hi nandana,
I also tried it with axis2 1.5 and rampart 1.5 RC1 -> same result
0 [JHttp-3] 2009-09-16 15:02:14.459 AxisEngine - The security token could
not be authenticated or authorized; nested exception is:
javax.security.auth.callback.UnsupportedCallbackException: Auth check
failed
org.apache.axis2.AxisFault: The security token could not be authenticated or
authorized; nested exception is:
javax.security.auth.callback.UnsupportedCallbackException: Auth check
failed
at
org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:172)
at
org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:95)
at org.apache.axis2.engine.Phase.invoke(Phase.java:318)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:251)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:160)
at
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167)
at
org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:142)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:738)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:831)
at
org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:502)
at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:363)
at
org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:417)
at org.mortbay.jetty.handler.HandlerList.handle(HandlerList.java:49)
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:324)
at
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:534)
at
org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:879)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:741)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:207)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:403)
at
org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228)
at
org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:635)
at
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:522)
Caused by: org.apache.ws.security.WSSecurityException: The security token
could not be authenticated or authorized; nested exception is:
javax.security.auth.callback.UnsupportedCallbackException: Auth check
failed
at
org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:172)
at
org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:56)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:326)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:243)
at org.apache.rampart.RampartEngine.process(RampartEngine.java:154)
at
org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)
... 24 more
Caused by: javax.security.auth.callback.UnsupportedCallbackException: Auth
check failed
at
com.groiss.ws.security.UserNameTokenAuthHandler.handle(UserNameTokenAuthHandler.java:39)
at
org.apache.rampart.TokenCallbackHandler.handle(TokenCallbackHandler.java:90)
at
org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:160)
... 29 more
0 [JHttp-3] 2009-09-16 15:02:14.469 log -
/wf/services.axis2/SecureTokenService
java.lang.NullPointerException
at
org.apache.rampart.RampartMessageData.<init>(RampartMessageData.java:372)
at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:61)
at
org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64)
at org.apache.axis2.engine.Phase.invoke(Phase.java:318)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:251)
at org.apache.axis2.engine.AxisEngine.sendFault(AxisEngine.java:508)
at
org.apache.axis2.transport.http.AxisServlet.handleFault(AxisServlet.java:423)
at
org.apache.axis2.transport.http.AxisServlet.processAxisFault(AxisServlet.java:386)
at
org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:176)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:738)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:831)
at
org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:502)
at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:363)
at
org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:417)
at org.mortbay.jetty.handler.HandlerList.handle(HandlerList.java:49)
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:324)
at
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:534)
at
org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:879)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:741)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:207)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:403)
at
org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228)
at
org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:635)
at
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:522)
2 [JHttp-6] 2009-09-16 15:02:14.539 BuilderUtil - OMException in
getSOAPBuilder
org.apache.axiom.soap.SOAPProcessingException: First Element must contain
the local name, Envelope , but found html
at
org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.constructNode(StAXSOAPModelBuilder.java:267)
at
org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.createOMElement(StAXSOAPModelBuilder.java:214)
at
org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.createNextOMElement(StAXSOAPModelBuilder.java:196)
at
org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:207)
at
org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.getSOAPEnvelope(StAXSOAPModelBuilder.java:161)
at
org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.<init>(StAXSOAPModelBuilder.java:110)
at
org.apache.axis2.builder.BuilderUtil.getSOAPBuilder(BuilderUtil.java:682)
at
org.apache.axis2.transport.TransportUtils.createDocumentElement(TransportUtils.java:210)
at
org.apache.axis2.transport.TransportUtils.createSOAPMessage(TransportUtils.java:140)
at
org.apache.axis2.transport.TransportUtils.createSOAPMessage(TransportUtils.java:103)
at
org.apache.axis2.transport.TransportUtils.createSOAPMessage(TransportUtils.java:67)
at
org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:354)
at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:417)
at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at
org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:539)
at
org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:145)
at
com.groiss.ws.client.SecureServiceClient.login(SecureServiceClient.java:149)
at com.groiss.demo.ws.security.saml.Client.call(Client.java:43)
at com.groiss.demo.ws.Client.performCall(Client.java:23)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.groiss.servlet.Dispatcher.service(Dispatcher.java:254)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:831)
at
org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:502)
at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:363)
at
org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:417)
at org.mortbay.jetty.handler.HandlerList.handle(HandlerList.java:49)
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:324)
at
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:534)
at
org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:864)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:533)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:207)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:403)
at
org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228)
at
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:522)
regards,
gerhard
Nunny wrote:
>
> Hi Giuseppe,
> Are you using Axis2 1.4.1 and Rampart 1.3 ? Can you try
> with
> Rampart 1.4 ?
