cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kirill Sokolov (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CXF-5335) Incorrect handle of ws-policy 1.1 (Incorrect inclusion value: null)
Date Mon, 14 Oct 2013 14:57:41 GMT
Kirill Sokolov created CXF-5335:
-----------------------------------

             Summary: Incorrect handle of ws-policy 1.1 (Incorrect inclusion value: null)
                 Key: CXF-5335
                 URL: https://issues.apache.org/jira/browse/CXF-5335
             Project: CXF
          Issue Type: Bug
          Components: WS-* Components
    Affects Versions: 2.7.6
            Reporter: Kirill Sokolov


I created of JAX-WS client for working with "third-party" web service.
Web service provides the WSDL with ws-policy settings:
<sp:AsymmetricBinding
	xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
	<wsp:Policy>
		<sp:InitiatorToken>
			<wsp:Policy>
				<sp:X509Token
					sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
					<wsp:Policy>
						<sp:WssX509V3Token10 />
					</wsp:Policy>
				</sp:X509Token>
			</wsp:Policy>
		</sp:InitiatorToken>
		<sp:RecipientToken>
			<wsp:Policy>
				<sp:X509Token
					sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToInitiator">
					<wsp:Policy>
						<sp:WssX509V3Token10 />
					</wsp:Policy>
				</sp:X509Token>
			</wsp:Policy>
		</sp:RecipientToken>
		<sp:AlgorithmSuite>

During of the client execution I got next exception:
org.apache.cxf.binding.soap.SoapFault: Incorrect inclusion value: null
Caused by: java.lang.RuntimeException: Incorrect inclusion value: null
	at org.apache.cxf.ws.security.policy.model.Token.setInclusion(Token.java:70)
	at org.apache.cxf.ws.security.policy.builders.X509TokenBuilder.build(X509TokenBuilder.java:69)
	at org.apache.cxf.ws.security.policy.builders.X509TokenBuilder.build(X509TokenBuilder.java:40)
	at org.apache.neethi.AssertionBuilderFactoryImpl.invokeBuilder(AssertionBuilderFactoryImpl.java:138)
	at org.apache.neethi.AssertionBuilderFactoryImpl.build(AssertionBuilderFactoryImpl.java:117)
	at org.apache.neethi.PolicyBuilder.processOperationElement(PolicyBuilder.java:224)
	at org.apache.neethi.PolicyBuilder.getPolicyOperator(PolicyBuilder.java:174)
	at org.apache.neethi.PolicyBuilder.getPolicy(PolicyBuilder.java:124)
. . .

After examining the documentation for WS-Policy specification v.1.1, I found a difference
in the list of X.509 token inclusions. Specification Errata contains token inclusion as in
WSDL: <...>/AlwaysToInitiator. "Base" specification is not contains of that inclusion.

CXF implementation of ws-policy 1.1 is not contains the constant for "Errata" version of the
specification (i.e. not contains constant for http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToInitiator)
and as result the code throw RuntimeException.

In runtime after executing the method from class org.apache.cxf.ws.security.policy.SP11Constants:
public IncludeTokenType getInclusionFromAttributeValue(String value) {
   
        if (INCLUDE_ALWAYS.equals(value)) {
            return IncludeTokenType.INCLUDE_TOKEN_ALWAYS;
        } else if (INCLUDE_ALWAYS_TO_RECIPIENT.equals(value)) {
            return IncludeTokenType.INCLUDE_TOKEN_ALWAYS_TO_RECIPIENT;
        } else if (INCLUDE_NEVER.equals(value)) {
            return IncludeTokenType.INCLUDE_TOKEN_NEVER;
        } else if (INCLUDE_ONCE.equals(value)) {
            return IncludeTokenType.INCLUDE_TOKEN_ONCE;
        }
        return StringUtils.isEmpty(value) ? IncludeTokenType.INCLUDE_TOKEN_ALWAYS : null;
    }

return result is NULL and next code from class org.apache.cxf.ws.security.policy.model.Token:
public void setInclusion(IncludeTokenType inclusion) {
        if (IncludeTokenType.INCLUDE_TOKEN_ALWAYS == inclusion
            || IncludeTokenType.INCLUDE_TOKEN_ALWAYS_TO_RECIPIENT == inclusion
            || IncludeTokenType.INCLUDE_TOKEN_ALWAYS_TO_INITIATOR == inclusion
            || IncludeTokenType.INCLUDE_TOKEN_NEVER == inclusion 
            || IncludeTokenType.INCLUDE_TOKEN_ONCE == inclusion) {
            this.inclusion = inclusion;
        } else {
            // TODO replace this with a proper (WSSPolicyException) exception
            throw new RuntimeException("Incorrect inclusion value: " + inclusion);
        }
    }

throws of RuntimeException...

Please help me solve this problem!



--
This message was sent by Atlassian JIRA
(v6.1#6144)

Mime
View raw message