axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thilina Buddhika (Assigned) (JIRA)" <j...@apache.org>
Subject [jira] [Assigned] (RAMPART-332) InvalidSecurity for first requests
Date Tue, 06 Mar 2012 06:24:59 GMT

     [ https://issues.apache.org/jira/browse/RAMPART-332?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Thilina Buddhika reassigned RAMPART-332:
----------------------------------------

    Assignee: Thilina Buddhika
    
> InvalidSecurity for first requests
> ----------------------------------
>
>                 Key: RAMPART-332
>                 URL: https://issues.apache.org/jira/browse/RAMPART-332
>             Project: Rampart
>          Issue Type: Bug
>    Affects Versions: 1.4, 1.5
>         Environment: Axis 1.5.2, rampart 1.4
>            Reporter: Oliver Rohr
>            Assignee: Thilina Buddhika
>            Priority: Critical
>
> The exception in the same as in AXIS2-3999, but Im not sure if it has the same origin
> org.apache.axis2.AxisFault: InvalidSecurity
> 	at org.apache.rampart.handler.PostDispatchVerificationHandler.invoke(PostDispatchVerificationHandler.java:143)
> 	at org.apache.axis2.engine.Phase.invoke(Phase.java:318)
> 	at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:251)
> 	at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:160)
> 	at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167)
> 	at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:142)
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
> ...
> we do have 3 services and we are using MTOM in the Clients to sent attachments. Rampart
engaged in the services.xml and a policy using a custom password handler as follows:
> 	<module ref="rampart" />
>     <module ref="addressing" />
>     
>     <wsp:Policy wsu:Id="UTOverTransport" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
>         <wsp:ExactlyOne>
>           <wsp:All>
>             <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>               <wsp:Policy>
>                 <sp:TransportToken>
>                   <wsp:Policy>
>  <!--                  <sp:HashPassword/> --> 
>                   </wsp:Policy>
>                 </sp:TransportToken>
>               </wsp:Policy>
>             </sp:TransportBinding>
>             <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>                 <wsp:Policy>
>                     <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"
/>
>               </wsp:Policy>
>             </sp:SignedSupportingTokens>
>   			
> 			<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"> 
> 				<ramp:passwordCallbackClass>custom.PasswordCallbackHandler</ramp:passwordCallbackClass>
> 			</ramp:RampartConfig>		
> 		  </wsp:All>
> 		</wsp:ExactlyOne>
> 	</wsp:Policy>
> policy.xml in client:
> <wsp:Policy wsu:Id="UsernameToken" xmlns:wsu=
>     "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>     xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
>   <wsp:ExactlyOne>
>     <wsp:All>
>       <sp:SupportingTokens
>           xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
>         <wsp:Policy>
>           <sp:UsernameToken sp:IncludeToken=
>               "http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
>             <wsp:Policy>
> <!--                <sp:HashPassword/>-->
>             </wsp:Policy>
>           </sp:UsernameToken> 
>         </wsp:Policy>
>       </sp:SupportingTokens>
>     </wsp:All>
>   </wsp:ExactlyOne>
> </wsp:Policy>
> Client code:
>   ServiceClient sc = stub._getServiceClient();
>       sc.engageModule("addressing");
>       sc.engageModule("rampart");
>       Options options = sc.getOptions();
>       options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, loadPolicy("axis2repo/policies/policy.xml"));
>       options.setUserName(config.getServerUser());
>       options.setPassword(config.getServerPassword());
>       // enale MTOM optimzation in client
>       options.setProperty(Constants.Configuration.ENABLE_MTOM, Constants.VALUE_TRUE);
>       options.setTimeOutInMilliSeconds(getConnectionTimeout() * 1000);
> The facts:
> 1) This works fine for any amount of requests that are sent in sequence.
> 2) This doesnt work for multiple requests (tested with 10 requests sent at approx. the
same time) that are received by the server right after the server startup. In this case one
(or some?) of the first requests produce the mentioned security exception.
> 3) If then again 10 requests are sent in parallel all works fine again.
> Thus I assume this is a problem with the policy loading at the beginning (lazy loading?),
e.g. something is not thread safe?
> I would like to know if this a known problem and if there is a workaround for this (e.g.
on startup of the application could I just load everything that is needed to ensure Axis/rampart
policy parts are fully initialized).
> Note: I also tried this with Axis 1.5.4 and rampart 1.5 but the same problem occured.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org


Mime
View raw message