cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <>
Subject [jira] [Commented] (CXF-6255) WSS4JInInterceptor: "Security header, but it's a fault"
Date Fri, 13 Feb 2015 15:36:12 GMT


Colm O hEigeartaigh commented on CXF-6255:

The purpose of the message is to indicate that a SOAP fault was received with no security
applied to it. It is logged at "WARN", as when WSS4J is configured via the "action" approach
(as opposed to WS-SecurityPolicy), then we don't enforce security on the incoming SOAP fault.
I don't have strong feelings either way on it, but I would probably just leave the message
at WARN as it is.


> WSS4JInInterceptor: "Security header, but it's a fault"
> -------------------------------------------------------
>                 Key: CXF-6255
>                 URL:
>             Project: CXF
>          Issue Type: Improvement
>            Reporter: Richard O'Sullivan
>            Priority: Minor
>   Original Estimate: 1h
>  Remaining Estimate: 1h
> When CXF processes a SoapFault it logs this WARNing: "Request does not contain Security
header, but it's a fault.". The message is logged from the handleMessage at WSS4JInInterceptor
in the package
> The message is cryptic but I think it is intended to be an INFO or DEBUG instead of a
> If I'm correct please make this an INFO or a DEBUG; otherwise, rewrite the message to
indicate a course of action to eliminate the warning.

This message was sent by Atlassian JIRA

View raw message