Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
2.7.6
-
None
-
Unknown
Description
I created of JAX-WS client for working with "third-party" web service.
Web service provides the WSDL with ws-policy settings:
<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> <wsp:Policy> <sp:InitiatorToken> <wsp:Policy> <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"> <wsp:Policy> <sp:WssX509V3Token10 /> </wsp:Policy> </sp:X509Token> </wsp:Policy> </sp:InitiatorToken> <sp:RecipientToken> <wsp:Policy> <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToInitiator"> <wsp:Policy> <sp:WssX509V3Token10 /> </wsp:Policy> </sp:X509Token> </wsp:Policy> </sp:RecipientToken> <sp:AlgorithmSuite>
During of the client execution I got next exception:
org.apache.cxf.binding.soap.SoapFault: Incorrect inclusion value: null Caused by: java.lang.RuntimeException: Incorrect inclusion value: null at org.apache.cxf.ws.security.policy.model.Token.setInclusion(Token.java:70) at org.apache.cxf.ws.security.policy.builders.X509TokenBuilder.build(X509TokenBuilder.java:69) at org.apache.cxf.ws.security.policy.builders.X509TokenBuilder.build(X509TokenBuilder.java:40) at org.apache.neethi.AssertionBuilderFactoryImpl.invokeBuilder(AssertionBuilderFactoryImpl.java:138) at org.apache.neethi.AssertionBuilderFactoryImpl.build(AssertionBuilderFactoryImpl.java:117) at org.apache.neethi.PolicyBuilder.processOperationElement(PolicyBuilder.java:224) at org.apache.neethi.PolicyBuilder.getPolicyOperator(PolicyBuilder.java:174) at org.apache.neethi.PolicyBuilder.getPolicy(PolicyBuilder.java:124) . . .
After examining the documentation for WS-Policy specification v.1.1, I found a difference in the list of X.509 token inclusions. Specification Errata contains token inclusion as in WSDL: <...>/AlwaysToInitiator. "Base" specification is not contains of that inclusion.
CXF implementation of ws-policy 1.1 is not contains the constant for "Errata" version of the specification (i.e. not contains constant for http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToInitiator) and as result the code throw RuntimeException.
In runtime after executing the method from class org.apache.cxf.ws.security.policy.SP11Constants:
public IncludeTokenType getInclusionFromAttributeValue(String value) { if (INCLUDE_ALWAYS.equals(value)) { return IncludeTokenType.INCLUDE_TOKEN_ALWAYS; } else if (INCLUDE_ALWAYS_TO_RECIPIENT.equals(value)) { return IncludeTokenType.INCLUDE_TOKEN_ALWAYS_TO_RECIPIENT; } else if (INCLUDE_NEVER.equals(value)) { return IncludeTokenType.INCLUDE_TOKEN_NEVER; } else if (INCLUDE_ONCE.equals(value)) { return IncludeTokenType.INCLUDE_TOKEN_ONCE; } return StringUtils.isEmpty(value) ? IncludeTokenType.INCLUDE_TOKEN_ALWAYS : null; }
return result is NULL and next code from class org.apache.cxf.ws.security.policy.model.Token:
public void setInclusion(IncludeTokenType inclusion) { if (IncludeTokenType.INCLUDE_TOKEN_ALWAYS == inclusion || IncludeTokenType.INCLUDE_TOKEN_ALWAYS_TO_RECIPIENT == inclusion || IncludeTokenType.INCLUDE_TOKEN_ALWAYS_TO_INITIATOR == inclusion || IncludeTokenType.INCLUDE_TOKEN_NEVER == inclusion || IncludeTokenType.INCLUDE_TOKEN_ONCE == inclusion) { this.inclusion = inclusion; } else { // TODO replace this with a proper (WSSPolicyException) exception throw new RuntimeException("Incorrect inclusion value: " + inclusion); } }
throws of RuntimeException...
Please help me solve this problem!