Hi Nandana, Thanks a lot. I have created a JIRA (RAMPART-236) for the issue discussed here.
Chinmoy On Mon, Aug 3, 2009 at 8:29 AM, Nandana Mihindukulasooriya < nandana....@gmail.com> wrote: > Hi Chinmoy, > Before Rampart 1.4, Rampart didn't support securing SOAP > Faults. This improvement [1] was only added to policy based configuration. > So we added the Rampart policy based handlers to the Fault flows too to > secure the faults. As you can see Fault flows only contains policy based > handlers (PolicyBasedSecurityInHandler/PolicyBasedSecurityOutHandler) and > not the parameter based handlers (SecurityInHandler/SecurityOutHandler). So > this feature is not supported in parameter based configuration. So it is > safe to the remove the snippet you have mentioned if you are sticking to > parameter based configuation for the moment but move to policy based > configuration as soon as possible. > This seems to be a bug in Rampart reciever, please create a > JIRA for this with all the information. As far as I can see, this should be > fixed when we fix the issue [2]. > > thanks, > Nandana > > [1] - http://issues.apache.org/jira/browse/RAMPART-90 > [2] - http://issues.apache.org/jira/browse/RAMPART-230 > > > On Sat, Aug 1, 2009 at 3:32 PM, Chinmoy Chakraborty <cch...@gmail.com>wrote: > >> Nandana, >> >> Thanks a lot for reply. I am not clear what you said by "out going Fault >> messages will not be secured". Parameter based ws-security sends normal SOAP >> back to the client. So in case of any fault I expect SOAP fault but right >> now it does not send SOAP fault thats why I had to comment out the portion I >> mentioed in the mail. I guess this is a bug of 'RampartSender' right? >> >> At this point as I am using parameter based WS-Security stuffs and in case >> of any fault it does not send back SOAP FAULT. So what you suggest to do at >> this point (we can switch to policy based ws-security stuffs in future but >> at this point we don't have option) other than commenting out the mentioned >> portion of module.xml? >> Chinmoy >> >> >> >> On Sat, Aug 1, 2009 at 8:19 AM, Nandana Mihindukulasooriya < >> nandana....@gmail.com> wrote: >> >>> Hi Chinmoy, >>> If you comment out this part, the out going Fault messages will >>> not be secured. Segment of the module.xml you have attached is the one which >>> places Rampart handlers in the Out Fault Flow. It will not effect the normal >>> flow. I didn't see any active development in parameter based configuration >>> since Rampart 1.3 as it is deprecated, so it doesn't expect faults to be >>> secure too. Proelly that is why you saw the comment do not process faults in >>> the 'WSDoAllReceiver'. >>> >>> thanks, >>> Nandana >>> >>> On Sat, Aug 1, 2009 at 7:55 AM, Chinmoy Chakraborty <cch...@gmail.com>wrote: >>> >>>> Andreas, >>>> >>>> Thanks a lot for your reply. You are right. "Could not find a Builder" >>>> is not root cause of the problem. I commented out following portion >>>> (OutFaultFlow params) in module.xml of rampart-1.4.mar and then it works as >>>> expected. >>>> >>>> <OutFaultFlow> >>>> <handler name="PolicyBasedSecurityOutHandler" >>>> class="org.apache.rampart.handler.RampartSender"> >>>> <order phase="Security" phaseLast="true"/> >>>> </handler> >>>> </OutFaultFlow> >>>> >>>> So I guess the problematic part is RampartSender. But I have one >>>> question, commenting out this portion should not affect other part of app >>>> right? >>>> >>>> >>>> Chinmoy >>>> >>>> >>>> >>>> On Sat, Aug 1, 2009 at 12:29 AM, Andreas Veithen < >>>> andreas.veit...@gmail.com> wrote: >>>> >>>>> Chinmoy, >>>>> >>>>> The "Could not find a Builder" error is because Tomcat returns an HTML >>>>> error page and Axis2 on the client side doesn't know what to do with >>>>> it. That is certainly not the root cause of the problem. >>>>> >>>>> Andreas >>>>> >>>>> On Fri, Jul 31, 2009 at 14:43, Chinmoy Chakraborty<cch...