RE: Encrypting/Signing the Server Exception

Mon, 08 Sep 2008 12:21:33 -0700 

Thanks Dan for your reply.

I just added the wss4joutinterceptor to the outfault chain, and I can
see the body gets encrypted and signed.  However, on the client side, I
am now getting the below error even after I added wss4jininterceptor to
my infaultinterceptors.  The "Unexpected EOF in prolog" error seems like
the fault message is not getting encrypted or decrypted properly.  But I
have the same set up for the regular in/out interceptors.  If the
non-fault message works, shouldn't the fault message work as well? 

Do I have to get the 2nd thing (below) to make this work?

Thanks,

Billy


Sep 8, 2008 2:04:43 PM org.apache.cxf.phase.PhaseInterceptorChain
doIntercept
INFO: Interceptor has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: Error reading XMLStreamReader.
        at
org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor.handleMes
sage(ReadHeadersInterceptor.java:183)
        at
org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor.handleMes
sage(ReadHeadersInterceptor.java:54)
        at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC
hain.java:221)
        at
org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:449)
        at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResp
onse(HTTPConduit.java:1996)
        at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTP
Conduit.java:1832)
        at
org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
        at
org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:591)
        at
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingI
nterceptor.handleMessage(MessageSenderInterceptor.java:62)
        at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC
hain.java:221)
        at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:296)
        at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:242)
        at
org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
        at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:178)
        at $Proxy47.listConfigObjects(Unknown Source)
        at
com.sterlingcommerce.sspgui.ws.client.ScmClient.testListing(ScmClient.ja
va:188)
        at
com.sterlingcommerce.sspgui.ws.client.ScmClient.main(ScmClient.java:133)
Caused by: com.ctc.wstx.exc.WstxEOFException: Unexpected EOF in prolog
 at [row,col {unknown-source}]: [1,0]
        at
com.ctc.wstx.sr.StreamScanner.throwUnexpectedEOF(StreamScanner.java:661)
        at
com.ctc.wstx.sr.BasicStreamReader.handleEOF(BasicStreamReader.java:2134)
        at
com.ctc.wstx.sr.BasicStreamReader.nextFromProlog(BasicStreamReader.java:
2040)
        at
com.ctc.wstx.sr.BasicStreamReader.next(BasicStreamReader.java:1069)
        at
com.ctc.wstx.sr.BasicStreamReader.nextTag(BasicStreamReader.java:1095)
        at
org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor.handleMes
sage(ReadHeadersInterceptor.java:83)
        ... 16 more
javax.xml.ws.soap.SOAPFaultException: Error reading XMLStreamReader.
        at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:199)
        at $Proxy47.listConfigObjects(Unknown Source)
        at
com.sterlingcommerce.sspgui.ws.client.ScmClient.testListing(ScmClient.ja
va:188)
        at
com.sterlingcommerce.sspgui.ws.client.ScmClient.main(ScmClient.java:133)
Caused by: org.apache.cxf.binding.soap.SoapFault: Error reading
XMLStreamReader.
        at
org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor.handleMes
sage(ReadHeadersInterceptor.java:183)
        at
org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor.handleMes
sage(ReadHeadersInterceptor.java:54)
        at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC
hain.java:221)
        at
org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:449)
        at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResp
onse(HTTPConduit.java:1996)
        at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTP
Conduit.java:1832)
        at
org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
        at
org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:591)
        at
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingI
nterceptor.handleMessage(MessageSenderInterceptor.java:62)
        at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC
hain.java:221)
        at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:296)
        at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:242)
        at
org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
        at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:178)
        ... 3 more
Caused by: com.ctc.wstx.exc.WstxEOFException: Unexpected EOF in prolog
 at [row,col {unknown-source}]: [1,0]
        at
com.ctc.wstx.sr.StreamScanner.throwUnexpectedEOF(StreamScanner.java:661)
        at
com.ctc.wstx.sr.BasicStreamReader.handleEOF(BasicStreamReader.java:2134)
        at
com.ctc.wstx.sr.BasicStreamReader.nextFromProlog(BasicStreamReader.java:
2040)
        at
com.ctc.wstx.sr.BasicStreamReader.next(BasicStreamReader.java:1069)
        at
com.ctc.wstx.sr.BasicStreamReader.nextTag(BasicStreamReader.java:1095)
        at
org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor.handleMes
sage(ReadHeadersInterceptor.java:83)
        ... 16 more





-----Original Message-----
From: Daniel Kulp [mailto:[EMAIL PROTECTED] 
Sent: Friday, September 05, 2008 12:52 PM
To: [email protected]
Cc: Wu, Billy
Subject: Re: Encrypting/Signing the Server Exception


 
Two things:
1) Add the wss4joutinterceptor to the outfault chain as well to get the
faults 
signed.

2) I just committed a change to the WSS4JInInterceptor to allow the on
the 
wire fault to propogate if the security checks fail.   Thus, the client
would 
get the real fault message and not the security one.

Dan 


On Thursday 04 September 2008 3:23:39 pm Wu, Billy wrote:
> Hi,
>
>
>
> We are developing a web service using CXF 2.1.1, and we are
> encrypting/signing all the inbound/outbound messages using WSS4J.
> Everything works fine until when there is an exception.  When an
> exception is thrown from a web service, it bypasses all the
> encryption/signing, and return a soap fault back to the client in
clear
> text.  Here is an example,
>
>
>
> <soap:Envelope
>
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";><soap:Body><soap:
> Fault><faultcode>soap:Server</faultcode><faultstring>VALD001E Missing
> required field [name].    VALD001E Missing required field [name].
> </faultstring><detail><ns1:ValidationException
> xmlns:ns1="http://service.ws.sspgui.sterlingcommerce.com/";
> /></detail></soap:Fault></soap:Body></soap:Envelope>
>
>
>
> However, since the client is expecting the message to be encrypted and
> signed, the client will get the following without the original soap
> fault message,
>
>
>
> Caused by: org.apache.ws.security.WSSecurityException: An error was
> discovered processing the <wsse:Security> header
>
>       at
>
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JI
> nInterceptor.java:168)
>
>
>
> What we really want to do is for the client to catch the exception, so
> it can be handled appropriately.  Does anyone know a good solution to
> this issue?
>
>
>
> Thanks,
>
>
>
> Billy



-- 
Daniel Kulp
[EMAIL PROTECTED]
http://www.dankulp.com/blog

Reply via email to