Hi,
Does anyone have a solution or knowledge about this? It's really a big
problem as it can cause message loss. For example, if request doesn't
pass the security check, service sends a soap fault back wrapped in
HTTP 500. However, generated client code doesn't do anything with it.
Therefore, client application assumes that its request accepted. In
this scenario, neither the client nor the server knows the problem
since there is no exception thrown in either side.
It would be great, if someone was kind enough to respond my post.
Thanks in advance.
Ali Sadik Kumlali
--- Ali Sadik Kumlali <[EMAIL PROTECTED]> wrote:
> Hi again,
>
> I've found that org.apache.axis2.transport.http.AbstractHTTPSender
> really doesn't care about the HTTP status code returned by the
> service.
> Here is the code:
>
> -----------------------------------------------------------------
> // org.apache.axis2.transport.http.AbstractHTTPSender
> protected void executeMethod(...) throws IOException {
> HostConfiguration config = this.getHostConfiguration(...);
> msgContext.setProperty(HTTPConstants.HTTP_METHOD, method);
>
> ...
>
> // -----------------------------------------------
> // executeMethod returns back 202, 500, etc. but
> // it is not handled!
> // -----------------------------------------------
> httpClient.executeMethod(config, method);
> }
> -----------------------------------------------------------------
>
> Is it on purpose? If yes, could you please answer my previous
> questions?
>
> Thanks a lot.
>
> Ali Sadik Kumlali
>
>
> --- Ali Sadik Kumlali <[EMAIL PROTECTED]> wrote:
>
> > Hi all,
> >
> > The subject may seem contradictory, as it has both "input only" and
> > "return" words together :)
> >
> > Here is the scenario:
> > - In my WSDL, all the operations have input message only.
> Therefore,
> > I
> > assume that I have "input only" services.
> > - WSDL2Java generates *MessageReceiverInOnly as expected.
> Therefore,
> > I
> > beleive, my first assumption is confirmed.
> > - I add InflowSecurity in service.xml. Therefore, my service
> requires
> > security headers.
> > - I don't add OutflowSecurity in the axis2.xml at the client side.
> > (This is made deliberately to cause the server throwing "missing
> > security headers" exception.)
> > - I send request by calling generated test code.
> > - All the messages goes through TCP/IP Monitor.
> > - Request doesn't have security headers as expected.
> > - Server sends a SOAPFault back to the client. (HTTP header says
> > HTTP/1.1 500 Internal Server Error)
> > - However, client doesn't do anything with this exception, although
> > it
> > successfully receives the whole message.
> >
> > Here are the questions:
> > - Is this expected behavior?
> > - If yes, why the server send soap fault for the in-only message?
> > - Does the client only wait for *any* HTTP response without
> actually
> > caring about what the header is? Or, does it behave differently but
> > not
> > for HTTP 500?
> > - I saw the ReplyTo header in the request. Spec says ReplyTo is
> > optional for in-only messages. What purposes Axis2 set it for?
> >
> >
> > Thanks for your reading efforts :)
> >
> > Ali Sadik Kumlali
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Tired of spam? Yahoo! Mail has the best spam protection around
> > http://mail.yahoo.com
> >
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
