You are viewing a plain text version of this content. The canonical link for it is here.
Posted to c-dev@axis.apache.org by "Dinesh Premalal (JIRA)" <ji...@apache.org> on 2006/11/17 06:51:40 UTC
[jira] Resolved: (AXIS2C-406) Security Enabled server unable to
handle requests, without security headers
[ http://issues.apache.org/jira/browse/AXIS2C-406?page=all ]
Dinesh Premalal resolved AXIS2C-406.
------------------------------------
Resolution: Invalid
I think , it is correct behaviour. Because security enable server (User name token) should able to handle only requests with valid user names and passwords.
> Security Enabled server unable to handle requests, without security headers
> ---------------------------------------------------------------------------
>
> Key: AXIS2C-406
> URL: http://issues.apache.org/jira/browse/AXIS2C-406
> Project: Axis2-C
> Issue Type: Bug
> Components: rampart
> Affects Versions: Current (Nightly)
> Reporter: Dinesh Premalal
> Fix For: 0.96
>
>
> I sent a normal request (without security headers) to security enabled simple axis server. Then server gave me a soap fault saying security headers not available.
> request
> ------------
> OST /axis2/services/echo HTTP/1.1
> User-Agent: Axis2/C
> Content-Length: 302
> Content-Type: application/soap+xml;charset=UTF-8;
> Host: 127.0.0.1
> <?xml version="1.0" encoding="UTF-8"?>
> <soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
> <soapenv:Header></soapenv:Header>
> <soapenv:Body>
> <ns1:echoString xmlns:ns1="http://ws.apache.org/axis2/c/samples">
> <text>Hello World !</text>
> </ns1:echoString>
> </soapenv:Body>
> </soapenv:Envelope>
> Response
> ----------------
> HTTP/1.1 500 Internal Server Error
> Content-Type: application/soap+xml;charset=UTF-8
> Content-Length: 706
> <?xml version="1.0" encoding="UTF-8"?>
> <soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
> <soapenv:Header></soapenv:Header>
> <soapenv:Body>
> <soapenv:Fault>
> <soapenv:Code>
> <soapenv:Value>soapenv:Sender</soapenv:Value>
> <soapenv:Subcode>
> <soapenv:Value>wsse:SecurityTokenUnavailable</soapenv:Value>
> </soapenv:Subcode>
> </soapenv:Code>
> <soapenv:Reason>
> <soapenv:Text xml:lang="en">Security header element is unavailable</soapenv:Text>
> </soapenv:Reason>
> <soapenv:Detail>
> <wsse:ProblemSecurityHeader xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">wsse:Security</wsse:ProblemSecurityHeader>
> </soapenv:Detail>
> </soapenv:Fault>
> </soapenv:Body>
> </soapenv:Envelope>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-dev-help@ws.apache.org