[
http://issues.apache.org/jira/browse/AXIS2-1849?page=comments#action_12458464 ]
Dimuthu Leelarathne commented on AXIS2-1849:
--------------------------------------------
Hi Ali,
I tried to re-create the situation as follows.
1) Created a private key and a X509 certificate unknown to a service.
2) Then using this private key, I sent a signed soap message to the
service, by using the configuration
"<signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>". So the
service doesn't have the cerificate and it has no way of know it.
3) Then I debugged using the standard HTTPReciever in axis2. This ended
up in the "processHTTPPostRequest" method of
"org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest".
Here[1] the AxisEngine has been invoked in a try-catch block.
4) This thows a AxisFault which is thrown. I just put a stack trace and
the result is as follows[2].
So I am wondering whether you have catched a "AxisFault" in your custom
reciever. Just check and let me know.
Regards,
Dimuthu
[1]
try{
......many many code lines follows
AxisEngine engine = new
AxisEngine(msgContext.getConfigurationContext());
if (envelope.getBody().hasFault()) {
engine.receiveFault(msgContext);
} else {
engine.receive(msgContext);
}
} catch (SOAPProcessingException e) {
throw new AxisFault(e);
} catch (AxisFault e) {
e.printStackTrace(); // This is what I put
throw e;
} catch (IOException e) {
throw new AxisFault(e);
} catch (OMException e) {
throw new AxisFault(e);
} catch (XMLStreamException e) {
throw new AxisFault(e);
} catch (FactoryConfigurationError e) {
throw new AxisFault(e);
} finally {
if ((msgContext.getEnvelope() == null) && soapVersion !=
VERSION_SOAP11) {
msgContext.setEnvelope(new
SOAP12Factory().getDefaultEnvelope());
}
}
[2]
org.apache.axis2.AxisFault: WSDoAllReceiver: security processing failed; nested
exception is:
org.apache.ws.security.WSSecurityException: The signature verification
failed
at
org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:259)
at
org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:91)
at
org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:74)
at org.apache.axis2.engine.Phase.invoke(Phase.java:382)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:522)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:487)
at
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:326)
at
org.apache.axis2.transport.http.HTTPWorker.service(HTTPWorker.java:230)
at
org.apache.axis2.transport.http.server.DefaultHttpServiceProcessor.doService(DefaultHttpServiceProcessor.java:190)
at
org.apache.http.protocol.HttpService.handleRequest(HttpService.java:123)
at
org.apache.axis2.transport.http.server.DefaultHttpServiceProcessor.run(DefaultHttpServiceProcessor.java:262)
at
edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:665)
at
edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:690)
at java.lang.Thread.run(Thread.java:595)
Caused by: org.apache.ws.security.WSSecurityException: The signature
verification failed
at
org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:251)
at
org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:79)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:279)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:201)
at
org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:256)
... 13 more
> Security exception is swallowed
> -------------------------------
>
> Key: AXIS2-1849
> URL: http://issues.apache.org/jira/browse/AXIS2-1849
> Project: Apache Axis 2.0 (Axis2)
> Issue Type: Bug
> Components: modules
> Affects Versions: 1.1
> Environment: Windows XP Professional, JDK 1.4.2.12-b03
> Reporter: Ali Sadik Kumlali
> Assigned To: Dimuthu Leelarathne
>
> I need to catch the exception occured in securiy phase. But it seems Rampart
> just logs the exception and not propagate to the transport receiver. Thus,
> I'm not able to catch it and notify the sender.
> Here is my scenario:
> - My WSDL has input only (one-way) operations.
> - Client sends signed messages by invoking appropriate method of generated
> stub.
> - Service's keystore doesn't have the public certificate of the client
> - Rampart logs the exception[1] BUT doesn't throw it.
> Since I wrote my own transport receiver, I'm able to catch any
> exception(including RuntimeException) thrown through the execution
> path(transport receiver -> phases/modules -> message receiver).
> Regards,
> Ali Sadik Kumlali
> [1] [ERROR][2006-12-08 14:40:48,535] org.apache.axis2.transport.jms.AxisMdb -
> JMS Wo
> rker [JMS Session Delivery Thread] Encountered an Axis Fault :
> WSDoAllReceiver:
> security processing failed; nested exception is:
> org.apache.ws.security.WSSecurityException: The signature
> verification f
> ailed
> org.apache.axis2.AxisFault: WSDoAllReceiver: security processing failed;
> nested
> exception is:
> org.apache.ws.security.WSSecurityException: The signature
> verification f
> ailed
> at
> org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiv
> er.java:275)
> at
> org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllRece
> iver.java:98)
> at
> org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:
> 74)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:381)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:521)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:485)
> at org.apache.axis2.transport.jms.AxisMdb.onMessage(AxisMdb.java:245)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
