Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-6991

WS-RM - Request context properties are lost when sending subsequent protocol message

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.7.18, 3.1.7
    • 3.1.8, 3.0.11, 3.2.0
    • WS-* Components
    • None
    • Unknown

    Description

      We hit "No SAML CallbackHandler available" error when it's sending TerminateSequence.

      20:44:32,416 SEVERE [org.apache.cxf.ws.rm.Proxy] (default-workqueue-1) Failed to send RM protocol message {http://schemas.xmlsoap.org/ws/2005/02/rm}TerminateSequence.: org.apache.cxf.interceptor.Fault: No SAML CallbackHandler available
	at org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:198) [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:98) [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:176) [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:90) [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272) [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:572) [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:481) [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:393) [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.ws.rm.Proxy.invoke(Proxy.java:295) [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.ws.rm.Proxy.terminate(Proxy.java:101) [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.ws.rm.SourceSequence.setAcknowledged(SourceSequence.java:159) [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.ws.rm.RMInInterceptor.processAcknowledgments(RMInInterceptor.java:191) [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.ws.rm.RMInInterceptor.handle(RMInInterceptor.java:163) [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.ws.rm.AbstractRMInterceptor.handleMessage(AbstractRMInterceptor.java:83) [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272) [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:831) [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1642) [cxf-rt-transports-http-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream$1.run(HTTPConduit.java:1133) [cxf-rt-transports-http-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.workqueue.AutomaticWorkQueueImpl$3.run(AutomaticWorkQueueImpl.java:428) [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_101]
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_101]
	at org.apache.cxf.workqueue.AutomaticWorkQueueImpl$AWQThreadFactory$1.run(AutomaticWorkQueueImpl.java:353) [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_101]
Caused by: org.apache.cxf.ws.policy.PolicyException: No SAML CallbackHandler available
	at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:315) [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.addSamlToken(AbstractBindingBuilder.java:923) [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.handleSupportingTokens(AbstractBindingBuilder.java:571) [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.handleSupportingTokens(AbstractBindingBuilder.java:455) [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.addSupportingTokens(AbstractBindingBuilder.java:2139) [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	at org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:144) [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
	... 22 more

      This is strange as CreateSequence and application message are successfully sent prior to this. It seems like the ws-security.* properties are lost when sending TerminateSequence while it's available for CreateSequence. Note that we pass those ws-security.* properties as request context property passed into org.apache.cxf.endpoint.Client.invoke() as a parameter using camel-cxf producer.

      I'll attach a unit test soon.

      Attachments

        1. cxf-ws-rm-context-property.tgz
          9 kB
          Tomohisa Igarashi

        Activity

          People

            ffang Freeman Yue Fang
            igarashitm Tomohisa Igarashi
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: