Must understand check fails when a secure service is accessed in
servicename.endpointName manner (Secured via UT over HTTPS)
----------------------------------------------------------------------------------------------------------------------------
Key: WSAS-798
URL: https://wso2.org/jira/browse/WSAS-798
Project: WSO2 WSAS
Issue Type: Bug
Affects Versions: 2.3
Reporter: Keith Godwin Chapman
Assignee: Afkham Azeez
Noticed this bug in the Mashup Server, but this applies to WSAS too,
If the UT is applied to the version service and accessed via
https://localhost:7443/services/system/version.SecureHTTPEndpoint/getVersion
the mustUnderstand check fails. The following is the error
<Exception>
org.apache.axis2.AxisFault: Must Understand check failed for header
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
: Security
at org.apache.axis2.engine.AxisEngine.checkMustUnderstand(AxisEngine.java:102)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:166)
at
org.apache.axis2.transport.http.util.RESTUtil.invokeAxisEngine(RESTUtil.java:136)
at
org.apache.axis2.transport.http.util.RESTUtil.processURLRequest(RESTUtil.java:130)
at
org.apache.axis2.transport.http.AxisServlet$RestRequestProcessor.processURLRequest(AxisServlet.java:824)
at
org.wso2.mashup.transport.MashupServlet.processRestRequest(MashupServlet.java:123)
at
org.wso2.mashup.transport.MashupServlet.handleRestRequest(MashupServlet.java:96)
at org.wso2.wsas.transport.WSASServlet.doGet(WSASServlet.java:138)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at org.wso2.mashup.transport.ServiceUIFilter.doFilter(ServiceUIFilter.java:207)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at org.wso2.adminui.AdminUIServletFilter.doFilter(AdminUIServletFilter.java:135)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870)
at
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
at
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
at java.lang.Thread.run(Thread.java:619)
</Exception>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://wso2.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
Wsas-java-dev mailing list
Wsas-java-dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/wsas-java-dev
