Hi Dan,
I'm open to correction on the security stuff, but I think we might still be OK
with the re-ordering approach even in the presence of whitespace, as the WS-Sec
in-interceptor (at least the WSS4J version anyway) also runs in the
PRE-PROTOCOL phase.
So as long as the CheckFaultInterceptor runs near the end of this phase (after
the security interceptor has already validated the signature or whatever), then
it should be OK to advance the XMLStreamReader over any whitespace preceding
the first body element. Assuming there's a test that validates the behaviour on
whitespace, I guess this could be easily checked.
However, there is one other case where a simple re-ordering would still seem
problematic - if the response is not a fault to begin with, but one of the
JAX-WS SOAPHandlers throws a ProtocolException and thus changes it to a fault.
In that case I guess we'd need to check again for a fault after the handler
chain has been traversed. It might be more straight-forward to just rerun the
(very simple) CheckFaultInterceptor at at a second point in the call chain,
instead of splitting the (relatively complex) JAX-WS interceptor into two parts.
Does that make sense to you?
Cheers,
Eoghan
-Original Message-
From: Daniel Kulp [mailto:[EMAIL PROTECTED]
Sent: Fri 14/11/2008 15:26
To: dev@cxf.apache.org
Cc: Eoghan Glynn
Subject: Re: why does the SOAP CheckFaultInterceptor run in the POST_PROTOCOL
phase?
Actually, I remember why I put it that late.
The CheckFaultOut stuff HAS to occur after anything related to SAAJ/DOM is
done.When it gets there, the XmlStreamReader sits at the first child of
the soap:body. However, that might NOT be an element. It may be
whitespace. However, CheckFaultOut has to advance to the first element to
see it's a fault. Thus, that whitespace is lost. That then invalidates any
signature that may be on the soap body. You get signature validation issues.
Since the JAXWS handler interceptor things builds an SAAJ if there isn't
already one, the CheckFaultOut cannot run before it or the whitespace is
lost.
What MIGHT work would be to split the JAXWS handler thing into two parts.
One that runs real early in the phase chain and if there are handlers, add
the SAAJInInerceptor and it's second part that does the real work. That
second part could then safely assume the SAAJ model is there.
Dan
On Friday 14 November 2008 11:39:00 am Eoghan Glynn wrote:
Thanks for the quick response Dan, some comments inline ...
Is there any reason why the SOAP CheckFaultInterceptor runs in the
POST_PROTOCOL phase, as opposed to PRE_PROTOCOL?
Well, the basic reason is that to check for a fault, it needs to look at
the first element in the body. The headers and envelop and such are
handled in the PROTOCOL phase, thus, it needs to be checked afterword.
Sure, but it could do that equally well near the end of PRE_PROTOCOL phase,
say if its configured to run after the MustUnderstandInterceptor.
Come to think of it though, the ReadHeadersInterceptor runs in the READ
phase, so we're gauranteed the headers are out of the way by the time
PRE_PROTOCOL kicks in.
Also, at least in the 2.0.6.x version I'm looking at, once the
ReadHeaderInterceptors is done, the SOAP:Envelope element has already
been stripped off the XMLStreamReader. So the CheckFaultInterceptor is
nicely tee'd up to read off the Fault element, whether it runs in
PRE_PROTOCOL or POST_PROTOCOL.
Of course, another option would be to move the JAX-WS handler interceptors
to the POST_PROTOCOL phase.
The net result is handleFault() is never called for a client-side
JAX-WS SOAPHandler, as the CheckFaultInterceptor (which is responbile
for determining if a fault is present in the incoming message) is
assigned to a phase that runs *after* the PRE_PROTOCOL phase in which
the JAX-WS handler chain is traversed. So Handler.handleFault() can
never be called, as it isn't yet known that the message actually
contains a fault.
Which MAY be correct. I'd need to double check the spec and TCK and
such. (before committing any change in this area, let me know and I'll
run the tck on it). The handleFault may be for handling faults that are
generated as part of processing the normal message. I'd need to
double check on that.
The JAX-WS 2.0/1 specs seems to say little more than:
9.3.2.2 handleFault
Called for fault message processing ...
which seems to imply that handleFault should should be called for a fault
message on both the client- server-sides.
Currently in CXF, handleFault is called on a server-side handler for an
outgoing fault, but handleMessage is called on a client-side handler for
that same message when inbound. Seems unlikely that this sort of
inconsistency would actually be intended by the spec. Though stranger
things have happened, and obviously you were on the spec EG so you'd have
deeper knowledge of the