client instead of a SOAP fault
Posted by "Herwig David (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-305?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12893546#action_12893546 ]
Herwig David commented on RAMPART-305:
--------------------------------------
Hi Thilina,
I have tried to add the PolicyReference to the <binding> section in the wsdl file.
1) <wsp:PolicyReference URI="#AsymmetricBindingPolicy"/>
------------------------------------------------------------------------------------
This leads to the following RuntimeException in the Web Service:
2010-07-29 10:01:54,138 [http-8080-Processor24] ERROR org.apache.axis2.transport.http.AxisServlet - Malformed uri: AsymmetricBindingPolicy
java.lang.RuntimeException: Malformed uri: AsymmetricBindingPolicy
at org.apache.neethi.PolicyReference.getRemoteReferedElement(PolicyReference.java:162)
at org.apache.neethi.PolicyReference.getRemoteReferencedPolicy(PolicyReference.java:176)
at org.apache.neethi.PolicyReference.normalize(PolicyReference.java:112)
at org.apache.axis2.util.PolicyUtil.getMergedPolicy(PolicyUtil.java:290)
at org.apache.axis2.description.AxisBindingMessage.calculateEffectivePolicy(AxisBindingMessage.java:290)
at org.apache.axis2.description.AxisBindingMessage.getEffectivePolicy(AxisBindingMessage.java:223)
at org.apache.axis2.context.MessageContext.getEffectivePolicy(MessageContext.java:1585)
at org.apache.rampart.RampartMessageData.<init>(RampartMessageData.java:202)
2) <wsp:PolicyReference URI="http://edv156-wskome.medical-intern.com/policies/P1"/>
------------------------------------------------------------------------------------------------------
This leads to a NullPointerException in the Web Client when calling the Web Service:
java.lang.NullPointerException
at org.apache.rampart.builder.BindingBuilder.getSignatureBuider(BindingBuilder.java:248)
at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:626)
at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:413)
at org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:93)
at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147)
at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64)
at org.apache.axis2.engine.Phase.invoke(Phase.java:318)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:251)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:416)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at com.kohlpharma.ws7x4.WS7X4AssortmentOrderStub.getList(WS7X4AssortmentOrderStub.java:193)
at client.TestClient.doRequest(TestClient.java:152)
Thanks and regards,
Herwig
> If Rampart detects a security error a HTML page is send to the client instead of a SOAP fault
> ---------------------------------------------------------------------------------------------
>
> Key: RAMPART-305
> URL: https://issues.apache.org/jira/browse/RAMPART-305
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.4
> Environment: Axis2-1.5..1 is installed as web app under Tomcat 5.5.28 and uses Rampart 1.4.
> Running on Windows XP
> Reporter: Herwig David
> Assignee: Ruchith Udayanga Fernando
> Attachments: axis2.log, request.txt, response.txt, services.xml, WS7X4AssortmentOrder.wsdl
>
>
> If I call a web service with wrong security data rampart correctly detects that 'The signature or decryption was invalid'. That's fine.
> Unfortunately I get a NullPointerException when returning to the client afterwards.
> Is there a way to just send the SOAP fault back to the client instead of sending a HTML page?
> Is this related to issue RAMPART-164?
> I've attached the log file, the wsdl file and messages send between client and server.
> Thanks and regards,
> Herwig
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (RAMPART-305) If Rampart detects a security error
a HTML page is send to the client instead of a SOAP fault
Posted by "Herwig David (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-305?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12893549#action_12893549 ]
Herwig David commented on RAMPART-305:
--------------------------------------
Hi Thilina,
In a further try I have tried to load the policy from an external link:
3) <wsp:PolicyReference URI="http://edv156-wskome.medical-intern.com:8080/7X4WebServices/AsymmetricBindingPolicy.xml"/>
With method 'getRemoteRefrencedPolicy(key)' the policy is found and loaded.
In method 'normalize' the call of reg.register(key, policy) leads to an 'UnsupportedOperationException'.
