You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Dobri Kitipov (JIRA)" <ji...@apache.org> on 2009/01/20 13:58:59 UTC
[jira] Created: (RAMPART-211) Rampart and SOAP Fault specification
issue
Rampart and SOAP Fault specification issue
------------------------------------------
Key: RAMPART-211
URL: https://issues.apache.org/jira/browse/RAMPART-211
Project: Rampart
Issue Type: Bug
Components: rampart-core
Reporter: Dobri Kitipov
Assignee: Ruchith Udayanga Fernando
Hi everybody,
I have done a test with asymmetric binding where the service jks was missing from the AAR deployed at server side. As a result an Exception is throw that in turn is send back to client as a SOAP Fault. This is a correct behavior. The problem is that <soapenv:Code> has the following value:
<soapenv:Value>axis2ns2:Sender</soapenv:Value>
I have searched the Rampart JIRA and found the following related JIRA: https://issues.apache.org/jira/browse/RAMPART-166
I checked the WSS 1.1 spec, too, but there is something that is not correct I think.
IMHO, in the above mentioned scenario, we should have "axis2ns2:Receiver" as Value, because it is the Server side that is not set correct (the AAR is missing the needed server side jks)? Currently the Value is hardcoded into RampartReceiver method to "axis2ns2:Sender":
private void setFaultCodeAndThrowAxisFault(MessageContext msgContext,
Exception e) throws AxisFault {
msgContext.setProperty(RampartConstants.SEC_FAULT, Boolean.TRUE);
String soapVersionURI =
msgContext.getEnvelope().getNamespace().getNamespaceURI();
QName invalidSecurity = new
QName(WSConstants.INVALID_SECURITY.getNamespaceURI(),WSConstants.INVALID_SECURITY.getLocalPart(),"wsse");
if
(soapVersionURI.equals(SOAP11Constants.SOAP_ENVELOPE_NAMESPACE_URI) ) {
throw new AxisFault(invalidSecurity,e.getMessage(),e);
} else if
(soapVersionURI.equals(SOAP12Constants.SOAP_ENVELOPE_NAMESPACE_URI))
{
List subfaultCodes = new ArrayList();
subfaultCodes.add(invalidSecurity);
throw new
AxisFault(Constants.FAULT_SOAP12_SENDER,subfaultCodes,e.getMessage(),e);
}
}
The line of code we are interested in is the last one :
throw new AxisFault(Constants.FAULT_SOAP12_SENDER,subfaultCodes,e.getMessage(),e);
where the Constants.FAULT_SOAP12_SENDER is hardcoded into the thrown AxisFault. I think that a flag should be set into the RampartException/MessageCtx so it is possible to check if the problem was caused by a Sender or a Receiver.
Regards,
Dobri
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.