cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Kulp (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (CXF-3539) NPE when sending packet to STS using default namespaces instead of namespace prefixes
Date Wed, 25 May 2011 18:17:47 GMT

     [ https://issues.apache.org/jira/browse/CXF-3539?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Daniel Kulp resolved CXF-3539.
------------------------------

       Resolution: Fixed
    Fix Version/s: 2.3.5
                   2.4.1
         Assignee: Daniel Kulp


It looks like "" is the right thing to do so I've changed it to do that.

> NPE when sending packet to STS using default namespaces instead of namespace prefixes
> -------------------------------------------------------------------------------------
>
>                 Key: CXF-3539
>                 URL: https://issues.apache.org/jira/browse/CXF-3539
>             Project: CXF
>          Issue Type: Bug
>          Components: Core
>    Affects Versions: 2.4
>            Reporter: Alistair Phipps
>            Assignee: Daniel Kulp
>              Labels: Exception, NPE
>             Fix For: 2.4.1, 2.3.5
>
>
> common/common/src/main/java/org/apache/cxf/staxutils/StaxSource#getAttributes() sets
the "localname" to null for default namespaces changes.  However, when this is set it causes
JAXB binding to throw an NPE in com.sun.xml.internal.bind.v2.util.QNameMap.hash().  This occurs
when creating an STS using the CXF STS provider framework and sending a RST packet which uses
default namespaces instead of namespace prefixes.
> A workaround that seems to work for the STS is setting the localname to "" instead of
null, however I'm not sure what other effects that might have.
> Example packet:
> <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:s="http://www.w3.org/2001/XMLSchema"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><SOAP-ENV:Header><Security
xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><Timestamp
xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Timestamp"><Created>2011-05-19T20:25:45.197Z</Created><Expires>2011-05-19T20:30:45.197Z</Expires></Timestamp><BinarySecurityToken
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
wsu:Id="SecurityToken">...snip...</BinarySecurityToken><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><Reference
URI="#Timestamp"><Transforms><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></Transforms><DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>...snip...</DigestValue></Reference></SignedInfo><SignatureValue>...snip...</SignatureValue><KeyInfo><SecurityTokenReference
xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><Reference
URI="#SecurityToken" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/></SecurityTokenReference></KeyInfo></Signature></Security></SOAP-ENV:Header><SOAP-ENV:Body><RequestSecurityToken
xmlns="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:s="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><SecondaryParameters><TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</TokenType></SecondaryParameters><RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</RequestType><AppliesTo
xmlns="http://schemas.xmlsoap.org/ws/2004/09/policy"><EndpointReference xmlns="http://www.w3.org/2005/08/addressing"><Address>...snip...</Address></EndpointReference></AppliesTo><KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey</KeyType><KeySize>256</KeySize></RequestSecurityToken></SOAP-ENV:Body></SOAP-ENV:Envelope>
> Example stacktrace:
> java.lang.NullPointerException
>         at com.sun.xml.internal.bind.v2.util.QNameMap.hash(QNameMap.java:201)
>         at com.sun.xml.internal.bind.v2.util.QNameMap.getEntry(QNameMap.java:452
> )
>         at com.sun.xml.internal.bind.v2.util.QNameMap.get(QNameMap.java:147) [note: 2nd
param(s1)  = null]
>         at com.sun.xml.internal.bind.v2.runtime.unmarshaller.StructureLoader.sta
> rtElement(StructureLoader.java:187)                                          [note: s1
= attributes.getLocalName(i); . .... = null]
>         at com.sun.xml.internal.bind.v2.runtime.unmarshaller.ProxyLoader.startEl
> ement(ProxyLoader.java:44)
>         at com.sun.xml.internal.bind.v2.runtime.ElementBeanInfoImpl$IntercepterL
> oader.startElement(ElementBeanInfoImpl.java:226)
>         at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallingContex
> t._startElement(UnmarshallingContext.java:470)
>         at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallingContex
> t.startElement(UnmarshallingContext.java:448)
>         at com.sun.xml.internal.bind.v2.runtime.unmarshaller.InterningXmlVisitor
> .startElement(InterningXmlVisitor.java:60)
>         at com.sun.xml.internal.bind.v2.runtime.unmarshaller.SAXConnector.startE
> lement(SAXConnector.java:137)
>         at org.apache.cxf.staxutils.StaxSource.parse(StaxSource.java:138)
>         at org.apache.cxf.staxutils.StaxSource.parse(StaxSource.java:270)
>         at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.un
> marshal0(UnmarshallerImpl.java:200)
>         at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.un
> marshal(UnmarshallerImpl.java:173)
>         at javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnm
> arshallerImpl.java:120)
>         at javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnm
> arshallerImpl.java:103)
>         at org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.
> convertToJAXBObject(SecurityTokenServiceProvider.java:255)
>         at org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.
> invoke(SecurityTokenServiceProvider.java:182)
>         at org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.
> invoke(SecurityTokenServiceProvider.java:64)

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message