ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mikkel Lauritsen <ren...@tala.dk>
Subject Processing security headers on SOAP Fault response?
Date Sun, 18 Mar 2012 10:32:08 GMT
Hi all,

I have implemented an Axis based client for a relatively simple web
service, using WSS4J 1.5.11 to do username/token security. This works
fine except if the service fails and I get a response which basically
looks like this (namespaces removed for brevity):

<s:Envelope>
<s:Header>
<o:Security s:mustUnderstand="1">
<u:Timestamp>
<u:Created>2012-03-16T13:37:50.548Z</u:Created>
<u:Expires>2012-03-16T13:42:50.548Z</u:Expires>
</u:Timestamp>
</o:Security>
</s:Header>
<s:Body>
<s:Fault>
<faultcode ...>

This causes Axis to throw an AxisFault saying that it didn't understand
the MustUnderstand header(s) and the actual Fault contained in the
response is ignored so I end up without information about what actually
went wrong in the service.

I'm a bit puzzled about how to handle this situation. If it's okay for
a Fault response to contain security headers how are they best processed
using WSS4J? I've come across an old (2005) discussion titled
"wsse:Security header and soap:Fault" on the wss4j-dev mailing list which
ends in
http://mail-archives.apache.org/mod_mbox/ws-fx-dev/200512.mbox/%3CA5B453A80186CF47BDA33BBA924EFAE9A469DE@MCHP7I5A.ww002.siemens.net%3E
but the WSDoAllReceiver handler still seems to explicitly skip documents
containing Faults.

Best regards & thanks,
  Mikkel Lauritsen

Mime
View raw message