You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Dobri Kitipov (JIRA)" <ji...@apache.org> on 2009/01/20 13:58:59 UTC

[jira] Created: (RAMPART-211) Rampart and SOAP Fault specification issue

Rampart and SOAP Fault specification issue
------------------------------------------

                 Key: RAMPART-211
                 URL: https://issues.apache.org/jira/browse/RAMPART-211
             Project: Rampart
          Issue Type: Bug
          Components: rampart-core
            Reporter: Dobri Kitipov
            Assignee: Ruchith Udayanga Fernando


Hi everybody,

I have done a test with asymmetric binding where the service jks was missing from the AAR deployed at server side. As a result an Exception is throw that in turn is send back to client as a SOAP  Fault.  This is a correct behavior. The problem is that  <soapenv:Code> has the following value:

                <soapenv:Value>axis2ns2:Sender</soapenv:Value>

I have searched the Rampart JIRA and found the following related JIRA: https://issues.apache.org/jira/browse/RAMPART-166
I checked the WSS 1.1 spec, too, but there is something that is not correct I think.

IMHO, in the above mentioned scenario, we should have "axis2ns2:Receiver" as Value, because it is the Server side that is not set correct (the AAR is missing the needed server side jks)? Currently the Value is hardcoded into RampartReceiver method to "axis2ns2:Sender":

    private void setFaultCodeAndThrowAxisFault(MessageContext msgContext,
Exception e) throws AxisFault {

        msgContext.setProperty(RampartConstants.SEC_FAULT, Boolean.TRUE);

        String soapVersionURI =
msgContext.getEnvelope().getNamespace().getNamespaceURI();
        QName invalidSecurity = new
QName(WSConstants.INVALID_SECURITY.getNamespaceURI(),WSConstants.INVALID_SECURITY.getLocalPart(),"wsse");

        if
(soapVersionURI.equals(SOAP11Constants.SOAP_ENVELOPE_NAMESPACE_URI) ) {

            throw new AxisFault(invalidSecurity,e.getMessage(),e);

        } else if
(soapVersionURI.equals(SOAP12Constants.SOAP_ENVELOPE_NAMESPACE_URI))
{
            List subfaultCodes = new ArrayList();
            subfaultCodes.add(invalidSecurity);
            throw new
AxisFault(Constants.FAULT_SOAP12_SENDER,subfaultCodes,e.getMessage(),e);

        }
    }

The line of code we are interested in is the last one : 

throw new AxisFault(Constants.FAULT_SOAP12_SENDER,subfaultCodes,e.getMessage(),e);

where the Constants.FAULT_SOAP12_SENDER is hardcoded into the thrown AxisFault. I think that a flag should be set into the RampartException/MessageCtx so it is possible to check if the problem was caused by a Sender or a Receiver.

Regards,
Dobri


-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.