Hi,
Currently rampart in-handler is called in "PreDispatch" phase in inflow.
Due to that, if a message is having only soap action (no operation is
specified in url or no wsa:action is given, so only possible way of
dispatching is based on soap action) and message is secured, security
cannot be verified. This is because, rampart needs operation to be
resolved before verifying the security of the message. If the message is
having only soap action, then when message comes to rampart, still the
operation is not resolved.
Can somebody confirm soap action based dispatching happening on
"PreDispatch"? If so, can we introduce another phase "Security" between
"PreDispatch" and "Dispatch" and install rampart-in-handler to
"Security" phase? will it cause any problem? Any reason why
rampart-in-handler is installed in "PreDispatch" phase rather than
another phase? (I tried it and it worked)
Comments are welcome.
Regards,
Shankar.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
