Hi, I see it's a busy day :) > see some questions/comments inline pls. > > > > > I looked again at the case, when WS method deployed on my test > > Axis+WSS4J (with responseFlow defined with "Timestamp > > Signature" actions) > > threw an AxisFault. > > After throwing AxisFault, Axis engine started notifying the hadlers by > > calling their onFault() method. One of the handlers was > > WSDoAllReceiver > > (why receiver? - we have already turned from request to > > response flow...), > > Werner: thus your web service (at the server) throws an exception? > And this exception cases the onFault of the receiver handler? Hmmm.....
I made one more test. Server's WSDoAllREceiver throws AxisFault due to certificate verification error (I used certificate, which was not trusted by server). Axis was still processing client's request without touching my WS method. Thus throwing AxisFault at this level, Axis had no chance to see what actions were defined in the <responseFlow> (should have had such chance?). The client received plain soap (without security headers), because the server's WSDoAllSender was not invoked. Thus client's <responseFlow> caused AxisFauls with "Request does not contain required Security header" message... In the previous test, when the business WS method throws AxisFault, it was catched by axis.providers.java.JavaProvider, which was part of REQUEST FLOW handlers! AxisFault was then rethrown, caught by SimpleChain (which started calling onFault() on previous handlers, including WSDoAllReceiver). After next rethrowing, AxisFault was caught by SOAPService, which called MessageContext.setPastPivot(true) - properly, because we slipped through pivot point into the response flow. Last handers that onFault() was called on were two JWSHandlers (unimportant). As You can see, the WSDoAllSender on the server side had no chance to apply its actions - clearly the smart detection of soap:Faults on the client side which causes return from invoke() was needed, but I think that it's the server which caused this confusion by not executing "Timestamp Signature" actions and particulary not invoking defined responseFlow. I think I don't understand something about handling AxisFaults thrown by WS methods - shouldn't Axis be pass the pivot point already? Why is it calling onFault() on requestFlow's handlers? > > > > Second, the server (Axis+WSS4J) should always behave according > > to its <service>/<responseFlow> wsdd definition. > > Werner: yes, anyhow we need to figure out how this could work > with Axis. Seems that we have a problem (or we don't understand) > with the Axis SOAP Fault handling. Exactly... > > > Accepting plain soap without security headers (at client side) > > and not generating security headers at server side in case of > > AxisFault COULD be an inner agreemetn between Axis+WSS4J client > > and Axis+WSS4J server, but it's simply NOT interoperable. Regards Grzegorz Grzybek --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
