ws-wss4j-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] Commented: (WSS-235) xmlsec/1.4.3 not compatible with xmlbeans/2.4.0, resulting in NullPointerException in IdResolver, more robustness would help
Date Fri, 23 Jul 2010 17:07:50 GMT

    [ https://issues.apache.org/jira/browse/WSS-235?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12891675#action_12891675
] 

Colm O hEigeartaigh commented on WSS-235:
-----------------------------------------


Does this problem exist in XML Beans 2.5.0 as well?

Colm.

> xmlsec/1.4.3 not compatible with xmlbeans/2.4.0, resulting in NullPointerException in
IdResolver, more robustness would help
> ----------------------------------------------------------------------------------------------------------------------------
>
>                 Key: WSS-235
>                 URL: https://issues.apache.org/jira/browse/WSS-235
>             Project: WSS4J
>          Issue Type: Wish
>         Environment: xmm security structure generated with xmlbeans, verified with xmlsec.
>            Reporter: martin voegeli
>            Assignee: Ruchith Udayanga Fernando
>            Priority: Minor
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> IdResolver.java was refactored from release xmlsec/1.3.0 to xmlsec/1.4.3.
> (I know, not part of wss4j, but xmlsec seams to be a sub-component here).
> Symptoms:
> java.lang.NullPointerException
>     at org.apache.xml.security.utils.IdResolver.isElement(Unknown Source)
>     at org.apache.xml.security.utils.IdResolver.getEl(Unknown Source)
>     at org.apache.xml.security.utils.IdResolver.getElementBySearching(Unknown Source)
>     at org.apache.xml.security.utils.IdResolver.getElementById(Unknown Source)
>     at org.apache.xml.security.utils.resolver.implementations.ResolverFragment.engineResolve(Unknown
Source)
>     at org.apache.xml.security.utils.resolver.ResourceResolver.resolve(Unknown Source)
> Problem: 
> Under certain circumstances, the ID attribute of an XML node in the XMLBeans DOM implementation
is treated as !nodeCanHavePrefixUri (which might not be DOM specification compliant, but never
mind). The Id Resolver code does not expect this behavior
> xmlbenas/2.4.0 org.apache.xmlbeans.impl.store.DomImpl
>     public static String _node_getLocalName ( Dom n )
>     {
>         if (! n.nodeCanHavePrefixUri() ) return null;
>         QName name = n.getQName();
>         return name == null ? "" : name.getLocalPart();
>     }
> xml-security/1.4.3 org.apache.xml.security.utils.IdResolver:
> Suggested robustness optimization near line 247:
>             String name=n.getLocalName();
>             if (name == null) { name = n.getName(); }           <<<
> Changing xmlbeans to not return null as a local name might be the better solution but
that change seems somewhat risky.
> thanks
> martin

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org


Mime
View raw message