PolicyReference: line 118
-----------------------------------
public PolicyComponent normalize(PolicyRegistry reg, boolean deep) {
String key = getURI();
int pos = key.indexOf("#");
if (pos == 0) {
key = key.substring(1);
}else if(pos > 0){
key = key.substring(0, pos);
}
Policy policy = reg.lookup(key);
if (policy == null) {
policy = getRemoteReferencedPolicy(key);
if(policy == null){
throw new RuntimeException(key + " can't be resolved" );
}
reg.register(key, policy);
}
return policy.normalize(reg, deep);
}
PolicyLocator: line 76
------------------------------
public void register(String identifier, Policy policy) {
throw new UnsupportedOperationException();
}
Thanks and regards,
Herwig
> If Rampart detects a security error a HTML page is send to the client instead of a SOAP fault
> ---------------------------------------------------------------------------------------------
>
> Key: RAMPART-305
> URL: https://issues.apache.org/jira/browse/RAMPART-305
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.4
> Environment: Axis2-1.5..1 is installed as web app under Tomcat 5.5.28 and uses Rampart 1.4.
> Running on Windows XP
> Reporter: Herwig David
> Assignee: Ruchith Udayanga Fernando
> Attachments: axis2.log, request.txt, response.txt, services.xml, WS7X4AssortmentOrder.wsdl
>
>
> If I call a web service with wrong security data rampart correctly detects that 'The signature or decryption was invalid'. That's fine.
> Unfortunately I get a NullPointerException when returning to the client afterwards.
> Is there a way to just send the SOAP fault back to the client instead of sending a HTML page?
> Is this related to issue RAMPART-164?
> I've attached the log file, the wsdl file and messages send between client and server.
> Thanks and regards,
> Herwig
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (RAMPART-305) If Rampart detects a security error
a HTML page is send to the client instead of a SOAP fault
Posted by "Herwig David (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-305?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12893983#action_12893983 ]
Herwig David commented on RAMPART-305:
--------------------------------------
Hi Thilina,
In org.apache.axis2.util.MessageContextBuilder I've changed the method createFaultMessageContext in the way that also the axisService is copied from processingContext to faultContext.
After that change the rampart configuration was recognized correctly and the described runtime error in the fault case was solved. See change below.
Do you see a problem to copy the AxisService to the faultContext ?
Regards,
Herwig
-------------------------------------------------
/**
* This method is called to handle any error that occurs at inflow or outflow. But if the
* method is called twice, it implies that sending the error handling has failed, in which case
* the method logs the error and exits.
*/
public static MessageContext createFaultMessageContext(MessageContext processingContext,
Throwable e)
throws AxisFault {
if (processingContext.isProcessingFault()) {
// We get the error file processing the fault. nothing we can do
throw new AxisFault(Messages.getMessage("errorwhileProcessingFault"));
}
// See if the throwable is an AxisFault and if it already contains the
// fault MessageContext
if (e instanceof AxisFault) {
MessageContext faultMessageContext = ((AxisFault) e).getFaultMessageContext();
if (faultMessageContext != null) {
// These may not have been set correctly when the original context
// was created -- an example of this is with the SimpleHTTPServer.
// I'm not sure if this is the correct thing to do, or if the
// code that created this context in the first place should
// expect that the transport out info was set correctly, as
// it may need to use that info at some point before we get to
// this code.
faultMessageContext.setProperty(MessageContext.TRANSPORT_OUT,
processingContext.getProperty(
MessageContext.TRANSPORT_OUT));
faultMessageContext.setProperty(Constants.OUT_TRANSPORT_INFO,
processingContext.getProperty(
Constants.OUT_TRANSPORT_INFO));
faultMessageContext.setProcessingFault(true);
return faultMessageContext;
}
}
// Create a basic response MessageContext with basic fields copied
MessageContext faultContext = createResponseMessageContext(processingContext);
// Register the fault message context
OperationContext operationContext = processingContext.getOperationContext();
if (operationContext != null) {
processingContext.getAxisOperation().addFaultMessageContext(faultContext,
operationContext);
}
/* INSERT Herwig BEGIN */
AxisService axisService = processingContext.getAxisService();
if (axisService != null) {
faultContext.setAxisService(axisService);
}
/* INSERT Herwig END */
faultContext.setProcessingFault(true);
> If Rampart detects a security error a HTML page is send to the client instead of a SOAP fault
> ---------------------------------------------------------------------------------------------
>
> Key: RAMPART-305
> URL: https://issues.apache.org/jira/browse/RAMPART-305
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.4
> Environment: Axis2-1.5..1 is installed as web app under Tomcat 5.5.28 and uses Rampart 1.4.
> Running on Windows XP
> Reporter: Herwig David
> Assignee: Ruchith Udayanga Fernando
> Attachments: axis2.log, request.txt, response.txt, services.xml, WS7X4AssortmentOrder.wsdl
>
>
> If I call a web service with wrong security data rampart correctly detects that 'The signature or decryption was invalid'. That's fine.
