Hi Bob,
This is done on purpose. Have a look at this JIRA [1]. We only secure
service faults. But if the security validation fails we don't secure those
faults due to security considerations.
thanks,
nandana
[1] - http://issues.apache.org/jira/browse/RAMPART-90
On Tue, Oct 28, 2008 at 12:12 AM, Bob Jacoby <[EMAIL PROTECTED]> wrote:
> I believe I've run into issue
> https://issues.apache.org/jira/browse/RAMPART-193 where Rampart does not
> sign the outbound message if a fault is encountered. I throw a custom
> soap fault in a handler that runs after the Security phase completes.
> The outbound SOAP message is correct, with the exception that the
> request does not have the policy applied.
>
> Is there any known workaround for this? My consumers depend upon parsing
> the soap fault. With this issue, the only fault I ever get is a wsse one
> due to the response not being signed. The real fault is masked.
>
> In my tracing it appears as if Rampart can't find the appropriate policy
> to apply when constructing the RampartMessageData.
>
> Thanks,
> Bob
>
>
--
Nandana Mihindukulasooriya
WSO2 inc.
http://nandana83.blogspot.com/
http://www.wso2.org
