Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
Document Spring-WS Security exception handling [SWS-648] #751
In #673, the exceptionHandler property was introduced into the
Instead of introducing the EndpointExceptionResolver in this Interceptor, would it not be better to just let the exception flow up to the MessageDispatcher, where the resolvers already are configured (with sensible defaults)
And as this is not documented anywhere unlike the exception resolving in the MessageDispatcher (http://static.springsource.org/spring-ws/sites/1.5/reference/html/server.html#server-endpoint-exception-resolver), it is too easy to miss out on or forget this extra configuration step.
In my opinion this could be done for both the client and endpoint handleRequest/handleResponse methods by just removing the catch clauses.
Affects: 1.5.7, 2.0 M3
Arjen Poutsma commented
The problem here is that we'd like any security exception to result in a security-specific SOAP Fault by default. We can't do that in the default configuration of the MessageDispatcher (or exception resolvers), since the specific exceptions (WsSecurityValidationException and WsSecurityFaultException) are part of the spring-ws-security module.
So I agree that this is architecturally inconsistent, but I don't see any nice way out. Also note that we can't break backwards compatibility here.