> Unfortunately I get a NullPointerException when returning to the client afterwards.
> Is there a way to just send the SOAP fault back to the client instead of sending a HTML page?
> Is this related to issue RAMPART-164?
> I've attached the log file, the wsdl file and messages send between client and server.
> Thanks and regards,
> Herwig
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-305) If Rampart detects a security error a
HTML page is send to the client instead of a SOAP fault
Posted by "Herwig David (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-305?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Herwig David updated RAMPART-305:
---------------------------------
Attachment: services.xml
Hi Thilina,
Yes, in a positive scenario it works perfectly.
The policy is also included in the services.xml file.
I've attached that too.
Thanks and regards,
Herwig
> If Rampart detects a security error a HTML page is send to the client instead of a SOAP fault
> ---------------------------------------------------------------------------------------------
>
> Key: RAMPART-305
> URL: https://issues.apache.org/jira/browse/RAMPART-305
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.4
> Environment: Axis2-1.5..1 is installed as web app under Tomcat 5.5.28 and uses Rampart 1.4.
> Running on Windows XP
> Reporter: Herwig David
> Assignee: Ruchith Udayanga Fernando
> Attachments: axis2.log, request.txt, response.txt, services.xml, WS7X4AssortmentOrder.wsdl
>
>
> If I call a web service with wrong security data rampart correctly detects that 'The signature or decryption was invalid'. That's fine.
> Unfortunately I get a NullPointerException when returning to the client afterwards.
> Is there a way to just send the SOAP fault back to the client instead of sending a HTML page?
> Is this related to issue RAMPART-164?
> I've attached the log file, the wsdl file and messages send between client and server.
> Thanks and regards,
> Herwig
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (RAMPART-305) If Rampart detects a security error
a HTML page is send to the client instead of a SOAP fault
Posted by "Thilina Buddhika (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-305?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12893499#action_12893499 ]
Thilina Buddhika commented on RAMPART-305:
------------------------------------------
Hi Herwig,
Were you able to get this setup working for positive scenarios, i.e. sending the requests with correct security headers?
I had a look at the stack trace. One possible reason for this behavior is that the policy at the service's end is not applied properly. Then I had a look at the WSDL, and it looks like the policy is not attached to any of the policy attachment points.
Thanks,
Thilina
> If Rampart detects a security error a HTML page is send to the client instead of a SOAP fault
> ---------------------------------------------------------------------------------------------
>
> Key: RAMPART-305
> URL: https://issues.apache.org/jira/browse/RAMPART-305
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.4
> Environment: Axis2-1.5..1 is installed as web app under Tomcat 5.5.28 and uses Rampart 1.4.
> Running on Windows XP
> Reporter: Herwig David
> Assignee: Ruchith Udayanga Fernando
> Attachments: axis2.log, request.txt, response.txt, WS7X4AssortmentOrder.wsdl
>
>
> If I call a web service with wrong security data rampart correctly detects that 'The signature or decryption was invalid'. That's fine.
> Unfortunately I get a NullPointerException when returning to the client afterwards.
> Is there a way to just send the SOAP fault back to the client instead of sending a HTML page?
> Is this related to issue RAMPART-164?
> I've attached the log file, the wsdl file and messages send between client and server.
> Thanks and regards,
> Herwig
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-305) If Rampart throws an AxisFault
Posted by "Herwig David (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-305?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Herwig David updated RAMPART-305:
---------------------------------
Attachment: WS7X4AssortmentOrder.wsdl
wsdl file
> If Rampart throws an AxisFault
> --------------------------------
>
> Key: RAMPART-305
> URL: https://issues.apache.org/jira/browse/RAMPART-305
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.4
> Environment: Axis2-1.5..1 is installed as web app under Tomcat 5.5.28 and uses Rampart 1.4.
> Running on Windows XP
> Reporter: Herwig David
> Assignee: Ruchith Udayanga Fernando
> Attachments: axis2.log, request.txt, response.txt, WS7X4AssortmentOrder.wsdl
>
>
> If I call a web service with wrong security data rampart correctly detects that 'The signature or decryption was invalid'.
> Unfortunately I get a NullPointerException when returning afterwards.
> Is there a way to to just send the SOAP fault back to the client instead of sending a HTML page?
> is this related to issue RAMPART-164?
> I've attached the log file, the wsdl file and messages send between client and server.
> Thanks and regards,
> Herwig
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.