开发者

OWSM custom security policy for JAX-WS, GenericFault

开发者 https://www.devze.com 2022-12-23 08:20 出处:网络
I tried creating custom security and policy as given here: http://download.oracle.com/docs/cd/E15523_01/relnotes.1111/e10132/owsm.htm#CIADFGGC

I tried creating custom security and policy as given here: http://download.oracle.com/docs/cd/E15523_01/relnotes.1111/e10132/owsm.htm#CIADFGGC

when I run the service client custom assertion is executed, returning successfully.

   public IResult execute(IContext context) throws WSMException { 
        try { 
            System.out.println("public execute");
            IAssertionBindings bindings = 
                ((SimpleAssertion)(this.assertion)).getBindings(); 
            IConfig config = bindings.getConfigs().get(0); 
            IPropertySet propertyset = config.getPropertySets().get(0); 
            String valid_ips = 
                propertyset.getPropertyByName("valid_ips").getValue(); 
            String ipAddr = ((IMessageContext)context).getRemoteAddr(); 
            IResult result = new Result();
            System.out.println("valid_ips  "+valid_ips);
            if (valid_ips != null && valid_ips.trim().length() > 0) { 
                String[] valid_ips_array = valid_ips.split(","); 
                boolean isPresent = false; 
                for (String valid_ip : valid_ips_array) { 
                    if (ipAddr.equals(valid_ip.trim())) { 
                        isPresent = true; 
                    } 
                } 
                System.out.println("isPresent  "+isPresent);
                if (isPresent) { 
                    result.setStatus(IResult.SUCCEEDED); 
                } else { 
                  result.setStatus(IResult.FAILED); 
                  result.setFault(new WSMException(WSMException.FAULT_FAILED_CHECK)); 
                } 
            } else { 
                result.setStatus(IResult.SUCCEEDED); 
         开发者_运维百科   } 
            System.out.println("result  "+result);
            System.out.println("public execute complete");
            return result;
        } catch (Exception e) { 
            System.out.println("Exception e");
            e.printStackTrace();

            throw new WSMException(WSMException.FAULT_FAILED_CHECK, e); 
        } 
    } 

Console output is:

public execute valid_ips 127.0.0.1,192.168.1.1 isPresent true result Succeeded public execute complete

but, webservice throws GenericFault .

Arguments: [void] Fault: GenericFault : generic error

I have no clue what could be wrong, any ideas?

here is the full stack trace:

Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: GenericFault : generic error at com.sun.xml.internal.ws.fault.SOAP12Fault.getProtocolException(SOAP12Fault.java:210) at com.sun.xml.internal.ws.fault.SOAPFaultBuilder.createException(SOAPFaultBuilder.java:119) at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:108) at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:78) at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(SEIStub.java:107) at $Proxy30.sayHello(Unknown Source) at creditproxy.CreditRatingSoap12HttpPortClient.main(CreditRatingSoap12HttpPortClient.java:21) Caused by: javax.xml.ws.soap.SOAPFaultException: GenericFault : generic error at weblogic.wsee.jaxws.framework.jaxrpc.TubeFactory$JAXRPCTube.processRequest(TubeFactory.java:203) at weblogic.wsee.jaxws.tubeline.FlowControlTube.processRequest(FlowControlTube.java:99) at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:604) at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:563) at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:548) at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:445) at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:275) at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:454) at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:250) at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:140) at weblogic.wsee.jaxws.HttpServletAdapter$AuthorizedInvoke.run(HttpServletAdapter.java:319) at weblogic.wsee.jaxws.HttpServletAdapter.post(HttpServletAdapter.java:232) at weblogic.wsee.jaxws.JAXWSServlet.doPost(JAXWSServlet.java:310) at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) at weblogic.wsee.jaxws.JAXWSServlet.service(JAXWSServlet.java:87) at javax.servlet.http.HttpServlet.service(HttpServlet.java:820) at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227) at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292) at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:326) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3592) at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321) at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121) at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2202) at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2108) at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1432) at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201) at weblogic.work.ExecuteThread.run(ExecuteThread.java:173) Process exited with exit code 1.


I had the same problem but they have a solution on Metalink (if you not already seen it). This will fix the problem:

  public IResult execute(IContext context) throws WSMException {      
     IResult result = new Result();        
     try {         
       oracle.wsm.common.sdk.IMessageContext.STAGE stage =   ((oracle.wsm.common.sdk.IMessageContext)context).getStage();            
       if (stage  == IMessageContext.STAGE.request)  {    

          javax.security.auth.Subject subject = oracle.security.jps.util.SubjectUtil.getAnonymousSubject();                
          context.setProperty(oracle.wsm.common.sdk.IMessageContext.SECURITY_SUBJECT, subject);                       
          IAssertionBindings bindings = ((SimpleAssertion)(this.assertion)).getBindings();               
          IConfig config = bindings.getConfigs().get(0);               
          IPropertySet propertyset = config.getPropertySets().get(0);                  
          String valid_ips = propertyset.getPropertyByName("valid_ips").getValue();               
          String ipAddr = ((IMessageContext)context).getRemoteAddr();

          if (valid_ips != null && valid_ips.trim().length() > 0) {                  
             String[] valid_ips_array = valid_ips.split(",");
             boolean isPresent = false;                    
             for (String valid_ip : valid_ips_array) {                      
               if (ipAddr.equals(valid_ip.trim())) { 
                     isPresent = true;                      
               }                    
             }                   
             if (isPresent) {                       
                result.setStatus(IResult.SUCCEEDED);                    
             } else {                          
                result.setStatus(IResult.FAILED);                      
                result.setFault(new WSMException(WSMException.FAULT_FAILED_CHECK));                    
             }               
          } else {                
              result.setStatus(IResult.SUCCEEDED);               
          }               
          return result;          
       }        
     } catch (Exception e) {            
       throw new WSMException(WSMException.FAULT_FAILED_CHECK, e);        
     }      
     return result;    
}


I've met the same issue. Looking deeper in the wls classes i've found that WSMMessageContext does not contain right principal in the Subject. and in fact IllegalArgumentExeception is thrown, unfortunately this real exception is wrapped wrapped and wrapped a lot of times and we may see "GenericFault : generic error" that is the last wrapped in WSMAgentHook class that performs output in console. Unfortunately I could not move forward there and seems nobody use Custom Security Assert. So nobody may help us seems


        result.setFault(null);

where you are setting status to success. It uses the fault value regardless of the setting of the status.

0

精彩评论

暂无评论...
验证码 换一张
取 消