cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gina Choi (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CXF-4357) NullPointerException
Date Mon, 04 Jun 2012 19:06:22 GMT

    [ https://issues.apache.org/jira/browse/CXF-4357?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13288817#comment-13288817
] 

Gina Choi commented on CXF-4357:
--------------------------------

I debugged my client to check following error messages that I am receiving 
when I run client. I found cause for NPE. In 
org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler.java, 
we have  doIssuedTokenSignature( Token token, SignedEncryptedParts 
signdParts, TokenWrapper wrapper) method. 

In line 403, getSecurityToken() is allowed to return null and in my case 
value of secTok is null. 

SecurityToken secTok = getSecurityToken(); 



    protected SecurityToken getSecurityToken() { 
        SecurityToken st = 
(SecurityToken)message.getContextualProperty(SecurityConstants.TOKEN); 
        if (st == null) { 
            String id = 
(String)message.getContextualProperty(SecurityConstants.TOKEN_ID); 
            if (id != null) { 
                st = getTokenStore().getToken(id); 
            } 
        } 
        if (st != null) { 
            getTokenStore().add(st); 
            return st; 
        } 
        return null; 
    } 



Following is content from  line 424 to 441. 
in line 429, secTok.getX509Certificate() is called without checking value 
of secTok is null or not. This throws NPE in my case. Condition should be 
checked. On the other hand, I might need to find way to avoid having null 
value for SecurityToken . 

        if (signdParts != null) { 
            if (signdParts.isBody()) { 
                WSEncryptionPart bodyPart = 
convertToEncryptionPart(SAAJUtils.getBody(saaj)); 
                sigParts.add(bodyPart); 
            } 
429:            if (secTok.getX509Certificate() != null) { 
                //the "getX509Certificate" this is to workaround an issue 
in WCF 
                //In WCF, for TransportBinding, in most cases, it doesn't 
want any of 
                //the headers signed even if the policy says so.   HOWEVER, 
for KeyValue 
                //IssuedTokens, it DOES want them signed 
                for (Header header : signdParts.getHeaders()) { 
                    WSEncryptionPart wep = new 
WSEncryptionPart(header.getName(), 
                            header.getNamespace(), 
                            "Content"); 
                    sigParts.add(wep); 
                } 
            } 
        } 

                
> NullPointerException
> --------------------
>
>                 Key: CXF-4357
>                 URL: https://issues.apache.org/jira/browse/CXF-4357
>             Project: CXF
>          Issue Type: Bug
>          Components: Core
>    Affects Versions: 2.6
>         Environment: Tomcat7.0.27, Apache CXF2.6.0, ADFS2.0 as STS
>            Reporter: Gina Choi
>            Priority: Critical
>         Attachments: DoubleIt.wsdl, adfs_new_simple.wsdl, cxf.xml
>
>
> I have WSP, WSC and STS(ADFS2.0) environment.
> 1. WSP:
> Use SymmetricBinding and ProtectionToken is IssuedToken
> 2. STS: ADFS2.0
> use TransportBinding and client authentication is done via UT
> When I run client, I am getting following NPE. For details, please reference CXF-USER
thread http://cxf.547215.n5.nabble.com/Proglem-with-loading-Apache-CXF-STS-with-UT-authentication-td5708523.html.
If you need further information please reach me at ginachoi88@gmail.com
> Caused by: java.lang.NullPointerException
>         at org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler.doIssuedTokenSignature(TransportBindingHandler.java:429)
>         at org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler.handleEndorsingToken(TransportBindingHandler.java:283)
>         at org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler.handleEndorsingSupportingTokens(TransportBindingHandler.java:240)
>         at org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler.handleBinding(TransportBindingHandler.java:147)
>         at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:159)
>         at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:89)
>         at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)
>         at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:532)
>         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:464)
>         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:367)
>         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:320)
>         at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:722)
>         at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:602)
>         at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:594)
>         at org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.getTokenFromSTS(IssuedTokenInterceptorProvider.java:404)
>         at org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:188)
>         at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)
>         at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:532)
>         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:464)
>         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:367)
>         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:320)
>         at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:89)
>         at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message