@gmail.com> >>>>> wrote: >>>>> > Hi, >>>>> > >>>>> > I noticed following property was not set while sending the message >>>>> back: >>>>> > >>>>> > 179781 DEBUG [http8080-Processor24] >>>>> > org.apache.axis2.context.AbstractContext - Property set on >>>>> object >>>>> > org.apache.axis2.context.messagecont...@12f0ce9 >>>>> > 179781 DEBUG [http8080-Processor24] >>>>> > org.apache.axis2.context.AbstractContext - Key =messageType >>>>> > 179781 DEBUG [http8080-Processor24] >>>>> > org.apache.axis2.context.AbstractContext - Value =text/xml >>>>> > 179781 DEBUG [http8080-Processor24] >>>>> > org.apache.axis2.context.AbstractContext - Value Class = >>>>> > java.lang.String >>>>> > 179781 DEBUG [http8080-Processor24] >>>>> > org.apache.axis2.context.AbstractContext - Value Classloader = >>>>> null >>>>> > >>>>> > and then it produces following error: >>>>> > >>>>> > [http8080-Processor21] org.apache.axis2.transport.TransportUtils >>>>> - Could >>>>> > not find a Builder for type (text/html). Using SOAP. >>>>> > 194422 DEBUG [http8080-Processor21] >>>>> > >>>>> > httpclient.wire.content - << "<html><head><title>Apache >>>>> Tomcat/5.0.19 - >>>>> > Error report</title><style><!--H1 >>>>> > >>>>> {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} >>>>> > H2 >>>>> > >>>>> {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} >>>>> > H3 >>>>> > >>>>> {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} >>>>> > BODY >>>>> > >>>>> {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} >>>>> B >>>>> > >>>>> {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} >>>>> > P >>>>> > >>>>> {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A >>>>> > {color : black;}A.name {color : black;}HR {color : >>>>> #525D76;}--></style> >>>>> > </head><body><h1>HTTP Status 500 - </h1><HR size="1" >>>>> noshade><p><b>type</b> >>>>> > Status report</p><p><b>message</b> <u></u></p><p><b>description</b> >>>>> <u>The >>>>> > server encountered an internal error () that prevented it from >>>>> fulfilling >>>>> > this request.</u></p><HR size="1" noshade><h3>Apache >>>>> > Tomcat/5.0.19</h3></body></html>" >>>>> > 194422 >>>>> > >>>>> > DEBUG [http8080-Processor21] >>>>> org.apache.axiom.om.util.StAXUtils - >>>>> > XMLStreamReader is com.ctc.wstx.sr.ValidatingStreamReader >>>>> > 194422 INFO [http8080-Processor21] >>>>> > org.apache.axis2.builder.BuilderUtil - OMException in >>>>> getSOAPBuilder >>>>> > >>>>> > >>>>> > Chinmoy >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > On Fri, Jul 31, 2009 at 2:59 PM, Chinmoy Chakraborty < >>>>> cch...@gmail.com> >>>>> > wrote: >>>>> >> >>>>> >> Hi, >>>>> >> >>>>> >> I turned on DEBUG and please find attached rampart_debug.log file. >>>>> Does >>>>> >> 'WSDoAllReceiver' process faults if any while invoking the business >>>>> logic? I >>>>> >> found following commented line at line no. 161 of >>>>> WSDoAllReceiver.java src: >>>>> >> >>>>> >> ............... >>>>> >> // Do not process faults >>>>> >> SOAPConstants soapConstants = >>>>> WSSecurityUtil.getSOAPConstants(doc >>>>> >> .getDocumentElement()); >>>>> >> if (WSSecurityUtil.findElement(doc.getDocumentElement(), >>>>> "Fault", >>>>> >> soapConstants.getEnvelopeURI()) != null) { >>>>> >> return; >>>>> >> } >>>>> >> ...................... >>>>> >> >>>>> >> In line 8254 it throws the exception from the service (in the log >>>>> file the >>>>> >> service name is ABS) method. In line 8381 it shows : >>>>> >> >>>>> >> isReplyRedirected: FaultTo is null. Returning isReplyRedirected >>>>> >> 194047 DEBUG [http8080-Processor24] >>>>> >> org.apache.axis2.addressing.AddressingHelper - [MessageContext: >>>>> >> logID=urn:uuid:B669EB542CF5BAEF9D1249024862072] isReplyRedirected: >>>>> ReplyTo >>>>> >> is null. Returning false >>>>> >> >>>>> >> Is this the reason of not sending fault SOAP to the client if >>>>> WSSecurity >>>>> >> is on and use parameter based WS-Security? >>>>> >> >>>>> >> Chinmoy >>>>> >> >>>>> >> >>>>> > >>>>> >>>> >>>> >>> >>
