Not passing causing exceptions to SOAPException makes troubleshooting very difficult #71
Comments
|
Reported by vanto |
|
Was assigned to gagordon |
|
vanto said: |
|
gagordon said: I am checking with some other folks as to whether there are any problems with adding the nested causes. If there are no concerns, I have the changes made in my local copies of the files and will check them in very soon. However, I need to check with the JAX-WS RI people as to whether this merits a new release, as the needs of JAX-WS RI typically dictate when a new SAAJ-RI release is made. Thanks, |
|
gagordon said: JAX-WS has added a user configurable System property to enable the inclusion of nested exception information in the stack trace shown in the SOAP fault. Since a SAAJ SOAPMessage could be used as the response in a Provider Web Service implementation, we must abide by the same guidelines. Therefore to fix this properly, we'd both need to add a System property that is false by default and also guard all thrown exceptions with a check for whether this property is set to know whether to include the cause. This could take some time to implement, and given that it does not add to the correct functioning of the code, I am going to unfortunately have to lower the priority on this issue. Given the code is open source and rarely changes, it looks like you have been able to solve your issue for now. I will address the issue as soon as I can, but need to look at the JAX-WS code to understand all the implications. |
|
gagordon said: |
|
vanto said: thanks for checking with the JAX-WS team and the explanations. I can understand the security issues, nevertheless I still think it is worth to find a solution for getting access to the nested exceptions. In our case, it was not a specialized way of using SAAJ but rather a commercial product which behaved differently on a production system than on a dev system. The problem was caused by a different class loading precedence, which caused to load a different TransformerFactory on the one system than on the other and thus showed a ~5 years old Xalan bug, which got hiccups with SOAP messages larger than 4MB. The exceptions we got from SAAJ were not helpful at all so we had to patch the jar on the production system, just to get access to nested exception and to then understand the problem. This approach, however, is something I consider highly dangerous and I'm pretty sure that other may run into similar problems as well. tl;dr: I perfectly understand your concerns and the priority lowering, but we of course would highly appreciate if you could find a solution that serves both, traceability and security Thanks, |
|
This issue was imported from java.net JIRA SAAJ-71 |
We recently had to troubleshoot a problem with some XML transformer library, which was being called by SAAJ. The troubleshooting became very painful because SAAJ likes to swallow the causing exception, thus we had a hard time to figure out the root causes, i.e. we had to patch SAAJ in order to get the needed information in the logs.
Please make sure that all caught exceptions that then get translated to SOAPExceptions get passed as the cause argument to the SOAPException.
The text was updated successfully, but these errors were encountered: