Standards for Technology in Automotive Retail
The WS-Security specifications define a set of SOAP Fault codes to describe different error situations that may occur during the parsing of the security headers and authenticating or authorizing the requests. Sending a SOAP Fault back is not required because this could be used as part of a denial of service or cryptographic attack. However, if an error is sent back, it MUST use the SOAP Faults defined in the WS-Security specifications.
Here is a list of the fault codes as defined in WS-Security 1.0:
Description (Fault String)
An unsupported token was provided
An unsupported signature or encryption algorithm was used
An error was discovered processing the <wsse:Security> header.
An invalid security token was provided
The security token could not be authenticated or authorized
The signature or decryption was invalid
Referenced security token could not be retrieved
Security semantics are expired.