[jira] Created: (SYNAPSE-296) Proper error message should be given when the configuration is accessing a security policy which has not been defined as a local/registry entry

[Evanthika Amarasiri (JIRA)]

Proper error message should be given when the configuration is accessing a 
security policy which has not been defined as a local/registry entry
-----------------------------------------------------------------------------------------------------------------------------------------------

                 Key: SYNAPSE-296
                 URL: https://issues.apache.org/jira/browse/SYNAPSE-296
             Project: Synapse
          Issue Type: Bug
          Components: Deployment
    Affects Versions: 1.2-QA-B1
         Environment: Ubuntu 7.10, Java version "1.5.0_14", Firefox2.0.0.12
            Reporter: Evanthika Amarasiri
            Priority: Trivial


Tried out the following configuration which converts a soap message into a 
secured message before sending it to the service. When the client was executed 
an error message was given saying 
<faultcode>wsse:InvalidSecurity</faultcode><faultstring>SOAP header 
missing</faultstring>. The reason why I got this error is because I have not 
defined the policy file as a local/registry entry. 

<definitions xmlns="http://ws.apache.org/ns/synapse";>
    <in>        
        <script language="js"><![CDATA[
               var symbol = mc.getPayloadXML()..*::Code.toString();
               mc.setPayloadXML(
                  <m:getQuote xmlns:m="http://services.samples/xsd";>
                     <m:request>
                        <m:symbol>{symbol}</m:symbol>
                     </m:request>
                  </m:getQuote>);
        ]]></script>
        <log level="full"/>
        <send>
            <endpoint>
                <address 
uri="http://localhost:9001/soap/SecureStockQuoteService"/>
                <enableSec policy="sec_policy"/>
                <enableAddressing/>
            </endpoint>
        </send>
    </in>
    <out>
        <header name="wsse:Security" action="remove" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
        <log level="full"/>

        <script language="js"><![CDATA[
               var symbol = mc.getPayloadXML()..*::symbol.toString();
               var price = mc.getPayloadXML()..*::last.toString();
               mc.setPayloadXML(
                  <m:CheckPriceResponse xmlns:m="http://services.samples/xsd";>
               <m:Code>{symbol}</m:Code>
               <m:Price>{price}</m:Price>
                  </m:CheckPriceResponse>);
            ]]></script>
        <log level="full"/>
        <send/>
    </out>
</definitions>

Therefore when such situations occur it should give a proper error message 
saying that the policy is not defined/policy is not found etc.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]