I have a web service using Axis2 (1.4.1) with Rampart for the security.
When authentication fails, Axis2 will throw an exception internally and respond with http status 200.
Is there a way to configure Axis2 or Rampart to responds properly with a 401 (Unauthorized)? Maybe somebody can give a hint what/where to look for? I looked through all the Axis2 examples did not find any hint.
<parameter name="InflowSecurity">
<action>
<items>UsernameToken</items>
<passwordCallbackClass>
com.some.organisation.PasswordHandler
</passwordCallbackClass>
</action>
</parameter>
The PasswordHandler throws a
WSSecurityException(WSSecurityException.FAILED_AUTHENTICATION)