cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jasonmp...@gmail.com
Subject Re: Customise faults thrown from Ws Security
Date Mon, 15 Oct 2012 18:27:20 GMT
Probably in that case I was thinking about getting access to the in message
SoapMessage and figuring out the operation based on the first element
inside body. It should still be there as that is what wss4j interceptor
uses I think

Sent from my Galaxy S2
On Oct 16, 2012 5:15 AM, <jasonmpell@gmail.com> wrote:

> Ah yep makes perfect sense for cases where body is encrypted what about
> when not like for usernametoken and ssl
>
> Sent from my Galaxy S2
> On Oct 16, 2012 2:18 AM, "Daniel Kulp" <dkulp@apache.org> wrote:
>
>>
>> On Oct 15, 2012, at 6:21 AM, Jason Pell <jason@pellcorp.com> wrote:
>>
>> > Hi,
>> >
>> > I have a interceptor registered to intercept exceptions thrown from
>> > WSS Interceptors and also the Callback to wrap them in a domain fault.
>> > However I hit a problem because the WebFaultOutInterceptor expects
>> > the BindingOperationInfo to be populated and this is not populated
>> > until DocLiteralInInterceptor is executed which is after ws security
>> > is populated.
>> >
>> > We are not enforcing the use of the SOAPAction which I suppose might
>> > solve this, but before I go there I wanted to know if it was possible
>> > to move the parsing of the DocLiteralInInterceptor earlier so that at
>> > least I know the operation name before I validate ws security.
>>
>> Likely not.  If the soap:Body is encrypted, there wouldn't be a way to
>> determine the body until after the security stuff is handled.  Likewise, if
>> there is a security exception trying to decrypt the body, there also
>> wouldn't be a way to determine the operation.
>>
>>
>> --
>> Daniel Kulp
>> dkulp@apache.org - http://dankulp.com/blog
>> Talend Community Coder - http://coders.talend.com
>>
>>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message