NPE when sending packet to STS using default namespaces instead of namespace prefixes

common/common/src/main/java/org/apache/cxf/staxutils/StaxSource#getAttributes() sets the "localname" to null for default namespaces changes. However, when this is set it causes JAXB binding to throw an NPE in com.sun.xml.internal.bind.v2.util.QNameMap.hash(). This occurs when creating an STS using the CXF STS provider framework and sending a RST packet which uses default namespaces instead of namespace prefixes.

A workaround that seems to work for the STS is setting the localname to "" instead of null, however I'm not sure what other effects that might have.

Example packet:
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:s="http://www.w3.org/2001/XMLSchema" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><SOAP-ENV:Header><Security xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><Timestamp xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp"><Created>2011-05-19T20:25:45.197Z</Created><Expires>2011-05-19T20:30:45.197Z</Expires></Timestamp><BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="SecurityToken">...snip...</BinarySecurityToken><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><Reference URI="#Timestamp"><Transforms><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>...snip...</DigestValue></Reference></SignedInfo><SignatureValue>...snip...</SignatureValue><KeyInfo><SecurityTokenReference xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><Reference URI="#SecurityToken" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/></SecurityTokenReference></KeyInfo></Signature></Security></SOAP-ENV:Header><SOAP-ENV:Body><RequestSecurityToken xmlns="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:s="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><SecondaryParameters><TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</TokenType></SecondaryParameters><RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</RequestType><AppliesTo xmlns="http://schemas.xmlsoap.org/ws/2004/09/policy"><EndpointReference xmlns="http://www.w3.org/2005/08/addressing"><Address>...snip...</Address></EndpointReference></AppliesTo><KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey</KeyType><KeySize>256</KeySize></RequestSecurityToken></SOAP-ENV:Body></SOAP-ENV:Envelope>

Example stacktrace:

java.lang.NullPointerException
at com.sun.xml.internal.bind.v2.util.QNameMap.hash(QNameMap.java:201)
at com.sun.xml.internal.bind.v2.util.QNameMap.getEntry(QNameMap.java:452
)
at com.sun.xml.internal.bind.v2.util.QNameMap.get(QNameMap.java:147) [note: 2nd param(s1) = null]
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.StructureLoader.sta
rtElement(StructureLoader.java:187) [note: s1 = attributes.getLocalName(i); . .... = null]
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.ProxyLoader.startEl
ement(ProxyLoader.java:44)
at com.sun.xml.internal.bind.v2.runtime.ElementBeanInfoImpl$IntercepterL
oader.startElement(ElementBeanInfoImpl.java:226)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallingContex
t._startElement(UnmarshallingContext.java:470)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallingContex
t.startElement(UnmarshallingContext.java:448)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.InterningXmlVisitor
.startElement(InterningXmlVisitor.java:60)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.SAXConnector.startE
lement(SAXConnector.java:137)
at org.apache.cxf.staxutils.StaxSource.parse(StaxSource.java:138)
at org.apache.cxf.staxutils.StaxSource.parse(StaxSource.java:270)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.un
marshal0(UnmarshallerImpl.java:200)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.un
marshal(UnmarshallerImpl.java:173)
at javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnm
arshallerImpl.java:120)
at javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnm
arshallerImpl.java:103)
at org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.
convertToJAXBObject(SecurityTokenServiceProvider.java:255)
at org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.
invoke(SecurityTokenServiceProvider.java:182)
at org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.
invoke(SecurityTokenServiceProvider.java:64)