Hi,
I'm using CXF webservices generated from a WSDL with SOAP document style.
Under normal conditions, the client and server work fine, and can I read
info back from the the server (SOAP http messages passed between both)
However, for some servers, I am using SUNs Policy Agent, which checks for an
authentication token in the http header cookie before allowing access to the
web service. I set up the cxf service port as follow:
Service service = Service.create(serviceName);
service.addPort(portName, SOAPBinding.SOAP11HTTP_BINDING, address);
servicePort = (IMyService)service.getPort(portName,
IMyService.class);
I also add the authentication token to the http header cookie in the
service's request context.
If the token is correct, everything works fine. However, if the token is
incorrect, and access is denied, the policy agent does not return a SOAP
http message. In this case, the web service method throws a low-level
XMLStreamReader exception i.e. it can't read the SOAP message response - so
I can't get the actual response from the policy agent.
Would anyone have an idea on this? Should I configure the CXF port
differently, or should I try to get the policy agent to return a SOAP
message even if access is denied.
Any help would be greatly appreciated!
Rob
--
View this message in context:
http://www.nabble.com/XMLStreamReader-exception-when-using-webservice-with-security-access-denied-tp19720991p19720991.html
Sent from the cxf-user mailing list archive at Nabble.com.
