cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Kulp (JIRA)" <j...@apache.org>
Subject [jira] Commented: (CXF-2554) JaxWsDynamicClientFactory.createClient(URL) and o.a.cxf.endpoint.Client.invoke(String operationName, Object... params) generates illegal XML, WstxParsingException on server.
Date Mon, 14 Dec 2009 18:31:18 GMT

    [ https://issues.apache.org/jira/browse/CXF-2554?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12790275#action_12790275
] 

Daniel Kulp commented on CXF-2554:
----------------------------------


I want to be clear about what the problem really is.   In XML, you can have multiple declarations
of the same namespace within the same document.  That's perfectly fine.  The last soap message
you posted is valid with the 4 wsse and 6 wsu declarations.

The problem in the first soap message is that the wsu namespace is declared twice on the SAME
element.   That is NOT allowed.  For example, look at the soap:Body:
{code:xml}
<soap:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"

                       xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="id-3">
{code}
The wsu namespace is defined twice on the same element.   That is bad.  THAT is what I'm trying
to figure out how to reproduce.   Your testcase you attached isn't reproducing that for me
(or for you apparently as the last soap message you attached doesn't have that problem).

Thus, what we need to figure out is how to create a test case that produces that invalid element.
  

> JaxWsDynamicClientFactory.createClient(URL) and o.a.cxf.endpoint.Client.invoke(String
operationName, Object... params) generates illegal XML, WstxParsingException on server.
> -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: CXF-2554
>                 URL: https://issues.apache.org/jira/browse/CXF-2554
>             Project: CXF
>          Issue Type: Bug
>    Affects Versions: 2.2.5, 2.2.6
>         Environment: Microsoft Windows [Version 6.0.6002] (Vista Buisiness N 64 bits)
> java version "1.6.0_16"
> Java(TM) SE Runtime Environment (build 1.6.0_16-b01)
> Java HotSpot(TM) 64-Bit Server VM (build 14.2-b01, mixed mode)
>            Reporter: Gary Gregory
>            Assignee: Daniel Kulp
>         Attachments: Apache CXF-2554.zip, Jre16_xml-Capture.JPG, TestBackEndWss.wsdl
>
>
> Creating a client with:
> JaxWsDynamicClientFactory.newInstance().createClient(URL) 
> and calling it with:
> org.apache.cxf.endpoint.Client.invoke(String operationName, Object... params) 
> throws the Exception 
> com.ctc.wstx.exc.WstxParsingException: Duplicate declaration for namespace prefix 'wsu'.
> on in server built with CXF
> Attaching WSDL.
> Logging output:
> Nov 20, 2009 11:31:12 AM org.apache.cxf.endpoint.dynamic.DynamicClientFactory outputDebug
> INFO: Created classes: appinterface.seagullsw.com.appinterfaceserver.ObjectFactory, appinterface.seagullsw.com.appinterfaceserver.TestOneStringArgWssAll,
appinterface.seagullsw.com.appinterfaceserver.TestOneStringArgWssAllInResponse, appinterface.seagullsw.com.appinterfaceserver.TestOneStringArgWssAllInResponseResponse,
appinterface.seagullsw.com.appinterfaceserver.TestOneStringArgWssAllResponse, appinterface.seagullsw.com.appinterfaceserver.TestOneStringArgWssEncrypt,
appinterface.seagullsw.com.appinterfaceserver.TestOneStringArgWssEncryptResponse, appinterface.seagullsw.com.appinterfaceserver.TestOneStringArgWssSignature,
appinterface.seagullsw.com.appinterfaceserver.TestOneStringArgWssSignatureResponse, appinterface.seagullsw.com.appinterfaceserver.TestOneStringArgWssTimestamp,
appinterface.seagullsw.com.appinterfaceserver.TestOneStringArgWssTimestampResponse, appinterface.seagullsw.com.appinterfaceserver.TestOneStringArgWssUsernameToken,
appinterface.seagullsw.com.appinterfaceserver.TestOneStringArgWssUsernameTokenResponse
> Nov 20, 2009 11:31:18 AM org.apache.cxf.interceptor.LoggingInInterceptor logging
> INFO: Inbound Message
> ----------------------------
> ID: 15
> Address: /AppInterfaceServer
> Encoding: UTF-8
> Content-Type: text/xml; charset=UTF-8
> Headers: {content-type=[text/xml; charset=UTF-8], connection=[keep-alive], transfer-encoding=[chunked],
Host=[localhost:8070], SOAPAction=["test.oneStringArgWssAll"], User-Agent=[Apache CXF 2.2.5],
Content-Type=[text/xml; charset=UTF-8], Accept=[*/*], Pragma=[no-cache], Cache-Control=[no-cache]}
> Payload: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><soap:Header><wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soap:mustUnderstand="1"><wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Timestamp-5"><wsu:Created>2009-11-20T19:31:18.544Z</wsu:Created><wsu:Expires>2009-11-20T19:31:28.544Z</wsu:Expires></wsu:Timestamp><xenc:EncryptedKey
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncKeyId-07EB048258FAA1C61812587454784635"><xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" /><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><ds:X509Data>
> <ds:X509IssuerSerial>
> <ds:X509IssuerName>CN=serverKeys</ds:X509IssuerName>
> <ds:X509SerialNumber>1205178067</ds:X509SerialNumber>
> </ds:X509IssuerSerial>
> </ds:X509Data></wsse:SecurityTokenReference>
> </ds:KeyInfo><xenc:CipherData><xenc:CipherValue>RL7Dc35cwFOyIjqrPbFrbTuQUjRrn4l4Xr5KGBhZlbyFCAnI/CO6oNdgk10kKajImSpFa+zw0LmrCZYhYE2k0VYs3fexwdmM6UpeIWqdEOVmpMiruqgY+39pd8AKJOqT9IQCnG9zQ3IP4TJKrdugBcYgLhsSnUvmh//mXEV96mE=</xenc:CipherValue></xenc:CipherData><xenc:ReferenceList><xenc:DataReference
URI="#EncDataId-4" /></xenc:ReferenceList></xenc:EncryptedKey><ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-2">
> <ds:SignedInfo>
> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
> <ds:Reference URI="#id-3">
> <ds:Transforms>
> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transforms>
> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> <ds:DigestValue>yVtODoPiC9+aUxFYj19IRxHI5fo=</ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
> <ds:SignatureValue>
> RDIY/X+KWeofWR0aN5ErYSxs0AOJF9DE+8K+xFZb8VPMSRFO6UBZW/x59KtzvBeUR7nlLk+QGI3G
> 6O/tz7AAKG9m7Jwkxr/dWZBWXuZNaxid9+Lh7Vx+BOes/KziskHZQyXl60zPouUpyqf1u3EMB3iC
> B76Wdy4CfppmhZFyAnA=
> </ds:SignatureValue>
> <ds:KeyInfo Id="KeyId-07EB048258FAA1C61812587454772262">
> <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="STRId-07EB048258FAA1C61812587454772283"><ds:X509Data>
> <ds:X509IssuerSerial>
> <ds:X509IssuerName>CN=clientKeys</ds:X509IssuerName>
> <ds:X509SerialNumber>1205178070</ds:X509SerialNumber>
> </ds:X509IssuerSerial>
> </ds:X509Data></wsse:SecurityTokenReference>
> </ds:KeyInfo>
> </ds:Signature><wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="UsernameToken-1"><wsse:Username>clientKeys</wsse:Username><wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">clientKeysPassword</wsse:Password></wsse:UsernameToken></wsse:Security></soap:Header><soap:Body
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="id-3"><xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncDataId-4"
Type="http://www.w3.org/2001/04/xmlenc#Content"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"
/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:Reference
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
URI="#EncKeyId-07EB048258FAA1C61812587454784635" /></wsse:SecurityTokenReference>
> </ds:KeyInfo><xenc:CipherData><xenc:CipherValue>ds6OLheJbTyDK/oxqto7mEzxdb44E3OD+HKxxI2Z44bSNccEZ02Uuw9q2SipHb313BiTXp4V6Dr9
> WAvRjMFLaqDLfvGIV7fEH9Fyx59A1qI0p/ByNX3q8KtHgxXhQBCTICk56Ja+TVO1jScEFjSm32FZ
> tNWoT1jz3qfpDnz+hs2EciXsOVA/I6/cSCpkcy0K4BU/wFKVFH486JtJq9dMQHSy6TJHYbGpVaaB
> 04mff4YlauNg2q9HXA9Cwk2iOOJMvGoA43higsinfeM/9cGZaBV+tDXikBNehKaShggsTAN/TH5N
> z9uoZq2B1J8c+aitj0TX5Y68SdZnGyIz5uIMhWSKdd7Y7yLzheU1L/ZMyMiQ4l2JQkFRUnfEFWY0
> HHy9hxEvNz61+9fzzsQLEYcZxTSZoKJ1Q1Nvzwn4R+roDRwKMPLcsWEO1EVOmDhWzHzDsP+KbmcG
> DyCxurs4xdLik0Uklo6P313g9KXeYrkR47hPGvuxnIhucLfu5oNgAX3z</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></soap:Body></soap:Envelope>
> --------------------------------------
> Nov 20, 2009 11:31:18 AM org.apache.cxf.phase.PhaseInterceptorChain doIntercept
> WARNING: Interceptor has thrown exception, unwinding now
> org.apache.cxf.binding.soap.SoapFault: Error reading XMLStreamReader.
> 	at org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor.handleMessage(ReadHeadersInterceptor.java:230)
> 	at org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor.handleMessage(ReadHeadersInterceptor.java:60)
> 	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:236)
> 	at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:109)
> 	at org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:98)
> 	at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:394)
> 	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:170)
> 	at org.apache.cxf.transport.servlet.AbstractCXFServlet.invoke(AbstractCXFServlet.java:142)
> 	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:179)
> 	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:103)
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
> 	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:159)
> 	at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
> 	at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:390)
> 	at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
> 	at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
> 	at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
> 	at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)
> 	at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
> 	at org.mortbay.jetty.Server.handle(Server.java:326)
> 	at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
> 	at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:938)
> 	at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:842)
> 	at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:218)
> 	at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
> 	at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
> 	at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:451)
> Caused by: com.ctc.wstx.exc.WstxParsingException: Duplicate declaration for namespace
prefix 'wsu'.
>  at [row,col {unknown-source}]: [26,230]
> 	at com.ctc.wstx.sr.StreamScanner.constructWfcException(StreamScanner.java:605)
> 	at com.ctc.wstx.sr.StreamScanner.throwParseError(StreamScanner.java:461)
> 	at com.ctc.wstx.sr.BasicStreamReader.handleNsAttrs(BasicStreamReader.java:3020)
> 	at com.ctc.wstx.sr.BasicStreamReader.handleStartElem(BasicStreamReader.java:2934)
> 	at com.ctc.wstx.sr.BasicStreamReader.nextFromTree(BasicStreamReader.java:2846)
> 	at com.ctc.wstx.sr.BasicStreamReader.next(BasicStreamReader.java:1019)
> 	at org.apache.cxf.staxutils.DepthXMLStreamReader.next(DepthXMLStreamReader.java:220)
> 	at org.apache.cxf.staxutils.PartialXMLStreamReader.next(PartialXMLStreamReader.java:41)
> 	at org.apache.cxf.staxutils.StaxUtils.readDocElements(StaxUtils.java:908)
> 	at org.apache.cxf.staxutils.StaxUtils.startElement(StaxUtils.java:826)
> 	at org.apache.cxf.staxutils.StaxUtils.readDocElements(StaxUtils.java:868)
> 	at org.apache.cxf.staxutils.StaxUtils.startElement(StaxUtils.java:826)
> 	at org.apache.cxf.staxutils.StaxUtils.readDocElements(StaxUtils.java:868)
> 	at org.apache.cxf.staxutils.StaxUtils.startElement(StaxUtils.java:826)
> 	at org.apache.cxf.staxutils.StaxUtils.readDocElements(StaxUtils.java:868)
> 	at org.apache.cxf.staxutils.StaxUtils.startElement(StaxUtils.java:826)
> 	at org.apache.cxf.staxutils.StaxUtils.readDocElements(StaxUtils.java:868)
> 	at org.apache.cxf.staxutils.StaxUtils.startElement(StaxUtils.java:826)
> 	at org.apache.cxf.staxutils.StaxUtils.readDocElements(StaxUtils.java:868)
> 	at org.apache.cxf.staxutils.StaxUtils.read(StaxUtils.java:755)
> 	at org.apache.cxf.staxutils.StaxUtils.read(StaxUtils.java:744)
> 	at org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor.handleMessage(ReadHeadersInterceptor.java:144)
> 	... 26 more
> Nov 20, 2009 11:31:18 AM org.apache.cxf.interceptor.LoggingOutInterceptor$LoggingCallback
onClose

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message