ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <>
Subject Re: How to determine the cause of security validation failure?
Date Tue, 28 Apr 2015 09:47:59 GMT
Enable debug logging + look at the server logs? If you want the service to
return the error to the client, then this will depend on the SOAP stack you
are using WSS4J with. CXF will strip the underlying exception out, to avoid
returning sensitive information to malicious clients. You can add a switch
to enable this though if desired.


On Mon, Apr 27, 2015 at 5:36 PM, Yang, Gang CTR USARMY (US) <> wrote:

>   Hi,
> I'm using WSS4j 1.6.18 for our SOAP based Web Services. We use
> WS-addressing, Timestamp and SAML 2.0 Holder-of-key. We sign the SOAP body
> as well as Timestamp and WS-addressing headers. When validating the secured
> SOAP message on the receiving side,  WSSecurityEngine.processSecurityHeader()
> simply throws a general WSSecurityException and I don't have the  WSSecurityEngineResult's
> to analyze. My question is how can I determine exactly what went wrong? I
> would like to know if the SAML token is invalid, or the timestamp is out of
> range, or one of the signed part was tempered?
> Thanks,
> Gang

Colm O hEigeartaigh

Talend Community Coder

View raw message