This Bugzilla instance is a read-only archive of historic NetBeans bug reports. To report a bug in NetBeans please follow the project's instructions for reporting issues.
| Summary: | ws-addressing breaks AM security support | ||
|---|---|---|---|
| Product: | webservices | Reporter: | Peter Liu <petertliu> |
| Component: | WSIT | Assignee: | Martin Grebac <mgrebac> |
| Status: | VERIFIED FIXED | ||
| Severity: | blocker | ||
| Priority: | P2 | ||
| Version: | 5.x | ||
| Hardware: | All | ||
| OS: | All | ||
| Issue Type: | DEFECT | Exception Reporter: | |
| Bug Depends on: | |||
| Bug Blocks: | 92887 | ||
There's an easy workaround. Just delete the wsit config files => P2. I fixed code which doesn't generate config files on both service and client if cancel is pressed. |
After enabling and disabling wsit security and then enabling AM security, you get the followng exception at runtime: javax.xml.ws.soap.SOAPFaultException: A header representing a Message Addressing Property is not valid and the message cannot be processed at com.sun.xml.ws.fault.SOAP11Fault.getProtocolException(SOAP11Fault.java:163) at com.sun.xml.ws.fault.SOAPFaultBuilder.createException(SOAPFaultBuilder.java:94) at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:236) at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:206) at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:103) at $Proxy78.sayHello(Unknown Source) at x.TestServlet.processRequest(TestServlet.java:37) at x.TestServlet.doGet(TestServlet.java:65) at javax.servlet.http.HttpServlet.service(HttpServlet.java:705) at javax.servlet.http.HttpServlet.service(HttpServlet.java:818) at org.apache.catalina.core.ApplicationFilterChain.servletService(ApplicationFilterChain.java:398) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:277) at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:255) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:188) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:611) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:564) at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:81) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:207) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:611) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:564) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:558) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1067) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:137) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:611) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:564) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:558) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1067) at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:249) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:618) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:549) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:790) at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:326) at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:248) at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:199) at com.sun.enterprise.web.portunif.PortUnificationPipeline$PUTask.doTask(PortUnificationPipeline.java:328) at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:252) at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:93) This is likely that the am security code may have broken the address header. However, even though, this is a runtime issue, the fact that there is no way to completely disable wsit from the IDE is also problematic because the runtime issue may not be resolved during the gavotte timeframe and we need a way to turn off ws-addressing to avoid the above mentioned problem.