Hi I'm on cxf 2.7.4,
On the server, in the UsernameTokenValidator.verifyPlaintextPassword(),
if the user/password is invalid I'm throwing a
new WSSecurityException(WSSecurityException.FAILED_AUTHENTICATION).
The problem is on the client side, all I'm getting is :
javax.xml.ws.soap.SOAPFaultException: The security token could not
be authenticated or authorized
...
Caused by: org.apache.cxf.binding.soap.SoapFault: The security token could
not be authenticated or authorized
So I can see the logic is all working properly, however, on the client side,
short of parsing some random text "could not be authenticated" and
hoping it doesn't change, there's no way for me to determine that it
was a failed authentication v.s. any other soap fault.
i.e. on the client side I want to od (but can't do) "catch
(WSSecurityException e)".
Does anyone know if there's a configuration or something I can change
so the exception makes it over to the client side so I can properly
determine that it was actually security exception?
On the server, in the UsernameTokenValidator.verifyPlaintextPassword(),
if the user/password is invalid I'm throwing a
new WSSecurityException(WSSecurityException.FAILED_AUTHENTICATION).
The problem is on the client side, all I'm getting is :
javax.xml.ws.soap.SOAPFaultException: The security token could not
be authenticated or authorized
...
Caused by: org.apache.cxf.binding.soap.SoapFault: The security token could
not be authenticated or authorized
So I can see the logic is all working properly, however, on the client side,
short of parsing some random text "could not be authenticated" and
hoping it doesn't change, there's no way for me to determine that it
was a failed authentication v.s. any other soap fault.
i.e. on the client side I want to od (but can't do) "catch
(WSSecurityException e)".
Does anyone know if there's a configuration or something I can change
so the exception makes it over to the client side so I can properly
determine that it was actually security exception?