Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-1632

Improve WS-Security error handling

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.1, 2.0.6
    • Fix Version/s: 2.1.1, 2.0.7
    • Component/s: WS-* Components
    • Labels:
      None

      Description

      A number of minor changes are required to how error handling is implemented for WS-Security in CXF. The SOAP Message security 1.1 specification (chapter 12 "Error Handling") details standard fault strings and fault codes to be returned to the user in the event of an error, something we don't always adhere to in the WSS4JInInterceptor.

      In particular, the WSS4JInInterceptor must be modified to catch "WSSecurityException"s thrown by WSS4J, and populate and throw a SoapFault object accordingly. In addition, the content of the SoapFault changes depending on whether SOAP 1.1 or 2.0 is used.

      Please review and apply the attached patch for this.

        Attachments

        1. cxf_1632.patch
          18 kB
          Colm O hEigeartaigh

          Activity

            People

            • Assignee:
              dkulp Daniel Kulp
              Reporter:
              coheig Colm O hEigeartaigh
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: