Search code examples
javaweb-servicessoapxacmlpep

SOAP Header Errors in JAVA Web Service

I'm new for Web Service Development, I'm trying to implement the JAVA web service using XACML approach.

I've implemented 2 very simple web services which contain one method that return a String and also the PEP who will filter all requests to my web services. All Clients (RPCServiceClient) must to pass some necessary information via SOAP header (addHeader method) when it calls my web service, by default SOAP header is empty for RPCServiceClient service call. After PEP intercepted a request, it will extract these information and passing as parameters of the authorization method. The problem is when my PEP tries to read the SOAP header, I get always this exception:

org.apache.axis2.AxisFault: com.ctc.wstx.exc.WstxEOFException: Unexpected EOF in prolog
    at [row,col {unknown-source}]: [1,0] 
    at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
    at org.apache.axis2.transport.TransportUtils.createSOAPMessage(TransportUtils.java:123)
    at org.apache.axis2.transport.TransportUtils.createSOAPMessage(TransportUtils.java:67)
    at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:354)
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:421)
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
....

I've already verify if my SOAP message is well-formed, but It still have the same problem.

Somebody can help please??

EDITED:

Here is SOAP request sending from Client.

<?xml version='1.0' encoding='UTF-8'?>
 <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Header>
    <ns1:RequestSOAPHeader xmlns:ns1="http://ws.transaccess.com">
     <ns1:username>bob</ns1:username>
     <ns1:action>read</ns1:action>
     <ns1:resourceId>file1</ns1:resourceId>
    </ns1:RequestSOAPHeader>
   </soapenv:Header>
   <soapenv:Body>
    <getRead xmlns="http://ws.transaccess.com">
     <arg0 xmlns="">bob</arg0>
    </getRead>
   </soapenv:Body>
 </soapenv:Envelope>

UPDATE: This is my PEP :

public class WebPEP implements Filter{

public void doFilter(ServletRequest req, ServletResponse res,
        FilterChain chain) throws IOException, ServletException {

    if (req instanceof HttpServletRequest && res instanceof HttpServletResponse) {
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;
        // PEP filter 
            RequestWrapper copiedRequest = new RequestWrapper(request);
            try{
                BufferedReader bReader = copiedRequest.getReader(); 
                String soapText=bReader.readLine(); 

                // Create SoapMessage  
                MessageFactory msgFactory     = MessageFactory.newInstance();  
                SOAPMessage message           = msgFactory.createMessage();  
                SOAPPart soapPart             = message.getSOAPPart();  

                // Load the SOAP text into a stream source  
                byte[] buffer                 = soapText.getBytes();  
                ByteArrayInputStream stream   = new ByteArrayInputStream(buffer);  
                StreamSource source           = new StreamSource(stream);  

                // Set contents of message   
                soapPart.setContent(source);

                //Try accessing the SOAPBody  

                SOAPHeader soapHeader = message.getSOAPHeader();
                NodeList param =  soapHeader.getElementsByTagNameNS("http://ws.transaccess.com", "RequestSOAPHeader");

                if(param.getLength()>0){
                    Element accessInfo = (Element) param.item(0);
                    NodeList user = accessInfo.getElementsByTagNameNS("http://ws.transaccess.com", "username");
                    targetUser = user.item(0).getTextContent();
                    NodeList action = accessInfo.getElementsByTagNameNS("http://ws.transaccess.com", "action");
                    targetAction = action.item(0).getTextContent();
                    NodeList resource = accessInfo.getElementsByTagNameNS("http://ws.transaccess.com", "resourceId");
                    targetResource = resource.item(0).getTextContent();
                }  

            } catch (SOAPException e1) {

                e1.printStackTrace();
            } 
            try {

                if(isUserAuthorize(targetResource, targetUser, targetAction)){
                    System.out.println("\nUser is authorized to perform this action\n\n");
                } else {
                    System.out.println("\nUser is NOT authorized to perform this action\n\n");
                }
            } catch (Exception e) {
                e.printStackTrace();
            }
            chain.doFilter(req, res);
        }
        else{
            chain.doFilter(req, res);
        }
}
@Override
public void destroy() {
    // TODO Auto-generated method stub
}

@Override
public void init(FilterConfig arg0) throws ServletException {
    // TODO Auto-generated method stub
}

}
Solution

  • Problem has solved, The cause of this problem is I forwarded the wrong (HttpServletRequest) request. I should forward

    chain.doFilter(copiedRequest, res);

    Instead of

    chain.doFilter(req, res);

    Since I'm working on copiedRequest

    Thanks for your comments