as2-lib icon indicating copy to clipboard operation
as2-lib copied to clipboard
verified publisher icon phax

Exception Handling for AS2 Servlet

Open Brett-Wood opened this issue 6 months ago • 3 comments

Hi Philip!

I am working on setting up an AS2 servlet in my Spring Boot app. Everything seems to be working as intended, however, I am looking for the best way to pass exceptions back to the sending partner.

One example I'm looking at specifically is when we receive a message from a partner that has an AS2 ID that isn't set up in our system I would like to throw an exception and send some sort of message back in their API call response. I have tried throwing an AS2Exception in the PartnershipFactory class that I wrote, however, this is resulting in the sender receiving a blank text body and a 200 status code in the response.

What is the best way to handle passing exceptions back to the senders so that they know there were issues in the process?

The other causes of exceptions that come to mind could be due to some issue processing the file that we are receiving or even issues within our network after the point of the sender connecting to our endpoint.

I'm guessing there is a setting or attribute I can add to my AS2ServletReceiverModule when I am initializing it in my code configuration, but I haven't had much luck.

Please let me know if you have any suggestions! Thank you as always for the help!

Brett-Wood avatar Aug 06 '25 15:08 Brett-Wood

Based on this line in the MDN: Disposition: automatic-action/MDN-sent-automatically; processed/Error: unexpected-processing-error

It looks like if it fails after the point of pulling the partnership info it does pass an error back the sender if there was a failure, but I'm still trying to sort out if it fails before or at the point of performing the partnership look up what is the best way of notifying the sender.

Is it as simple as the partner should know that if they do not receive anything in the response body they can assume that the transfer failed?

Brett-Wood avatar Aug 06 '25 15:08 Brett-Wood

Follow up question regarding encryption/decryption:

We are receiving a file from a partner that seems to be encrypted using a potentially unsupported encryption algorithm (DESede/CBC/PKCS5Padding/168) as we are throwing an exception during the decryption step: Error retrieving RecipientInformation org.bouncycastle.cms.CMSException: Unexpected object reading content. ... Caused by: java.lang.ClassCastException: class org.bouncycastle.asn1.DLTaggedObjectParser cannot be cast to class org.bouncycastle.asn1.ASN1SequenceParser (org.bouncycastle.asn1.DLTaggedObjectParser and org.bouncycastle.asn1.ASN1SequenceParser are in unnamed module of loader 'app')

Admittedly I'm not well versed in the capabilities of bouncy castle, so some quick Googling and ChatGPTing mentions that our partner probably did not wrap the content in CMS (PKCS#7) format, which is what Bouncy Castle’s SMIMEEnvelopedParser and CMSEnvelopedDataParser expect

How have you tackled issues like this in the past? Would support of this encryption type be a feature I could request?

Any info would be greatly appreciated. Thank you!

Brett-Wood avatar Aug 07 '25 17:08 Brett-Wood

Hi @Brett-Wood, well yes, if you need support for a new encryption algorithm, just let me know which one you exactly need. If you somehow manage to get the official ASN.1 identifier for it, it would be best to avoid any confusion.

But please note, that I'm not making and judgements or assumptions regarding the security of the algorithms used :)

hth, Philip

phax avatar Aug 20 '25 11:08 phax