Return-Path: Delivered-To: apmail-geronimo-dev-archive@www.apache.org Received: (qmail 24208 invoked from network); 31 May 2010 10:17:02 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 31 May 2010 10:17:02 -0000 Received: (qmail 26085 invoked by uid 500); 31 May 2010 10:17:02 -0000 Delivered-To: apmail-geronimo-dev-archive@geronimo.apache.org Received: (qmail 25973 invoked by uid 500); 31 May 2010 10:17:02 -0000 Mailing-List: contact dev-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list dev@geronimo.apache.org Received: (qmail 25961 invoked by uid 99); 31 May 2010 10:17:01 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 31 May 2010 10:17:01 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.22] (HELO thor.apache.org) (140.211.11.22) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 31 May 2010 10:16:59 +0000 Received: from thor (localhost [127.0.0.1]) by thor.apache.org (8.13.8+Sun/8.13.8) with ESMTP id o4VAGbVd002841 for ; Mon, 31 May 2010 10:16:37 GMT Message-ID: <23195868.83041275300997572.JavaMail.jira@thor> Date: Mon, 31 May 2010 06:16:37 -0400 (EDT) From: "viola.lu (JIRA)" To: dev@geronimo.apache.org Subject: [jira] Closed: (GERONIMO-4738) ejb ws report authorization failures as 500 internal server error In-Reply-To: <393394733.1247212275405.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/GERONIMO-4738?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] viola.lu closed GERONIMO-4738. ------------------------------ Resolution: Fixed Without ejb-jar.xml,jaxws-ejb-sec still runs well. So close it. > ejb ws report authorization failures as 500 internal server error > ----------------------------------------------------------------- > > Key: GERONIMO-4738 > URL: https://issues.apache.org/jira/browse/GERONIMO-4738 > Project: Geronimo > Issue Type: Bug > Security Level: public(Regular issues) > Components: webservices > Affects Versions: 2.2 > Reporter: David Jencks > Assignee: Delos Dai > Fix For: 2.2.1 > > > If you secure an ejb web service with ejb security constraints cxf reports authorization failures as 500 internal server error and doesn't log much useful. Axis2 logs the auth failure and IIRC reports 401 or 403. > I think this can be reproduced by removing the ejb-jar.xml security constraints from testsuite/webservices-testsuite/jaxws-tests/jaxws-ejb-sec/src/main/resources/META-INF/ejb-jar.xml -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.