>
> regards,
> Nandana
>
> On Fri, Jul 3, 2009 at 4:51 PM, Giuseppe Gortan
> <[email protected]>wrote:
>
>> Hi everybody.
>>
>> I have a problem with axis2 (1.4.1) and rampart (1.3).
>> I put a simple policy in services.xml [1] and I wrote a
>> PasswordHandler [2]. Everything works fine if user and password are
>> correct. When the user doesn't exist (getUser returns
>> UserNotFoundException), the authentication process (correctly) fails,
>> but returning a HTML error page [5] instead of a SOAP response
>> message. The servlet engine logs an error message coming from the Axis
>> Servlet [4], and the SOAP client, that uses a library generated by
>> WSDL2Java, logs the error "First Element must contain the local name,
>> Envelope , but found html" [3].
>>
>> I want to return to the client a custom SOAP error message if
>> authentication process fails. How can I do it?
>>
>> Thanks,
>>
>> Giuseppe
>>
>>
>> [1] Policy
>> <parameter name="InflowSecurity">
>> <action>
>> <items>UsernameToken</items>
>> <passwordCallbackClass>
>> mypackage.myapp.PasswordHandler
>> </passwordCallbackClass>
>> </action>
>> </parameter>
>>
>> [2] PasswordHandler
>> public class PasswordHandler implements CallbackHandler {
>> public void handle(Callback[] callbacks) throws IOException,
>> UnsupportedCallbackException {
>> for (int i = 0; i < callbacks.length; i++) {
>> if (callbacks[i] instanceof WSPasswordCallback) {
>> try{
>> WSPasswordCallback pwcb =
>> (WSPasswordCallback) callbacks[i];
>> String username =
>> pwcb.getIdentifer();
>> String user = getUser(username);
>> String password =
>> getPlainPassword(user);
>>
>> int passwordType =
>> pwcb.getUsage();
>> if (passwordType ==
>> WSPasswordCallback.USERNAME_TOKEN) {
>>
>> pwcb.setPassword(password);
>> } else {
>> throw new
>> UnsupportedCallbackException(callbacks[i],
>> "Unrecognized Callback");
>> }
>> } catch (UserNotFoundException e){
>> throw new AxisFault("No user found",
>> e.getCause());
>> }
>> }
>> }
>> }
>>
>> [3] First Element must contain the local name, Envelope , but found html
>> org.apache.axis2.AxisFault: First Element must contain the local name,
>> Envelope , but found html
>> at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
>> at
>> org.apache.axis2.transport.TransportUtils.createSOAPMessage(TransportUtils.java:90)
>> at
>> org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:353)
>> at
>> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
>> at
>> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
>> at
>> org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
>> at
>> mypackage.myapp.WebservicesStub.myRemoteWS(WebservicesStub.java:6642)
>> at mypackage.myapp.client.Client.main(Client.java:63)
>> Caused by: org.apache.axiom.soap.SOAPProcessingException: First
>> Element must contain the local name, Envelope , but found html
>> at
>> org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.constructNode(StAXSOAPModelBuilder.java:251)
>> at
>> org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.createOMElement(StAXSOAPModelBuilder.java:209)
>> at
>> org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.createNextOMElement(StAXSOAPModelBuilder.java:191)
>> at
>> org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:172)
>> at
>> org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.getSOAPEnvelope(StAXSOAPModelBuilder.java:156)
>> at
>> org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.<init>(StAXSOAPModelBuilder.java:105)
>> at
>> org.apache.axis2.builder.BuilderUtil.getSOAPBuilder(BuilderUtil.java:677)
>> at
>> org.apache.axis2.transport.TransportUtils.createDocumentElement(TransportUtils.java:182)
