cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (CXF-5011) Fix NPE in WSS4JInterceptor
Date Fri, 10 May 2013 16:23:18 GMT

     [ https://issues.apache.org/jira/browse/CXF-5011?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Colm O hEigeartaigh updated CXF-5011:
-------------------------------------

    Fix Version/s: 2.7.5
                   2.5.11
    
> Fix NPE in WSS4JInterceptor
> ---------------------------
>
>                 Key: CXF-5011
>                 URL: https://issues.apache.org/jira/browse/CXF-5011
>             Project: CXF
>          Issue Type: Bug
>          Components: WS-* Components
>         Environment: Problem occurs on all platforms
>            Reporter: Syed Abdul Wadood
>            Assignee: Colm O hEigeartaigh
>            Priority: Critical
>              Labels: patch
>             Fix For: 2.6.7, 2.5.11, 2.7.5
>
>         Attachments: wss4j_npe.patch
>
>
> The tokens, when symmetric binding is used, are created with lifetime of 5 minutes. The
callback handler code goes through all the tokens in the cache to get to the token id that
matches the password callback's identifier field. If the token has expired, then cache implementation
returns null and calling code does not have a check against null token and is causing NullPointerException
(NPE). 

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message