You are viewing a plain text version of this content. The canonical link for it is here.
Posted to c-dev@axis.apache.org by "Dinesh Premalal (JIRA)" <ji...@apache.org> on 2006/11/16 16:55:40 UTC
[jira] Created: (AXIS2C-406) Security Enabled server unable to
handle requests, without security headers
Security Enabled server unable to handle requests, without security headers
---------------------------------------------------------------------------
Key: AXIS2C-406
URL: http://issues.apache.org/jira/browse/AXIS2C-406
Project: Axis2-C
Issue Type: Bug
Components: rampart
Affects Versions: Current (Nightly)
Reporter: Dinesh Premalal
Fix For: 0.96
I sent a normal request (without security headers) to security enabled simple axis server. Then server gave me a soap fault saying security headers not available.
request
------------
OST /axis2/services/echo HTTP/1.1
User-Agent: Axis2/C
Content-Length: 302
Content-Type: application/soap+xml;charset=UTF-8;
Host: 127.0.0.1
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
<soapenv:Header></soapenv:Header>
<soapenv:Body>
<ns1:echoString xmlns:ns1="http://ws.apache.org/axis2/c/samples">
<text>Hello World !</text>
</ns1:echoString>
</soapenv:Body>
</soapenv:Envelope>
Response
----------------
HTTP/1.1 500 Internal Server Error
Content-Type: application/soap+xml;charset=UTF-8
Content-Length: 706
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
<soapenv:Header></soapenv:Header>
<soapenv:Body>
<soapenv:Fault>
<soapenv:Code>
<soapenv:Value>soapenv:Sender</soapenv:Value>
<soapenv:Subcode>
<soapenv:Value>wsse:SecurityTokenUnavailable</soapenv:Value>
</soapenv:Subcode>
</soapenv:Code>
<soapenv:Reason>
<soapenv:Text xml:lang="en">Security header element is unavailable</soapenv:Text>
</soapenv:Reason>
<soapenv:Detail>
<wsse:ProblemSecurityHeader xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">wsse:Security</wsse:ProblemSecurityHeader>
</soapenv:Detail>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-dev-help@ws.apache.org
[jira] Commented: (AXIS2C-406) Security Enabled server unable to
handle requests, without security headers
Posted by "Dinesh Premalal (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/AXIS2C-406?page=comments#action_12450441 ]
Dinesh Premalal commented on AXIS2C-406:
----------------------------------------
please note that server is able to handle requests with security headers.
> Security Enabled server unable to handle requests, without security headers
> ---------------------------------------------------------------------------
>
> Key: AXIS2C-406
> URL: http://issues.apache.org/jira/browse/AXIS2C-406
> Project: Axis2-C
> Issue Type: Bug
> Components: rampart
> Affects Versions: Current (Nightly)
> Reporter: Dinesh Premalal
> Fix For: 0.96
>
>
> I sent a normal request (without security headers) to security enabled simple axis server. Then server gave me a soap fault saying security headers not available.
> request
> ------------
> OST /axis2/services/echo HTTP/1.1
> User-Agent: Axis2/C
> Content-Length: 302
> Content-Type: application/soap+xml;charset=UTF-8;
> Host: 127.0.0.1
> <?xml version="1.0" encoding="UTF-8"?>
> <soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
> <soapenv:Header></soapenv:Header>
> <soapenv:Body>
> <ns1:echoString xmlns:ns1="http://ws.apache.org/axis2/c/samples">
> <text>Hello World !</text>
> </ns1:echoString>
> </soapenv:Body>
> </soapenv:Envelope>
> Response
> ----------------
> HTTP/1.1 500 Internal Server Error
> Content-Type: application/soap+xml;charset=UTF-8
> Content-Length: 706
> <?xml version="1.0" encoding="UTF-8"?>
> <soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
> <soapenv:Header></soapenv:Header>
> <soapenv:Body>
> <soapenv:Fault>
> <soapenv:Code>
> <soapenv:Value>soapenv:Sender</soapenv:Value>
> <soapenv:Subcode>
> <soapenv:Value>wsse:SecurityTokenUnavailable</soapenv:Value>
> </soapenv:Subcode>
> </soapenv:Code>
> <soapenv:Reason>
> <soapenv:Text xml:lang="en">Security header element is unavailable</soapenv:Text>
> </soapenv:Reason>
> <soapenv:Detail>
> <wsse:ProblemSecurityHeader xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">wsse:Security</wsse:ProblemSecurityHeader>
> </soapenv:Detail>
> </soapenv:Fault>
> </soapenv:Body>
> </soapenv:Envelope>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-dev-help@ws.apache.org
[jira] Resolved: (AXIS2C-406) Security Enabled server unable to
handle requests, without security headers
Posted by "Dinesh Premalal (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/AXIS2C-406?page=all ]
Dinesh Premalal resolved AXIS2C-406.
------------------------------------
Resolution: Invalid
I think , it is correct behaviour. Because security enable server (User name token) should able to handle only requests with valid user names and passwords.
> Security Enabled server unable to handle requests, without security headers
> ---------------------------------------------------------------------------
>
> Key: AXIS2C-406
> URL: http://issues.apache.org/jira/browse/AXIS2C-406
> Project: Axis2-C
> Issue Type: Bug
> Components: rampart
> Affects Versions: Current (Nightly)
> Reporter: Dinesh Premalal
> Fix For: 0.96
>
>
> I sent a normal request (without security headers) to security enabled simple axis server. Then server gave me a soap fault saying security headers not available.
> request
> ------------
> OST /axis2/services/echo HTTP/1.1
> User-Agent: Axis2/C
> Content-Length: 302
> Content-Type: application/soap+xml;charset=UTF-8;
> Host: 127.0.0.1
> <?xml version="1.0" encoding="UTF-8"?>
> <soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
> <soapenv:Header></soapenv:Header>
> <soapenv:Body>
> <ns1:echoString xmlns:ns1="http://ws.apache.org/axis2/c/samples">
> <text>Hello World !</text>
> </ns1:echoString>
> </soapenv:Body>
> </soapenv:Envelope>
> Response
> ----------------
> HTTP/1.1 500 Internal Server Error
> Content-Type: application/soap+xml;charset=UTF-8
> Content-Length: 706
> <?xml version="1.0" encoding="UTF-8"?>
> <soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
> <soapenv:Header></soapenv:Header>
> <soapenv:Body>
> <soapenv:Fault>
> <soapenv:Code>
> <soapenv:Value>soapenv:Sender</soapenv:Value>
> <soapenv:Subcode>
> <soapenv:Value>wsse:SecurityTokenUnavailable</soapenv:Value>
> </soapenv:Subcode>
> </soapenv:Code>
> <soapenv:Reason>
> <soapenv:Text xml:lang="en">Security header element is unavailable</soapenv:Text>
> </soapenv:Reason>
> <soapenv:Detail>
> <wsse:ProblemSecurityHeader xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">wsse:Security</wsse:ProblemSecurityHeader>
> </soapenv:Detail>
> </soapenv:Fault>
> </soapenv:Body>
> </soapenv:Envelope>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-dev-help@ws.apache.org