[
https://issues.apache.org/jira/browse/RAMPART-197?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Thilina Buddhika reassigned RAMPART-197:
----------------------------------------
Assignee: Thilina Buddhika (was: Nandana Mihindukulasooriya)
> Rampart handler not processing empty security header with mustUnderstand="1"
> ----------------------------------------------------------------------------
>
> Key: RAMPART-197
> URL: https://issues.apache.org/jira/browse/RAMPART-197
> Project: Rampart
> Issue Type: Improvement
> Affects Versions: 1.4
> Environment: Oracle application server 10.1.3, embedded OC4J in
> JDeveloper & Eclipse used for testing.
> Reporter: Taariq Levack
> Assignee: Thilina Buddhika
>
> The application server returns a response that contains an empty security
> header and this is not processed by the Rampart handler and a fault is
> generated.
> As per Nandana the solution is to flag the empty header as processed when it
> expects nothing in the security header, for interoperability.
> This is the request header, simple username token....
> <soapenv:Header>
> <wsse:Security
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
> soapenv:mustUnderstand="1">
> <wsse:UsernameToken
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
> wsu:Id="UsernameToken-3201085">
> <wsse:Username>USERNAME</wsse:Username>
> <wsse:Password
> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>PASSWORD</wsse:Password>
> </wsse:UsernameToken>
> </wsse:Security>
> </soapenv:Header>
> And this is the response header
> <env:Header>
> <wsse:Security
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
>
> xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
> xmlns:env="http://schemas.xmlsoap.org/soap/envelope/";
> env:mustUnderstand="1"/>
> </env:Header>
> Exception in thread "main" org.apache.axis2.AxisFault: Must Understand check
> failed for header
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> : Security
> at
> org.apache.axis2.engine.AxisEngine.checkMustUnderstand(AxisEngine.java:102)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:166)
> at
> org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:363)
> at
> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
> at
> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
> at
> org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
> at
> org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:548)
> at
> org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:528)
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
