|
»
Faults and WS-Security signing/encryption
|
View:
New views
6 Messages
—
Rating Filter:
Alert me
|
 |
Faults and WS-Security signing/encryption
by metro-3
::
Rate this Message:
Metro 1.5 is not signing or encrypting Fault responses, even though the policy requires signing and encryption:
<wsp:Policy wsu:Id="SignEncr" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> <wsp:ExactlyOne> <wsp:All> <sp:AsymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> <wsp:Policy> ... <sp:IncludeTimestamp/> <sp:OnlySignEntireHeadersAndBody/> </wsp:Policy> </sp:AsymmetricBinding> <sp:SignedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> <sp:Body/> </sp:SignedParts> <sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> <sp:Body/> </sp:EncryptedParts> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> Normal responses are signed and encrypted as expected, but a Fault response returned by Metro doesn't even include a WS-Security header: <?xml version='1.0' encoding='UTF-8'?> <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"> <S:Body> <S:Fault xmlns:ns4="http://www.w3.org/2003/05/soap-envelope"> <faultcode>S:Server</faultcode> <faultstring>Book already present with matching ISBN</faultstring> <detail> ... As far as I know, the same security is supposed to be applied to Fault responses as to normal responses. Is this a known bug in Metro? [Message sent by forum member 'dsosnoski' (dms@...)] http://forums.java.net/jive/thread.jspa?messageID=370111 --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@... |
|
|
Re: Faults and WS-Security signing/encryption
by metro-3
::
Rate this Message:
If the fault is a wsdl:fault and you specified the fault policy that would be used to secure the fault response in general.
But from the policy you specified it could be a bug, i will double check and get back. [Message sent by forum member 'kumarjayanti' (vbkumar.jayanti@...)] http://forums.java.net/jive/thread.jspa?messageID=370562 --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@... |
|
|
Re: Faults and WS-Security signing/encryption
by metro-3
::
Rate this Message:
The policy is being applied at the binding level:
<wsdl:binding name="LibrarySoapBinding" type="wns:Library"> <wsp:PolicyReference xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" URI="#SignEncr"/> <wsdlsoap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/> <wsdl:operation name="getBook"> ... [Message sent by forum member 'dsosnoski' (dms@...)] http://forums.java.net/jive/thread.jspa?messageID=370565 --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@... |
|
|
Re: Faults and WS-Security signing/encryption
by suresh-22
::
Rate this Message:
Hi,dsosnoski
can you post the code snippet where you are throwing the soap fault in your service? I just want to see how you are throwing the soap fault.. also can you post your full wsdl here ? thanks suresh metro@... wrote: > The policy is being applied at the binding level: > > > <wsdl:binding name="LibrarySoapBinding" type="wns:Library"> > > <wsp:PolicyReference xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" > URI="#SignEncr"/> > > <wsdlsoap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/> > > <wsdl:operation name="getBook"> > ... > [Message sent by forum member 'dsosnoski' (dms@...)] > > http://forums.java.net/jive/thread.jspa?messageID=370565 > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@... > For additional commands, e-mail: users-help@... > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@... |
|
|
Re: Faults and WS-Security signing/encryption
by metro-3
::
Rate this Message:
I've attached the entire project with an Ant build.xml to this message. You just need to edit build.properties and set the metro-home location. But here's the code snippet throwing the SOAP Fault:
public boolean addBook(String type, String isbn, List<String> author, String title) throws AddDuplicateFault { BookInformation prior = m_server.getBook(isbn); if (prior == null) { BookInformation book = new BookInformation(); ... } else { AddDuplicate ad = new AddDuplicate(); ad.setBook(prior); AddDuplicateFault e = new AddDuplicateFault("Book already present with matching ISBN", ad); throw e; } } [Message sent by forum member 'dsosnoski' (dms@...)] http://forums.java.net/jive/thread.jspa?messageID=370949 --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@... |
|
|
Re: Faults and WS-Security signing/encryption
by metro-3
::
Rate this Message:
HI,dsosnoski ,
actually we fixed it recently and please try with most recent wsit build and let us know if it is not working for you .. thanks suresh [Message sent by forum member 'sm228678' (suresh.mandalapu@...)] http://forums.java.net/jive/thread.jspa?messageID=371104 --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@... |
| Free embeddable forum powered by Nabble | Forum Help |
