Enable debug logging + look at the server logs? If you want the service to return the error to the client, then this will depend on the SOAP stack you are using WSS4J with. CXF will strip the underlying exception out, to avoid returning sensitive information to malicious clients. You can add a switch to enable this though if desired.
Colm. On Mon, Apr 27, 2015 at 5:36 PM, Yang, Gang CTR USARMY (US) < [email protected]> wrote: > Hi, > > > > I'm using WSS4j 1.6.18 for our SOAP based Web Services. We use > WS-addressing, Timestamp and SAML 2.0 Holder-of-key. We sign the SOAP body > as well as Timestamp and WS-addressing headers. When validating the secured > SOAP message on the receiving side, WSSecurityEngine.processSecurityHeader() > simply throws a general WSSecurityException and I don't have the > WSSecurityEngineResult's > to analyze. My question is how can I determine exactly what went wrong? I > would like to know if the SAML token is invalid, or the timestamp is out of > range, or one of the signed part was tempered? > > > > Thanks, > > Gang > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
