WS-Security exceptions aren't handled properly when using SOAP 1.2 in JBossWS Native

Solution In Progress - Updated -

Issue

In case of authentication failure, the following happens:

An exception occured due to validation errors:

org.jboss.ws.extensions.security.exception.FailedAuthenticationException: The security token could not be authenticated or authorized.
    at org.jboss.ws.extensions.security.operation.AuthorizeOperation.process(AuthorizeOperation.java:112)
    at org.jboss.ws.extensions.security.WSSecurityDispatcher.authorize(WSSecurityDispatcher.java:155)
    at org.jboss.ws.extensions.security.WSSecurityDispatcher.decodeMessage(WSSecurityDispatcher.java:104)
    at org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurityHandler.java:81)
    at org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHandlerServer.java:39)
    at org.jboss.wsf.common.handler.GenericHandler.handleMessage(GenericHandler.java:53)
    at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:305)
    at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:142)
    at org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDelegateJAXWS.java:97)
    ...

On the way through the WS-stack another exception occured:

2012-11-23 15:23:54,722  ERROR  SOAPFaultHelperJAXRPC Error creating SOAPFault message
javax.xml.soap.SOAPException: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}FailedAuthentication is not a standard SOAP 1.2 Code value
    at org.jboss.ws.core.soap.SOAPFaultImpl.setFaultCode(SOAPFaultImpl.java:222)
    at org.jboss.ws.core.soap.SOAPFaultImpl.setFaultCode(SOAPFaultImpl.java:182)
    at org.jboss.ws.core.soap.SOAPBodyImpl.addFault(SOAPBodyImpl.java:120)
    at org.jboss.ws.core.jaxrpc.SOAPFaultHelperJAXRPC.toSOAPMessage(SOAPFaultHelperJAXRPC.java:245)
    at org.jboss.ws.core.jaxrpc.SOAPFaultHelperJAXRPC.exceptionToFaultMessage(SOAPFaultHelperJAXRPC.java:213)
    at org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS.exceptionToFaultMessage(SOAPFaultHelperJAXWS.java:184)
    at org.jboss.ws.core.jaxws.binding.SOAP12BindingJAXWS.createFaultMessageFromException(SOAP12BindingJAXWS.java:110)
    at org.jboss.ws.core.CommonSOAPBinding.bindFaultMessage(CommonSOAPBinding.java:650)
    at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:304)
    at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:468)
    ...

This results in an "wrong" answer to the client:

<env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope">
   <env:Header/>
   <env:Body>
      <env:Fault>
         <env:Code>
            <env:Value>env:Receiver</env:Value>
         </env:Code>
         <env:Reason>
            <env:Text xml:lang="de-DE">Cannot create SOAPFault message for: javax.xml.rpc.soap.SOAPFaultException: The security token could not be authenticated or authorized.</env:Text>
         </env:Reason>
      </env:Fault>
   </env:Body>
</env:Envelope>

Environment

  • JBoss Enterprise Application Platform (EAP)
    • 5.x
  • JBossWS Native

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.