You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@synapse.apache.org by "indika priyantha kumara (JIRA)" <ji...@apache.org> on 2007/10/17 07:51:50 UTC
[jira] Commented: (SYNAPSE-151) Can't stop and return error for POX
request without using Makefault. But with Makefault, SOAP envelope is
returned to the client, and also headers - including Basic Authorization!
[ https://issues.apache.org/jira/browse/SYNAPSE-151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12535411 ]
indika priyantha kumara commented on SYNAPSE-151:
-------------------------------------------------
hi
MakeFault mediator is the built-in mediator that use to send SOPA faults . But If the client call to the synapse using POX then client should get a POX fault instead of SOAP fault even use makefault mediator .
I tried to reproduce your issue .For me ,synapse works fine.that means. If the client call to the synapse using POX then for faults , client receive the POX fault ...
my configuration
<definitions xmlns="http://ws.apache.org/ns/synapse">
<!-- filtering of messages with XPath and regex matches -->
<sequence name="myfault">
<makefault>
<code value="tns:Receiver" xmlns:tns="http://www.w3.org/2003/05/soap-envelope"/>
<reason value="MY FAULT !!"/>
</makefault>
<log level="custom">
<property name="text" value="**MY FAULT**"/>
</log>
<property name="RESPONSE" value="true"/>
<send/>
</sequence>
<in>
<filter source="get-property('To')" regex=".*/StockQuote.*">
<sequence name="basic" onError="myfault">
<send>
<endpoint>
<address uri="http://bogus:9000/soap/NonExistentStockQuoteService"
format="soap11"/>
</endpoint>
</send>
<drop/>
</sequence>
</filter>
</in>
<out>
<send/>
</out>
</definitions>
I used synapse sample client (and enable POX in the client side using -Drest=true )
ant stockquote -Dtrpurl=http://localhost:8080/soap/StockQuote -Drest=true
request payload
POST /soap/StockQuote HTTP/1.1
Content-Type: application/xml; charset=UTF-8
SOAPAction: urn:getQuote
User-Agent: Axis2
Host: 127.0.0.1:8081
Transfer-Encoding: chunked
75
<m0:getQuote xmlns:m0="http://services.samples/xsd">
<m0:request>
<m0:symbol>IBM</m0:symbol>
</m0:request></m0:getQuote>0
response payload
HTTP/1.1 500 Internal Server Error
Content-Type: application/xml; charset=UTF-8
Host: 127.0.0.1:8081
SOAPAction: urn:getQuote
Date: Wed, 17 Oct 2007 05:10:39 GMT
Server: Synapse-HttpComponents-NIO
Transfer-Encoding: chunked
Connection: Close
e0
<soapenv:Fault xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<faultcode xmlns:tns="http://www.w3.org/2003/05/soap-envelope">tns:Receiver</faultcode>
<faultstring>MY FAULT !!</faultstring>
<detail /></soapenv:Fault>0
payload is a POX payload and HTTP/1.1 500 Internal Server Error conformed that this error is a POX fault .
Also synapse does not remove SOAP headers by explicitly ...For remove any header ,it is need to use header mediator .
thanks
indika
> Can't stop and return error for POX request without using Makefault. But with Makefault, SOAP envelope is returned to the client, and also headers - including Basic Authorization!
> -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: SYNAPSE-151
> URL: https://issues.apache.org/jira/browse/SYNAPSE-151
> Project: Synapse
> Issue Type: Bug
> Affects Versions: 1.0
> Environment: JDK6 on RHEL3
> Reporter: Paul Anderson
> Priority: Minor
>
> I can't stop and return error for a POX request (here, on BASIC auth failure) without using Makefault (see config below).
> But with Makefault, the fault in its SOAP envelope is returned to the client, and also the http request headers - including Basic Authorization! Not very secure.
> As a workaround, I strip out the Authorization header manually.
> If there is no fault, no SOAP envelope is returned - just the POX payload. This is correct.
> <sequence name="myfault">
> <makefault>
> <code value="tns:Receiver" xmlns:tns="http://www.w3.org/2003/05/soap-envelope"/>
> <reason value="Authorization failed!"/>
> </makefault>
> <log level="full"/>
> <property name="RESPONSE" value="true" />
> <property name="Authorization" action="remove" scope="transport"/>
> <send/>
> </sequence>
> <filter source="get-property('To')" regex=".*/AService">
> <log level="full"/>
> <property name="SOAPAction" action="set" expression="'doIt'" scope="transport"/>
> <sequence name="basic" onError="myfault">
> <class name="de.subnatural.synapse.BasicAuthenticationMediator">
> <property name="reqUsername" value="***"/>
> <property name="reqPassword" value="***"/>
> </class>
> <send>
> <endpoint>
> <address uri="http://***" format="soap">
> </address>
> </endpoint>
> </send>
> </sequence>
> </filter>
> <out>
> <header name="wsse:Security" action="remove"
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" />
> <log level="full"/>
> <send/>
> </out>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: synapse-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: synapse-dev-help@ws.apache.org