[
https://issues.apache.org/activemq/browse/SMXCOMP-703?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Joe Luo updated SMXCOMP-703:
----------------------------
Attachment: smx-cxf-bc-patch.patch
> Servicemix CXF-BC component JbiJAASInterceptor should catch
> UndeclaredThrowableException
> ----------------------------------------------------------------------------------------
>
> Key: SMXCOMP-703
> URL: https://issues.apache.org/activemq/browse/SMXCOMP-703
> Project: ServiceMix Components
> Issue Type: Improvement
> Components: servicemix-cxf-bc
> Affects Versions: servicemix-cxf-bc-2009.02
> Reporter: Joe Luo
> Attachments: smx-cxf-bc-patch.patch
>
>
> The ServiceMix CXF-BC component JbiJAASInterceptor calls authenticate()
> function on JAASAuthenticationService to authenticate user:
> {code}
> for (Iterator it = hr.getResults().iterator(); it.hasNext();) {
> WSSecurityEngineResult er = (WSSecurityEngineResult) it.next();
> if (er != null && er.getPrincipal() instanceof WSUsernameTokenPrincipal) {
> WSUsernameTokenPrincipal p =
> (WSUsernameTokenPrincipal)er.getPrincipal();
> subject.getPrincipals().add(p);
> this.authenticationService.authenticate(subject, domain, p.getName(),
> p.getPassword());
> authenticated = true;
> }
> }
> {code}
> The function "authenticate(...)" might throw a FailedLoginException if a
> wrong password is supplied. Because the CXF-BC uses an invocation handler to
> invoke the method on a proxy instance, an UndeclaredThrowableException will
> be thrown instead and wraped with the FailedLoginException. Currently we do
> not catch the UndeclaredThrowableException and it caused the message of real
> exception to be lost. Instead, a very generic message like "Fault occurred
> while processing." is always thrown. It is definitely is not intuitive for
> the client side to find out what is wrong on server side.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
