[
https://issues.apache.org/jira/browse/RAMPART-305?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12979922#action_12979922
]
Amila Jayasekara commented on RAMPART-305:
------------------------------------------
Hi,
This issue is easily reproducible by giving a wrong keystore alias name in the
server side rampart policy. Thus this issue occus when trying to apply policy
to a AxisFault. This is best explained using following example,
Say, I have a web service with sign only security policy applied. Thus
mistakenly I give a wrong keystore alias for server side policy. Now client
sends a request and service needs to send a response. But when service tries to
sign the response it gets an error. This error is reported as an AxisFault. But
there is a sign only policy applied, therefore server again tries to sign the
error (AxisFault). Again Rampart gets the same error. Since Axis2 framework is
removing erroneous phases in an AxisFault this doesnt goes in a recursive loop.
But a HTML page with "HTTP/1.1 500" is returned to the client.
As discussed in Axis2 mail thread we decided to apply following solution. (See
mail thread with subject "Handling framework errors when a policy is applied"
for more details.)
If there is an AxisFault, try to apply policy to AxisFault. If framework gets
an error while applying policy to AxisFault, return original AxisFault
(AxisFault before applying policy) to client.
Thanks
AmilaJ
> If Rampart detects a security error a HTML page is send to the client instead
> of a SOAP fault
> ---------------------------------------------------------------------------------------------
>
> Key: RAMPART-305
> URL: https://issues.apache.org/jira/browse/RAMPART-305
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.4
> Environment: Axis2-1.5..1 is installed as web app under Tomcat 5.5.28
> and uses Rampart 1.4.
> Running on Windows XP
> Reporter: Herwig David
> Attachments: axis2.log, request.txt, response.txt, services.xml,
> WS7X4AssortmentOrder.wsdl
>
>
> If I call a web service with wrong security data rampart correctly detects
> that 'The signature or decryption was invalid'. That's fine.
> Unfortunately I get a NullPointerException when returning to the client
> afterwards.
> Is there a way to just send the SOAP fault back to the client instead of
> sending a HTML page?
> Is this related to issue RAMPART-164?
> I've attached the log file, the wsdl file and messages send between client
> and server.
> Thanks and regards,
> Herwig
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
