WS-Security exceptions aren't handled properly when using SOAP 1.2 in JBossWS Native
Issue
In case of authentication failure, the following happens:
An exception occured due to validation errors:
org.jboss.ws.extensions.security.exception.FailedAuthenticationException: The security token could not be authenticated or authorized.
at org.jboss.ws.extensions.security.operation.AuthorizeOperation.process(AuthorizeOperation.java:112)
at org.jboss.ws.extensions.security.WSSecurityDispatcher.authorize(WSSecurityDispatcher.java:155)
at org.jboss.ws.extensions.security.WSSecurityDispatcher.decodeMessage(WSSecurityDispatcher.java:104)
at org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurityHandler.java:81)
at org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHandlerServer.java:39)
at org.jboss.wsf.common.handler.GenericHandler.handleMessage(GenericHandler.java:53)
at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:305)
at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:142)
at org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDelegateJAXWS.java:97)
...
On the way through the WS-stack another exception occured:
2012-11-23 15:23:54,722 ERROR SOAPFaultHelperJAXRPC Error creating SOAPFault message
javax.xml.soap.SOAPException: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}FailedAuthentication is not a standard SOAP 1.2 Code value
at org.jboss.ws.core.soap.SOAPFaultImpl.setFaultCode(SOAPFaultImpl.java:222)
at org.jboss.ws.core.soap.SOAPFaultImpl.setFaultCode(SOAPFaultImpl.java:182)
at org.jboss.ws.core.soap.SOAPBodyImpl.addFault(SOAPBodyImpl.java:120)
at org.jboss.ws.core.jaxrpc.SOAPFaultHelperJAXRPC.toSOAPMessage(SOAPFaultHelperJAXRPC.java:245)
at org.jboss.ws.core.jaxrpc.SOAPFaultHelperJAXRPC.exceptionToFaultMessage(SOAPFaultHelperJAXRPC.java:213)
at org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS.exceptionToFaultMessage(SOAPFaultHelperJAXWS.java:184)
at org.jboss.ws.core.jaxws.binding.SOAP12BindingJAXWS.createFaultMessageFromException(SOAP12BindingJAXWS.java:110)
at org.jboss.ws.core.CommonSOAPBinding.bindFaultMessage(CommonSOAPBinding.java:650)
at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:304)
at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:468)
...
This results in an "wrong" answer to the client:
<env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope">
<env:Header/>
<env:Body>
<env:Fault>
<env:Code>
<env:Value>env:Receiver</env:Value>
</env:Code>
<env:Reason>
<env:Text xml:lang="de-DE">Cannot create SOAPFault message for: javax.xml.rpc.soap.SOAPFaultException: The security token could not be authenticated or authorized.</env:Text>
</env:Reason>
</env:Fault>
</env:Body>
</env:Envelope>
Environment
- JBoss Enterprise Application Platform (EAP)
- 5.x
- JBossWS Native
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
