Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-5317

Policy exception handler throws away useful exception stack trace

    XMLWordPrintableJSON

    Details

    • Estimated Complexity:
      Novice

      Description

      I had a working WS-Policy which was encrypting the SOAP body with a UsernameToken using Basic128 encryption, then I modified the policy to use Basic256 encryption instead. I got the following stack trace cause:
      Caused by: org.apache.cxf.ws.policy.PolicyException: Cannot encrypt data
      at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:294)

      Since the exception was short on detail, I went to the source code and found that AbstractBindingBuilder.java:294 was simply throwing away the rest of the Exception object. There's a method existing already to take the exception too so I changed that line to call it and now get the following MUCH more useful error message on the end of the stack trace:
      Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Invalid AES key length: 20 bytes
      Original Exception was java.security.InvalidKeyException: Invalid AES key length: 20 bytes

      I chose priority Major because without this user will report the error "cannot encrypt data" which will give developers very little to go on. The only way to find the real problem is to attach a debugger which is not an option for everybody.

      I'll attach a patch to this issue to resolve this.

        Attachments

        1. AbstractBindingBuilder.patch
          0.4 kB
          Jesse Pangburn

          Activity

            People

            • Assignee:
              coheigea Colm O hEigeartaigh
              Reporter:
              jpangburn Jesse Pangburn
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: