Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-3539

NPE when sending packet to STS using default namespaces instead of namespace prefixes

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.4
    • Fix Version/s: 2.4.1, 2.3.5
    • Component/s: Core
    • Labels:

      Description

      common/common/src/main/java/org/apache/cxf/staxutils/StaxSource#getAttributes() sets the "localname" to null for default namespaces changes. However, when this is set it causes JAXB binding to throw an NPE in com.sun.xml.internal.bind.v2.util.QNameMap.hash(). This occurs when creating an STS using the CXF STS provider framework and sending a RST packet which uses default namespaces instead of namespace prefixes.

      A workaround that seems to work for the STS is setting the localname to "" instead of null, however I'm not sure what other effects that might have.

      Example packet:
      <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:s="http://www.w3.org/2001/XMLSchema" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><SOAP-ENV:Header><Security xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><Timestamp xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp"><Created>2011-05-19T20:25:45.197Z</Created><Expires>2011-05-19T20:30:45.197Z</Expires></Timestamp><BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="SecurityToken">...snip...</BinarySecurityToken><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><Reference URI="#Timestamp"><Transforms><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>...snip...</DigestValue></Reference></SignedInfo><SignatureValue>...snip...</SignatureValue><KeyInfo><SecurityTokenReference xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><Reference URI="#SecurityToken" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/></SecurityTokenReference></KeyInfo></Signature></Security></SOAP-ENV:Header><SOAP-ENV:Body><RequestSecurityToken xmlns="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:s="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><SecondaryParameters><TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</TokenType></SecondaryParameters><RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</RequestType><AppliesTo xmlns="http://schemas.xmlsoap.org/ws/2004/09/policy"><EndpointReference xmlns="http://www.w3.org/2005/08/addressing"><Address>...snip...</Address></EndpointReference></AppliesTo><KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey</KeyType><KeySize>256</KeySize></RequestSecurityToken></SOAP-ENV:Body></SOAP-ENV:Envelope>

      Example stacktrace:

      java.lang.NullPointerException
      at com.sun.xml.internal.bind.v2.util.QNameMap.hash(QNameMap.java:201)
      at com.sun.xml.internal.bind.v2.util.QNameMap.getEntry(QNameMap.java:452
      )
      at com.sun.xml.internal.bind.v2.util.QNameMap.get(QNameMap.java:147) [note: 2nd param(s1) = null]
      at com.sun.xml.internal.bind.v2.runtime.unmarshaller.StructureLoader.sta
      rtElement(StructureLoader.java:187) [note: s1 = attributes.getLocalName(i); . .... = null]
      at com.sun.xml.internal.bind.v2.runtime.unmarshaller.ProxyLoader.startEl
      ement(ProxyLoader.java:44)
      at com.sun.xml.internal.bind.v2.runtime.ElementBeanInfoImpl$IntercepterL
      oader.startElement(ElementBeanInfoImpl.java:226)
      at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallingContex
      t._startElement(UnmarshallingContext.java:470)
      at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallingContex
      t.startElement(UnmarshallingContext.java:448)
      at com.sun.xml.internal.bind.v2.runtime.unmarshaller.InterningXmlVisitor
      .startElement(InterningXmlVisitor.java:60)
      at com.sun.xml.internal.bind.v2.runtime.unmarshaller.SAXConnector.startE
      lement(SAXConnector.java:137)
      at org.apache.cxf.staxutils.StaxSource.parse(StaxSource.java:138)
      at org.apache.cxf.staxutils.StaxSource.parse(StaxSource.java:270)
      at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.un
      marshal0(UnmarshallerImpl.java:200)
      at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.un
      marshal(UnmarshallerImpl.java:173)
      at javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnm
      arshallerImpl.java:120)
      at javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnm
      arshallerImpl.java:103)
      at org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.
      convertToJAXBObject(SecurityTokenServiceProvider.java:255)
      at org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.
      invoke(SecurityTokenServiceProvider.java:182)
      at org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.
      invoke(SecurityTokenServiceProvider.java:64)

        Attachments

          Activity

            People

            • Assignee:
              dkulp Daniel Kulp
              Reporter:
              akphipps Alistair Phipps
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: