On Wed, Aug 28, 2013 at 11:13 AM, Nalin Chandraratne <[email protected]> wrote:
> Hi Geeth, > > It seemed the issue was not with the fix you gave. However a minor change > had to be done in the axis2.xml to cater the change you made. ( > RelaySecuirtyMessageBuilderDispatchandler was brought before > SOAPActionBasedDispatcher in transport phase). > +1. We have to keep that change. Pox security handler expected to send a 401 when there is no transport level basic auth headers. Thanks. > > Thanks, > Nalin. > > > On Tue, Aug 27, 2013 at 2:06 PM, Nalin Chandraratne <[email protected]>wrote: > >> Yes, Simply securing the proxy with the UTOverTransport policy. >> >> >> On Tue, Aug 27, 2013 at 1:30 PM, Kasun Gajasinghe <[email protected]>wrote: >> >>> Hi Nalin, >>> >>> I had a look at the test case. It seems you are doing a UT secured SOAP >>> requests? >>> >>> >>> On Tue, Aug 27, 2013 at 11:38 AM, Nalin Chandraratne <[email protected]>wrote: >>> >>>> Hi Geeth, >>>> >>>> Below commit result in security scenario failures in ESB 4.8.0. >>>> >>>> Please fix this ASAP as this is critical to the M2 release. >>>> >>>> >>>> Author: [email protected] >>>> Date: Fri Aug 16 23:37:36 2013 >>>> New Revision: 181648 >>>> URL: http://wso2.org/svn/browse/wso2?view=rev&revision=181648 >>>> >>>> Log: >>>> Fixing https://wso2.org/jira/browse/WSAS-1473 >>>> >>>> Modified: >>>> carbon/platform/branches/4.2.0/components/security/org. >>>> wso2.carbon.security.mgt/4.2.0/src/main/java/org/wso2/ >>>> carbon/security/pox/POXSecurityHandler.java >>>> >>>> Modified: carbon/platform/branches/4.2.0/components/security/org. >>>> wso2.carbon.security.mgt/4.2.0/src/main/java/org/wso2/ >>>> carbon/security/pox/POXSecurityHandler.java >>>> URL: >>>> http://wso2.org/svn/browse/wso2/carbon/platform/branches/4.2.0/components/security/org.wso2.carbon.security.mgt/4.2.0/src/main/java/org/wso2/carbon/security/pox/POXSecurityHandler.java?rev=181648&r1=181647&r2=181648&view=diff >>>> ============================================================ >>>> ================== >>>> --- carbon/platform/branches/4.2.0/components/security/org. >>>> wso2.carbon.security.mgt/4.2.0/src/main/java/org/wso2/ >>>> carbon/security/pox/POXSecurityHandler.java (original) >>>> +++ carbon/platform/branches/4.2.0/components/security/org. >>>> wso2.carbon.security.mgt/4.2.0/src/main/java/org/wso2/ >>>> carbon/security/pox/POXSecurityHandler.java Fri Aug 16 23:37:36 2013 >>>> @@ -94,7 +94,7 @@ >>>> >>>> //this handler only intercepts >>>> if (!(msgCtx.isDoingREST() || isSOAPWithoutSecHeader(msgCtx)) >>>> || >>>> - !msgCtx.getIncomingTransportName().equals("https") || >>>> (basicAuthHeader == null)) { >>>> + !msgCtx.getIncomingTransportName().equals("https")) { >>>> return InvocationResponse.CONTINUE; >>>> } >>>> >>>> >>>> Below exception is thrown when running UT security scenario. >>>> >>>> org.apache.axis2.AxisFault: Transport error: 401 Error: OK >>>> at >>>> org.apache.axis2.transport.http.HTTPSender.handleResponse(HTTPSender.java:308) >>>> at >>>> org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:194) >>>> at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75) >>>> at >>>> org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451) >>>> at >>>> org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278) >>>> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442) >>>> at >>>> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:398) >>>> at >>>> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:224) >>>> at >>>> org.apache.axis2.client.OperationClient.execute(OperationClient.java:149) >>>> at >>>> org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:554) >>>> at >>>> org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:530) >>>> at >>>> org.wso2.carbon.automation.utils.axis2client.SecureAxisServiceClient.sendReceive(SecureAxisServiceClient.java:136) >>>> at >>>> org.wso2.carbon.esb.util.SecureServiceClient.sendSecuredRequest(SecureServiceClient.java:72) >>>> at >>>> org.wso2.carbon.esb.util.SecureServiceClient.sendSecuredStockQuoteRequest(SecureServiceClient.java:43) >>>> at >>>> org.wso2.carbon.esb.proxyservice.test.secureProxy.SecurityTransformationProxyForPolicy2BackEndTestCase.securityPolicy1(SecurityTransformationProxyForPolicy2BackEndTestCase.java:80) >>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>> at >>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >>>> at >>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >>>> at java.lang.reflect.Method.invoke(Method.java:597) >>>> at >>>> org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:80) >>>> at org.testng.internal.Invoker.invokeMethod(Invoker.java:673) >>>> at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:842) >>>> at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1166) >>>> at >>>> org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:125) >>>> at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) >>>> at org.testng.TestRunner.runWorkers(TestRunner.java:1178) >>>> at org.testng.TestRunner.privateRun(TestRunner.java:757) >>>> at org.testng.TestRunner.run(TestRunner.java:608) >>>> at org.testng.SuiteRunner.runTest(SuiteRunner.java:334) >>>> at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:329) >>>> at org.testng.SuiteRunner.privateRun(SuiteRunner.java:291) >>>> at org.testng.SuiteRunner.run(SuiteRunner.java:240) >>>> at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) >>>> at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) >>>> at org.testng.TestNG.runSuitesSequentially(TestNG.java:1158) >>>> at org.testng.TestNG.runSuitesLocally(TestNG.java:1083) >>>> at org.testng.TestNG.run(TestNG.java:999) >>>> at >>>> org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:178) >>>> at >>>> org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:92) >>>> at >>>> org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:96) >>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>> at >>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >>>> at >>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >>>> at java.lang.reflect.Method.invoke(Method.java:597) >>>> at >>>> org.apache.maven.surefire.util.ReflectionUtils.invokeMethodWithArray(ReflectionUtils.java:189) >>>> at >>>> org.apache.maven.surefire.booter.ProviderFactory$ProviderProxy.invoke(ProviderFactory.java:165) >>>> at >>>> org.apache.maven.surefire.booter.ProviderFactory.invokeProvider(ProviderFactory.java:85) >>>> at >>>> org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:115) >>>> at >>>> org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:75) >>>> >>>> >>>> --------------------------------------------------------------------------------------------------------------------- >>>> Thanks. >>>> Nalin >>>> >>>> -- >>>> Nalin Chamara >>>> Software Engineer >>>> [email protected] >>>> +94715614756 >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> *Kasun Gajasinghe* >>> Software Engineer; >>> Development Technologies Team, WSO2 Inc.; http://wso2.com >>> >>> >>> , >>> *email: **kasung AT spamfree wso2.com >>> >>> >>> ** cell: **+94 (77) 678-0813* >>> *linked-in: *http://lk.linkedin.com/in/gajasinghe >>> >>> >>> * >>> * >>> *blog: **http://kasunbg.org* <http://kasunbg.org> >>> >>> >>> * >>> twitter: **http://twitter.com/kasunbg* <http://twitter.com/kasunbg> >>> >>> >>> * >>> * >>> >> >> >> >> -- >> Nalin Chamara >> Software Engineer >> [email protected] >> +94715614756 >> > > > > -- > Nalin Chamara > Software Engineer > [email protected] > +94715614756 > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Piyum Fernando Software Engineer Mobile: +94 77 22 93 880 Home: +94 31 22 75 715
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
