This repository has been archived by the owner on Jan 30, 2019. It is now read-only.
Severe WSS0216 Error Logged When Validating Signature #1692
Assignees
Comments
|
Reported by anowac01 |
|
Was assigned to snajper |
|
This issue was imported from java.net JIRA WSIT-1692 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Observed using the version of Metro released included in Glassfish 4.1. The log indicates Metro/2.3.1-b419 (branches/2.3.1.x-7937; 2014-08-04T08:11:03+0000). Investigated using the sources labeled 2.3.2-20150304.231348-334.
When validating the signature of a SOAP message signed by a public key that does not have a certificate in a TrustStore or CertStore provided by the CallbackHandler, a SEVERE error is logged of form:
This seems to be coming from line 2231 of com.sun.xml.wss.impl.misc.WSITProviderSecurityEnvironment , in getCertificate(). The more meaningful exception thrown from there is logged as FINE in com.sun.xml.ws.security.opt.impl.incoming.Signature .process() line 289.
Other than the logged error, there does not seem to be any problems; the signature is validated properly and the SOAP message is received by our application code.
There are two related issues here:
1. I don't believe this is an error case. (For instance, in our use case, a certificate signed by a CA we trust is provided in the SOAP message.)
2. The SEVERE error logged does not provide any useful clues as to what the problem is or where it is occurring.
Affected Versions
[2.3.1]
The text was updated successfully, but these errors were encountered: