axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Balu <vsb...@gmail.com>
Subject rampart security header in fault messages
Date Sat, 04 Jun 2011 12:26:21 GMT
Hi,

My client program is not able to process the fault messages from the server.
 The exception that I am getting is,

org.apache.axis2.AxisFault: Must Understand check failed for header
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:
Security
        at org.apache.axis2.engine.AxisEngine.checkMustUnderstand(*
AxisEngine.java:86*)
        at org.apache.axis2.engine.AxisEngine.receive(*AxisEngine.java:138*)
        at
org.apache.axis2.description.OutInAxisOperationClient.handleResponse(*
OutInAxisOperation.java:336*)
        at org.apache.axis2.description.OutInAxisOperationClient.send(*
OutInAxisOperation.java:389*)
        at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(*
OutInAxisOperation.java:211*)
        at org.apache.axis2.client.OperationClient.execute(*
OperationClient.java:163*)


As per the suggestion that I got after googling, I modified the InFaultFlow
section of module.xml inside the rampart-1.5.1.mar like below


 <InFaultFlow>
        <handler name="PolicyBasedSecurityInHandler"
class="org.apache.rampart.handler.RampartReceiver">
            <order phase="Security" phaseFirst="true"/>
        </handler>
        <handler name="SecurityInHandler"
class="org.apache.rampart.handler.WSDoAllReceiver">
            <order phase="Security"/>
        </handler>
        <handler name="PostDispatchVerificationHandler"
class="org.apache.rampart.handler.PostDispatchVerificationHandler">
            <order phase="Dispatch" phaseLast="true"/>
        </handler>
    </InFaultFlow>

But this didn't turned out to be success. I checked the code of
WSDoAllReceiver and found the following line,

 *SOAPConstants* soapConstants = *WSSecurityUtil*.getSOAPConstants(doc
                .getDocumentElement());
 *if* (*WSSecurityUtil*.findElement(doc.getDocumentElement(), "Fault",
                soapConstants.getEnvelopeURI()) != *null*) {
             *return*;
 }

Does this mean that the Rampart engine does not except the security header
for SOAP messages?

Please help me to resolve this issue

Mime
View raw message