Rampart mustUnderstand element value in Security header

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Rampart mustUnderstand element value in Security header

Catalin Ciobanu

Hello guys,

I am having an issue using axis2 with rampart when getting a fault message from the server I call through a SOAP request. I should get an ‘Authentication failed’ error back, but I get

 

                Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd : Security

 

Now, I managed to avoid it by registering a Handler (extending org.apache.axis2.handlers.AbstractHandler) in the Security phase (axis2.xml). In this handler I simply mark the header as processed. After doing this, the response is the expected one: “authentication failed”.

However, I feel like this job is not a fix but is a way to avoid  the real problem. Doesn’t Rampart handle this kind of issue ? Is there something I can do to have a REAL fix for this ?

 

How do you guys handle this kind of issues ?

 

 

Regards,

Catalin Ciobanu