Does anyone know how to sign a SOAP Fault from the metro web stack?
I have a number of web services deployed on JBoss 6.x using the metro web stack (with cxf completely removed).
All services enforce Mutual Certificate Security on the request and response (by signing the body of the payload) - and this works as expected without problems when it is not a SOAP Fault - ie: the client has no problem verifying and validating the signature of a service response.
The problem I have is that when any of the services throw a checked exception, which generate and return a SOAP Fault to the client, the client complains that "the signature or decryption was invalid".
I am using the same wsit policy that signs a valid service response (which validates successfully) for signing the SOAP Fault (which fails validation).
Has anyone had this or a similar issue with signing SOAP Faults from metro? And is there a known standard way of doing this that works?
Any help/suggestions appreciated. Thanks.