>> at
>> org.apache.axis2.transport.TransportUtils.createSOAPMessage(TransportUtils.java:112)
>> at
>> org.apache.axis2.transport.TransportUtils.createSOAPMessage(TransportUtils.java:88)
>> ... 6 more
>>
>> [4] Error log
>> GRAVE: Servlet.service() for servlet AxisServlet threw exception
>> java.lang.NullPointerException
>> at
>> org.apache.rampart.RampartMessageData.<init>(RampartMessageData.java:308)
>> at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:61)
>> at
>> org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64)
>> at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
>> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
>> at
>> org.apache.axis2.engine.AxisEngine.sendFault(AxisEngine.java:520)
>> at
>> org.apache.axis2.transport.http.AxisServlet.handleFault(AxisServlet.java:416)
>> at
>> org.apache.axis2.transport.http.AxisServlet.processAxisFault(AxisServlet.java:379)
>> at
>> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:167)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
>>
>> [5]
>> HTTP/1.1 500 Internal Server Error
>>
>> Server: Apache-Coyote/1.1
>>
>> Content-Type: text/html;charset=utf-8
>>
>> Content-Length: 2154
>>
>> Date: Fri, 03 Jul 2009 10:47:04 GMT
>>
>> Connection: close
>>
>>
>>
>> <html>
>> <head>
>> <title>Apache Tomcat/6.0.18 - Error report</title>
>> <style>
>> <!--H1
>>
>> {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;}
>> H2
>> {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;}
>> H3
>> {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;}
>> BODY
>> {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;}
>> B
>> {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;}
>> P
>> {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A
>> {color : black;}A.name {color : black;}HR {color :
>> #525D76;}--></style>
>> </head>
>> <body>
>> <h1>HTTP Status 500 - </h1>
>> <HR size="1" noshade="noshade">
>> <p>
>> type Exception report
>> </p>
>> <p>
>> message
>> <u></u>
>> </p>
>> <p>
>> description
>> <u>The server encountered an internal error () that
>> prevented it from fulfilling this request.</u>
>> </p>
>> <p>
>> exception
>> <pre>java.lang.NullPointerException
>>
>> org.apache.rampart.RampartMessageData.<init>(RampartMessageData.java:308)
>> org.apache.rampart.MessageBuilder.build(MessageBuilder.java:61)
>> org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64)
>> org.apache.axis2.engine.Phase.invoke(Phase.java:317)
>> org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
>> org.apache.axis2.engine.AxisEngine.sendFault(AxisEngine.java:520)
>> org.apache.axis2.transport.http.AxisServlet.handleFault(AxisServlet.java:416)
>>
>> org.apache.axis2.transport.http.AxisServlet.processAxisFault(AxisServlet.java:379)
>>
>> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:167)
>> javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
>> javax.servlet.http.HttpServlet.service(HttpServlet.java:717)</pre>
>> </p>
>> <p>
>> note
>> <u>The full stack trace of the root cause is available
>> in the Apache Tomcat/6.0.18 logs.</u>
>> </p>
>> <HR size="1" noshade="noshade">
>> <h3>Apache Tomcat/6.0.18</h3>
>> </body>
>> </html>
>> --
>> «The phonograph has no commercial value at all.»
>> Thomas Edison, American inventor, 1880s.
>>
>
>
>
> --
> Nandana Mihindukulasooriya
> WSO2 inc.
>
> http://nandana83.blogspot.com/
> http://www.wso2.org
>
>
--
View this message in context:
http://www.nabble.com/Wrong-response-when-authentication-fails-with-Rampart-%28not-SOAP-but--HTML%29-tp24321586p25472075.html
Sent from the Axis - User mailing list archive at Nabble.com.
