Uploaded image for project: 'Kuali Rice Development'
  1. Kuali Rice Development
  2. KULRICE-9374

web services do not report error when keystore file does not exist

    Details

    • Type: Bug Fix
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 2.1.1
    • Fix Version/s: Backlog
    • Component/s: Development, KSB Security
    • Security Level: Public (Public: Anyone can view)
    • Labels:
    • Rice Module:
      KSB
    • KAI Review Status:
      Not Required
    • KTI Review Status:
      Not Required
    • Include in Release Notes?:
      Yes

      Description

      CXFWSS4JInInterceptor.loadSignatureCrypto(..) throws a RiceRuntimeException if the keystore file does not exist. This type of exception is not understood by CXF (WSS4JInInterceptor.handleMessage(..) expects a WSSecurityException, XMLStreamException, or SOAPException.) The result is that the service call returns a zero-length response with HTTP response code 200 (OK.) This is not correct.

        Attachments

          Activity

          Hide
          kgeis Ken Geis added a comment -

          Here is the stacktrace that shows up in the logs:

          org.kuali.rice.core.api.exception.RiceRuntimeException: java.io.FileNotFoundException: /home/kc/kuali/main/dev/keystore.jks (No such file or directory)
          	at org.kuali.rice.ksb.security.soap.CXFWSS4JInInterceptor.loadSignatureCrypto(CXFWSS4JInInterceptor.java:62)
          	at org.apache.ws.security.handler.WSHandler.decodeSignatureParameter2(WSHandler.java:1107)
          	at org.apache.ws.security.handler.WSHandler.doReceiverAction(WSHandler.java:275)
          	at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:212)
          	at org.kuali.rice.ksb.security.soap.CXFWSS4JInInterceptor.handleMessage(CXFWSS4JInInterceptor.java:93)
          	at org.kuali.rice.ksb.security.soap.CXFWSS4JInInterceptor.handleMessage(CXFWSS4JInInterceptor.java:41)
          	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:255)
          	at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:113)
          	at org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:102)
          	at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:464)
          	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:188)
          	at org.kuali.rice.ksb.messaging.servlet.CXFServletControllerAdapter.handleRequest(CXFServletControllerAdapter.java:47)
          	at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
          	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:900)
          	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:827)
          	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:882)
          	at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:789)
          	at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
          	at org.kuali.rice.ksb.messaging.servlet.KSBDispatcherServlet.service(KSBDispatcherServlet.java:138)
          ...
          
          Show
          kgeis Ken Geis added a comment - Here is the stacktrace that shows up in the logs: org.kuali.rice.core.api.exception.RiceRuntimeException: java.io.FileNotFoundException: /home/kc/kuali/main/dev/keystore.jks (No such file or directory) at org.kuali.rice.ksb.security.soap.CXFWSS4JInInterceptor.loadSignatureCrypto(CXFWSS4JInInterceptor.java:62) at org.apache.ws.security.handler.WSHandler.decodeSignatureParameter2(WSHandler.java:1107) at org.apache.ws.security.handler.WSHandler.doReceiverAction(WSHandler.java:275) at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:212) at org.kuali.rice.ksb.security.soap.CXFWSS4JInInterceptor.handleMessage(CXFWSS4JInInterceptor.java:93) at org.kuali.rice.ksb.security.soap.CXFWSS4JInInterceptor.handleMessage(CXFWSS4JInInterceptor.java:41) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:255) at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:113) at org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:102) at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:464) at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:188) at org.kuali.rice.ksb.messaging.servlet.CXFServletControllerAdapter.handleRequest(CXFServletControllerAdapter.java:47) at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:900) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:827) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:882) at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:789) at javax.servlet.http.HttpServlet.service(HttpServlet.java:641) at org.kuali.rice.ksb.messaging.servlet.KSBDispatcherServlet.service(KSBDispatcherServlet.java:138) ...

            People

            • Assignee:
              Unassigned
              Reporter:
              kgeis Ken Geis
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: