[jira] Assigned: (RAMPART-197) Rampart handler not processing empty security header with mustUnderstand="1"

Tue, 01 Mar 2011 00:36:07 -0800 

     [ 
https://issues.apache.org/jira/browse/RAMPART-197?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Thilina Buddhika reassigned RAMPART-197:
----------------------------------------

    Assignee: Thilina Buddhika  (was: Nandana Mihindukulasooriya)

> Rampart handler not processing empty security header with mustUnderstand="1"
> ----------------------------------------------------------------------------
>
>                 Key: RAMPART-197
>                 URL: https://issues.apache.org/jira/browse/RAMPART-197
>             Project: Rampart
>          Issue Type: Improvement
>    Affects Versions: 1.4
>         Environment: Oracle application server 10.1.3, embedded OC4J in 
> JDeveloper & Eclipse used for testing.
>            Reporter: Taariq Levack
>            Assignee: Thilina Buddhika
>
> The application server returns a response that contains an empty security 
> header and this is not processed by the Rampart handler and a fault is 
> generated.
> As per Nandana the solution is to flag the empty header as processed when it 
> expects nothing in the security header, for interoperability.
> This is the request header, simple username token....
> <soapenv:Header>
>          <wsse:Security 
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
>  soapenv:mustUnderstand="1">
>             <wsse:UsernameToken 
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>  wsu:Id="UsernameToken-3201085">
>                <wsse:Username>USERNAME</wsse:Username>
>                <wsse:Password 
> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>PASSWORD</wsse:Password>
>             </wsse:UsernameToken>
>          </wsse:Security>
>       </soapenv:Header>
> And this is the response header
> <env:Header>
>       <wsse:Security 
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
>  
> xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
>  xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"; 
> env:mustUnderstand="1"/>
>    </env:Header>
> Exception in thread "main" org.apache.axis2.AxisFault: Must Understand check 
> failed for header 
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
>  : Security
>       at 
> org.apache.axis2.engine.AxisEngine.checkMustUnderstand(AxisEngine.java:102)
>       at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:166)
>       at 
> org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:363)
>       at 
> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
>       at 
> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
>       at 
> org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
>       at 
> org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:548)
>       at 
> org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:528)

-- 
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org
For additional commands, e-mail: java-dev-h...@axis.apache.org

Reply via email to