cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CXF-6255) WSS4JInInterceptor: "Security header, but it's a fault"
Date Fri, 13 Feb 2015 15:36:12 GMT

    [ https://issues.apache.org/jira/browse/CXF-6255?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14320304#comment-14320304
] 

Colm O hEigeartaigh commented on CXF-6255:
------------------------------------------

The purpose of the message is to indicate that a SOAP fault was received with no security
applied to it. It is logged at "WARN", as when WSS4J is configured via the "action" approach
(as opposed to WS-SecurityPolicy), then we don't enforce security on the incoming SOAP fault.
I don't have strong feelings either way on it, but I would probably just leave the message
at WARN as it is.

Colm.

> WSS4JInInterceptor: "Security header, but it's a fault"
> -------------------------------------------------------
>
>                 Key: CXF-6255
>                 URL: https://issues.apache.org/jira/browse/CXF-6255
>             Project: CXF
>          Issue Type: Improvement
>            Reporter: Richard O'Sullivan
>            Priority: Minor
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> When CXF processes a SoapFault it logs this WARNing: "Request does not contain Security
header, but it's a fault.". The message is logged from the handleMessage at WSS4JInInterceptor
in the package org.apache.cxf.ws.security.wss4j.
> The message is cryptic but I think it is intended to be an INFO or DEBUG instead of a
WARN.
> If I'm correct please make this an INFO or a DEBUG; otherwise, rewrite the message to
indicate a course of action to eliminate the warning.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message