WS-Security exceptions aren't handled properly when using SOAP 1.2 in JBossWS Native
Issue
In case of authentication failure, the following happens:
An exception occured due to validation errors:
org.jboss.ws.extensions.security.exception.FailedAuthenticationException: The security token could not be authenticated or authorized.
at org.jboss.ws.extensions.security.operation.AuthorizeOperation.process(AuthorizeOperation.java:112)
at org.jboss.ws.extensions.security.WSSecurityDispatcher.authorize(WSSecurityDispatcher.java:155)
at org.jboss.ws.extensions.security.WSSecurityDispatcher.decodeMessage(WSSecurityDispatcher.java:104)
at org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurityHandler.java:81)
at org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHandlerServer.java:39)
at org.jboss.wsf.common.handler.GenericHandler.handleMessage(GenericHandler.java:53)
at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:305)
at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:142)
at org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDelegateJAXWS.java:97)
...
On the way through the WS-stack another exception occured:
2012-11-23 15:23:54,722 ERROR SOAPFaultHelperJAXRPC Error creating SOAPFault message
javax.xml.soap.SOAPException: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}FailedAuthentication is not a standard SOAP 1.2 Code value
at org.jboss.ws.core.soap.SOAPFaultImpl.setFaultCode(SOAPFaultImpl.java:222)
at org.jboss.ws.core.soap.SOAPFaultImpl.setFaultCode(SOAPFaultImpl.java:182)
at org.jboss.ws.core.soap.SOAPBodyImpl.addFault(SOAPBodyImpl.java:120)
at org.jboss.ws.core.jaxrpc.SOAPFaultHelperJAXRPC.toSOAPMessage(SOAPFaultHelperJAXRPC.java:245)
at org.jboss.ws.core.jaxrpc.SOAPFaultHelperJAXRPC.exceptionToFaultMessage(SOAPFaultHelperJAXRPC.java:213)
at org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS.exceptionToFaultMessage(SOAPFaultHelperJAXWS.java:184)
at org.jboss.ws.core.jaxws.binding.SOAP12BindingJAXWS.createFaultMessageFromException(SOAP12BindingJAXWS.java:110)
at org.jboss.ws.core.CommonSOAPBinding.bindFaultMessage(CommonSOAPBinding.java:650)
at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:304)
at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:468)
...
This results in an "wrong" answer to the client:
<env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope">
<env:Header/>
<env:Body>
<env:Fault>
<env:Code>
<env:Value>env:Receiver</env:Value>
</env:Code>
<env:Reason>
<env:Text xml:lang="de-DE">Cannot create SOAPFault message for: javax.xml.rpc.soap.SOAPFaultException: The security token could not be authenticated or authorized.</env:Text>
</env:Reason>
</env:Fault>
</env:Body>
</env:Envelope>
Environment
- JBoss Enterprise Application Platform (EAP)
- 5.x
- JBossWS Native
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
