Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-6600

Sudden repeating NPE on token request by STSClient

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.0.4
    • Fix Version/s: 3.0.7, 3.1.4
    • Component/s: STS
    • Labels:
      None

      Description

      After our application has been running for a few days it starts experiencing repeated NullPointerExceptions on each invocation of a CXF web service client proxy when it contacts the STS, see stacktraces below.

      The fediz-based system is set-up similarly to the wsclientWebapp sample from the fediz distribution: with WS-Federation SSO and delegated Web Service access via an issued-token WS-Trust policy.

      The system is based on fediz 1.2.0, CXF 3.0.4, Windows Server 2008 R2, java 8u51, tomcat 8.0.23.

      The following NPE repeatedly shows on each web service invocation once this condition starts. There is no discernible cause of this. A tomcat restart fixes it.

      2015-09-18 14:09:30,384Z WARN  [http-apr-443-exec-60] - o.a.cxf.phase.PhaseInterceptorChain      : Interceptor for {http://service.ecs.net/}ECSServiceService#{http://service.ecs. net/}GetHome has thrown exception, unwinding now
      
      java.lang.NullPointerException: null
      	at com.sun.xml.bind.unmarshaller.DOMScanner.visit(DOMScanner.java:274)
      	at com.sun.xml.bind.unmarshaller.DOMScanner.visit(DOMScanner.java:250)
      	at com.sun.xml.bind.unmarshaller.DOMScanner.visit(DOMScanner.java:281)
      	at com.sun.xml.bind.unmarshaller.DOMScanner.visit(DOMScanner.java:250)
      	at com.sun.xml.bind.unmarshaller.DOMScanner.scan(DOMScanner.java:127)
      	at com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal0(UnmarshallerImpl.java:369)
      	at com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal(UnmarshallerImpl.java:348)
      	at org.apache.cxf.ws.addressing.VersionTransformer.parseEndpointReference(VersionTransformer.java:439)
      	at org.apache.cxf.ws.security.trust.STSUtils.getClient(STSUtils.java:118)
      	at org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.issueToken(IssuedTokenInterceptorProvider.java:485)
      	at org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:162)
      	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
      	at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
      	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
      	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
      	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
      	at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
      	at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
      	at com.sun.proxy.$Proxy364.getHome(Unknown Source)
      	at net.ecs.unifyweb.HomeResource.getWelcome(HomeResource.java:129)
      	at sun.reflect.GeneratedMethodAccessor401.invoke(Unknown Source)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:497)
      	at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:181)
      	at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:97)
      	at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:200)
      	at net.ecs.unifyweb.AntiXSSInvoker.invoke(AntiXSSInvoker.java:58)
      	at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:99)
      	at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59)
      	at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96)
      	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
      	at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
      	at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:251)
      	at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)
      	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)
      	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)
      	at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171)
      	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:293)
      	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(AbstractHTTPServlet.java:217)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)
      

        Attachments

          Activity

            People

            • Assignee:
              coheigea Colm O hEigeartaigh
              Reporter:
              avallen Andreas Vallen
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: