Hi, I had a quick look at the issue.
1. Check whether the axis service exists before proceeding with faulty exception 2. The securityAdmin.getCurrentScenario method call does a file read for each request which is expensive. We have introduced a caching mechanism for this. Please see the lines 202-218 in POXSecurityHandler class. We should incorporate these changes for the fault flow too. 3. As I see, all the UT secured services would return 401 Unauthorized status if a fault occurs regardless of what the fault is. Shouldn't we return the said status code only if username/password is incorrect/missing in the request? Regards, KasunG On Tue, Dec 3, 2013 at 8:22 PM, Supun Malinga <[email protected]> wrote: > Hi, > > So here we can check the service available or not in the axis config > before continuing. If the service not available let's send a 404.. > > thanks, > > > On Tue, Dec 3, 2013 at 7:53 PM, Manoj Kumara <[email protected]> wrote: > >> Hi, >> >> The problem here was since we added POXSecurityHandler to >> the OutFaultFlow according to [1] now every fault request will go through >> this path. I have modified it to continue the incoming fault exception if >> it occur any issues on processing the fault. Since this added faultFlow >> shouldn't affect the behavior of the response. >> >> [1] https://wso2.org/jira/browse/ESBJAVA-2731 >> >> Thanks, >> Manoj >> >> Best Regards.. >> >> >> Manoj Kumara >> Software Engineer >> WSO2, Inc.; http://wso2.com >> >> Twitter: http://twitter.com/ManKuma >> Mobile: +94713448188 >> >> >> On Tue, Dec 3, 2013 at 6:08 PM, Manoj Kumara <[email protected]> wrote: >> >>> Hi Nandika, >>> >>> I will looking on this. >>> >>> Thanks, >>> Manoj >>> >>> Best Regards.. >>> >>> >>> Manoj Kumara >>> Software Engineer >>> WSO2, Inc.; http://wso2.com >>> >>> Twitter: http://twitter.com/ManKuma >>> Mobile: +94713448188 >>> >>> >>> On Tue, Dec 3, 2013 at 6:00 PM, Nandika Jayawardana <[email protected]>wrote: >>> >>>> Hi Manoj, >>>> >>>> With the POXSecurity Handler change, if we send a message to a non >>>> existent service in either app server or bps , it produces a Null Pointer >>>> exception. >>>> >>>> [2013-12-03 17:54:10,737] ERROR >>>> {org.apache.catalina.core.StandardWrapperValve} - Servlet.service() for >>>> servlet [bridgeservlet] in context with path [/] threw exception >>>> java.lang.NullPointerException >>>> at >>>> org.wso2.carbon.security.pox.POXSecurityHandler.invoke(POXSecurityHandler.java:90) >>>> at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340) >>>> at org.apache.axis2.engine.Phase.invoke(Phase.java:313) >>>> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261) >>>> at org.apache.axis2.engine.AxisEngine.sendFault(AxisEngine.java:515) >>>> at >>>> org.apache.axis2.transport.http.AxisServlet.handleFault(AxisServlet.java:433) >>>> at >>>> org.apache.axis2.transport.http.AxisServlet.processAxisFault(AxisServlet.java:398) >>>> at >>>> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:188) >>>> at >>>> org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231) >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:755) >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) >>>> at >>>> org.eclipse.equinox.http.helper.FilterServletAdaptor$FilterChainImpl.doFilter(FilterServletAdaptor.java:56) >>>> at >>>> org.wso2.carbon.mashup.jsservices.custom.ui.CustomUIServletFilter.doFilter(CustomUIServletFilter.java:233) >>>> at >>>> org.eclipse.equinox.http.helper.FilterServletAdaptor.service(FilterServletAdaptor.java:37) >>>> at >>>> org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61) >>>> at >>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128) >>>> at >>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68) >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) >>>> at >>>> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68) >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) >>>> at >>>> org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61) >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) >>>> at >>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) >>>> at >>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222) >>>> at >>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123) >>>> at >>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) >>>> at >>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171) >>>> at >>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99) >>>> at >>>> org.wso2.carbon.statistics.webapp.RequestIntercepterValve.invoke(RequestIntercepterValve.java:43) >>>> at >>>> org.wso2.carbon.bam.webapp.stat.publisher.WebAppStatisticPublisherValve.invoke(WebAppStatisticPublisherValve.java:104) >>>> at >>>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:178) >>>> at >>>> org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47) >>>> at >>>> org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:56) >>>> at >>>> org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47) >>>> at >>>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:141) >>>> at >>>> org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156) >>>> at >>>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936) >>>> at >>>> org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52) >>>> at >>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) >>>> at >>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) >>>> at >>>> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004) >>>> at >>>> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589) >>>> at >>>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653) >>>> at >>>> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895) >>>> at >>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918) >>>> at java.lang.Thread.run(Thread.java:662) >>>> >>>> >>>> Regards >>>> Nandika >>>> >>>> -- >>>> Nandika Jayawardana >>>> Senior Technical Lead >>>> WSO2 Inc ; http://wso2.com >>>> lean.enterprise.middleware >>>> >>> >>> >> > > > -- > Supun Malinga, > > Senior Software Engineer, > WSO2 Inc. > http://wso2.com > email: [email protected] <[email protected]> > mobile: +94 (0)71 56 91 321 > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- *Kasun Gajasinghe* Software Engineer; WSO2 Inc.; http://wso2.com , *email: * *kasung AT spamfree wso2.com <http://wso2.com> ** cell: **+94 (77) 678-0813* *linked-in: *http://lk.linkedin.com/in/gajasinghe *blog: **http://kasunbg.org* <http://kasunbg.org> *twitter: **http://twitter.com/kasunbg* <http://twitter.com/kasunbg>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
