Uploaded image for project: 'Axiom'
  1. Axiom
  2. AXIOM-423

WSS4J fails when processing SAML Tokens since org.apache.axiom.om.impl.dom.NodeImpl has not implemented some required methods such as lookupNamespaceURI(), hence Rampart Trust module fails.

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 1.2.13
    • 1.2.14
    • DOOM
    • None
    • WSS4J 1.6.4, Java 1.6.0.26, Linux

    Description

      Axiom 1.2.13 implementation's NodeImpl has not implemented methods such as lookupPrefix(), isDefaultNamespace(), lookupNamespaceURI() etc and they throws UnsupportedOperationException. But these methods are required methods for WSS4J libraries such as OpenSAML. Since these methods are not implemented WSS4J fails when processing SAML assertions and hence Rampart Trust module fails. This is a blocking issue for Apache Rampart.

      Following is the stack trace you get when trying Apache Rampart policy sample05. For further info on how to run Rampart samples please refer this http://axis.apache.org/axis2/java/rampart/samples.html.

      java.lang.UnsupportedOperationException: TODO
      at org.apache.axiom.om.impl.dom.NodeImpl.lookupNamespaceURI(NodeImpl.java:347)
      at org.opensaml.xml.util.XMLHelper.getXSIType(XMLHelper.java:132)
      at org.opensaml.xml.io.UnmarshallerFactory.getUnmarshaller(UnmarshallerFactory.java:77)
      at org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshallChildElement(AbstractXMLObjectUnmarshaller.java:317)
      at org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshall(AbstractXMLObjectUnmarshaller.java:121)
      at org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshallChildElement(AbstractXMLObjectUnmarshaller.java:334)
      at org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshall(AbstractXMLObjectUnmarshaller.java:121)
      at org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshallChildElement(AbstractXMLObjectUnmarshaller.java:334)
      at org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshall(AbstractXMLObjectUnmarshaller.java:121)
      at org.opensaml.saml1.core.impl.AssertionUnmarshaller.unmarshall(AssertionUnmarshaller.java:43)
      at org.apache.ws.security.saml.ext.OpenSAMLUtil.fromDom(OpenSAMLUtil.java:84)
      at org.apache.ws.security.saml.ext.AssertionWrapper.parseElement(AssertionWrapper.java:678)
      at org.apache.ws.security.saml.ext.AssertionWrapper.<init>(AssertionWrapper.java:152)
      at org.apache.ws.security.processor.SAMLTokenProcessor.handleSAMLToken(SAMLTokenProcessor.java:109)
      at org.apache.ws.security.processor.SAMLTokenProcessor.handleToken(SAMLTokenProcessor.java:53)
      at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396)
      at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:304)
      at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:249)
      at org.apache.rampart.RampartEngine.process(RampartEngine.java:132)
      at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)
      at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
      at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
      at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
      at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:168)
      at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172)
      at org.apache.axis2.transport.http.HTTPWorker.service(HTTPWorker.java:307)
      at org.apache.axis2.transport.http.server.AxisHttpService.doService(AxisHttpService.java:281)
      at org.apache.axis2.transport.http.server.AxisHttpService.handleRequest(AxisHttpService.java:187)
      at org.apache.axis2.transport.http.server.HttpServiceProcessor.run(HttpServiceProcessor.java:82)
      at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
      at java.lang.Thread.run(Thread.java:662)
      [ERROR] Error in SAMLToken
      org.apache.axis2.AxisFault: Error in SAMLToken
      at org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:180)
      at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:95)
      at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
      at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
      at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
      at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:168)
      at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172)
      at org.apache.axis2.transport.http.HTTPWorker.service(HTTPWorker.java:307)
      at org.apache.axis2.transport.http.server.AxisHttpService.doService(AxisHttpService.java:281)
      at org.apache.axis2.transport.http.server.AxisHttpService.handleRequest(AxisHttpService.java:187)
      at org.apache.axis2.transport.http.server.HttpServiceProcessor.run(HttpServiceProcessor.java:82)
      at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
      at java.lang.Thread.run(Thread.java:662)
      Caused by: org.apache.ws.security.WSSecurityException: Error in SAMLToken
      at org.apache.ws.security.processor.SAMLTokenProcessor.handleSAMLToken(SAMLTokenProcessor.java:112)
      at org.apache.ws.security.processor.SAMLTokenProcessor.handleToken(SAMLTokenProcessor.java:53)
      at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396)
      at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:304)
      at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:249)
      at org.apache.rampart.RampartEngine.process(RampartEngine.java:132)
      at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)
      ... 12 more

      Attachments

        1. Issue-AXIOM-423.patch
          39 kB
          Suresh Attanayake
        2. Issue-AXIOM-423-resubmit.patch
          4 kB
          Suresh Attanayake
        3. issue-AXIOM-423-WithTestCases.patch
          10 kB
          Suresh Attanayake
        4. issue-AXIOM-423-WithTestCases-Resubmit.patch
          44 kB
          Suresh Attanayake

        Issue Links

          blocks

          Bug - A problem which impairs or prevents the functions of the product. RAMPART-381 Rampart Sample 05 is not working

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              veithen Andreas Veithen
              sureshatt Suresh Attanayake
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: