Uploaded image for project: 'Rampart'
  1. Rampart
  2. RAMPART-333

Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd : Security

    XMLWordPrintableJSON

    Details

    • Type: Question
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.5.1
    • Fix Version/s: 1.5.1
    • Component/s: rampart-core
    • Labels:
    • Environment:
      Windows Xp

      Description

      On receiving the fault response with security header, axis2(version 1.5.1) is showing the error "Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd : Security"
      I have added SecurityInHandler in the <InFaultFlow> tag in module.xml in the rampart.mar file (rampart version is 1.5.1)
      The <InFaultFlow> tag in the module.xml will looks like this
      <InFaultFlow>
      <handler name="PolicyBasedSecurityInHandler" class="org.apache.rampart.handler.RampartReceiver">
      <order phase="Security" phaseFirst="true"/>
      </handler>
      <handler name="SecurityInHandler" class="org.apache.rampart.handler.WSDoAllReceiver">
      <order phase="Security"/>
      </handler>
      <handler name="PostDispatchVerificationHandler" class="org.apache.rampart.handler.PostDispatchVerificationHandler">
      <order phase="Dispatch" phaseLast="true"/>
      </handler>
      </InFaultFlow>

      But still this error in security is coming.

      On checking the WSDoAllReceiver.java file in rampart-src-1.5.1\modules\rampart-core\src\main\java\org\apache\rampart\handler
      It is found that in the method processBasic(...){
      ...........
      .....
      // Do not process faults
      SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc
      .getDocumentElement());
      if (WSSecurityUtil.findElement(doc.getDocumentElement(), "Fault",
      soapConstants.getEnvelopeURI()) != null)

      { return; }

      ...........
      ...........

      }

      It is not processing if fault is seen.
      Is this a bug?
      If no, how do i read the fault response with security header?

      Please tell how to resolve this issue.

        Attachments

        1. module.xml
          2 kB
          Deepu Janardhanan
        2. policy.xml
          2 kB
          Deepu Janardhanan
        3. axis2.xml
          30 kB
          Deepu Janardhanan

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              deepujs Deepu Janardhanan
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: