Kuali Rice Development
  1. Kuali Rice Development
  2. KULRICE-9374

web services do not report error when keystore file does not exist

    Details

    • Type: Bug Fix Bug Fix
    • Status: Open Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: 2.1.1
    • Fix Version/s: Backlog
    • Component/s: Development, KSB Security
    • Security Level: Public (Public: Anyone can view)
    • Labels:
    • Similar issues:
      KULRICE-3233Service Bus - Security Management (Create new Client Keystore File) option abends when exercised
      KULRICE-3927Group or Role Lookup fail when a principal does not exist
      KULRICE-4395addMember via the Role Screen does not work with external identity service
      KULRICE-976enhance groovy create project scripts to create a keystore for the project
      KULRICE-4885Keystore loader may not be closing files properly
      KULRICE-8204Exception on server side manifests as a security error on the client side of Kuali Rice web services
      KULRICE-3901KSBDispatcherServlet should return 404 code for non-existent service
      KULRICE-5812JSP error on Service Registry page in Tomcat 7
      KULRICE-244resolve core service dependency issues
      KULRICE-4001overriding identity service only does not really work
    • Rice Module:
      KSB
    • KAI Review Status:
      Not Required
    • KTI Review Status:
      Not Required
    • Include in Release Notes?:
      Yes

      Description

      CXFWSS4JInInterceptor.loadSignatureCrypto(..) throws a RiceRuntimeException if the keystore file does not exist. This type of exception is not understood by CXF (WSS4JInInterceptor.handleMessage(..) expects a WSSecurityException, XMLStreamException, or SOAPException.) The result is that the service call returns a zero-length response with HTTP response code 200 (OK.) This is not correct.

        Activity

        Hide
        Ken Geis added a comment -

        Here is the stacktrace that shows up in the logs:

        org.kuali.rice.core.api.exception.RiceRuntimeException: java.io.FileNotFoundException: /home/kc/kuali/main/dev/keystore.jks (No such file or directory)
        	at org.kuali.rice.ksb.security.soap.CXFWSS4JInInterceptor.loadSignatureCrypto(CXFWSS4JInInterceptor.java:62)
        	at org.apache.ws.security.handler.WSHandler.decodeSignatureParameter2(WSHandler.java:1107)
        	at org.apache.ws.security.handler.WSHandler.doReceiverAction(WSHandler.java:275)
        	at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:212)
        	at org.kuali.rice.ksb.security.soap.CXFWSS4JInInterceptor.handleMessage(CXFWSS4JInInterceptor.java:93)
        	at org.kuali.rice.ksb.security.soap.CXFWSS4JInInterceptor.handleMessage(CXFWSS4JInInterceptor.java:41)
        	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:255)
        	at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:113)
        	at org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:102)
        	at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:464)
        	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:188)
        	at org.kuali.rice.ksb.messaging.servlet.CXFServletControllerAdapter.handleRequest(CXFServletControllerAdapter.java:47)
        	at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
        	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:900)
        	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:827)
        	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:882)
        	at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:789)
        	at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
        	at org.kuali.rice.ksb.messaging.servlet.KSBDispatcherServlet.service(KSBDispatcherServlet.java:138)
        ...
        
        Show
        Ken Geis added a comment - Here is the stacktrace that shows up in the logs: org.kuali.rice.core.api.exception.RiceRuntimeException: java.io.FileNotFoundException: /home/kc/kuali/main/dev/keystore.jks (No such file or directory) at org.kuali.rice.ksb.security.soap.CXFWSS4JInInterceptor.loadSignatureCrypto(CXFWSS4JInInterceptor.java:62) at org.apache.ws.security.handler.WSHandler.decodeSignatureParameter2(WSHandler.java:1107) at org.apache.ws.security.handler.WSHandler.doReceiverAction(WSHandler.java:275) at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:212) at org.kuali.rice.ksb.security.soap.CXFWSS4JInInterceptor.handleMessage(CXFWSS4JInInterceptor.java:93) at org.kuali.rice.ksb.security.soap.CXFWSS4JInInterceptor.handleMessage(CXFWSS4JInInterceptor.java:41) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:255) at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:113) at org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:102) at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:464) at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:188) at org.kuali.rice.ksb.messaging.servlet.CXFServletControllerAdapter.handleRequest(CXFServletControllerAdapter.java:47) at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:900) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:827) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:882) at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:789) at javax.servlet.http.HttpServlet.service(HttpServlet.java:641) at org.kuali.rice.ksb.messaging.servlet.KSBDispatcherServlet.service(KSBDispatcherServlet.java:138) ...

          People

          • Assignee:
            Unassigned
            Reporter:
            Ken Geis
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:

              Structure Helper Panel