Servicemix CXF-BC component JbiJAASInterceptor should catch
UndeclaredThrowableException
----------------------------------------------------------------------------------------
Key: SMXCOMP-703
URL: https://issues.apache.org/activemq/browse/SMXCOMP-703
Project: ServiceMix Components
Issue Type: Improvement
Components: servicemix-cxf-bc
Affects Versions: servicemix-cxf-bc-2009.02
Reporter: Joe Luo
Attachments: smx-cxf-bc-patch.patch
The ServiceMix CXF-BC component JbiJAASInterceptor calls authenticate()
function on JAASAuthenticationService to authenticate user:
{code}
for (Iterator it = hr.getResults().iterator(); it.hasNext();) {
WSSecurityEngineResult er = (WSSecurityEngineResult) it.next();
if (er != null && er.getPrincipal() instanceof WSUsernameTokenPrincipal) {
WSUsernameTokenPrincipal p =
(WSUsernameTokenPrincipal)er.getPrincipal();
subject.getPrincipals().add(p);
this.authenticationService.authenticate(subject, domain, p.getName(),
p.getPassword());
authenticated = true;
}
}
{code}
The function "authenticate(...)" might throw a FailedLoginException if a wrong
password is supplied. Because the CXF-BC uses an invocation handler to invoke
the method on a proxy instance, an UndeclaredThrowableException will be thrown
instead and wraped with the FailedLoginException. Currently we do not catch the
UndeclaredThrowableException and it caused the message of real exception to be
lost. Instead, a very generic message like "Fault occurred while processing."
is always thrown. It is definitely is not intuitive for the client side to find
out what is wrong on server side.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
