Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-8708

org.w3c.dom.DOMException: WRONG_DOCUMENT_ERR when requesting a WSFED security token

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Blocker
    • Resolution: Unresolved
    • 3.4.4
    • None
    • STS
    • None
    • Unknown

    Description

      Migrating a project from cxf 3.0.3 (on java 7 with jboss 6.3.3 ) to cxf 3.4.4 (on java 8 with jboss  7.3.10 ), i've now the following issue when trying to request a security token from an identical ADFS. 

       

      Could you please advice ?

       

      David L.

      2022-06-01 13:27:07,415 ERROR [org.riziv.wsfed.STSCustomClient] (default task-5) an error has occurred in the STSCustomClient connectWithUser method: org.w3c.dom.DOMException: WRONG_DOCUMENT_ERR: A node is used in a different document than the one that created it.
          at com.sun.org.apache.xerces.internal.dom.ParentNode.internalInsertBefore(ParentNode.java:356)
          at com.sun.org.apache.xerces.internal.dom.ParentNode.insertBefore(ParentNode.java:287)
          at org.apache.wss4j.dom.util.WSSecurityUtil.prependChildElement(WSSecurityUtil.java:370)
          at org.apache.wss4j.dom.util.WSSecurityUtil.findWsseSecurityHeaderBlock(WSSecurityUtil.java:490)
          at org.apache.wss4j.dom.message.WSSecHeader.insertSecurityHeader(WSSecHeader.java:167)
          at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessageInternal(PolicyBasedWSS4JOutInterceptor.java:145)
          at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:110)
          at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:97)
          at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
          at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530)
          at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:441)
          at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:356)
          at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:314)
          at org.apache.cxf.ws.security.trust.AbstractSTSClient.issue(AbstractSTSClient.java:874)
          at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:71)
          at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:65)
          at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:61)
          at org.riziv.wsfed.STSCustomClient.connectWithUser(Unknown Source)
          at org.riziv.wsfed.STSCustomClient.requestSecurityToken(Unknown Source)
          at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:65)
          at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:61)
          at org.apache.cxf.ws.security.trust.STSTokenRetriever.getTokenFromSTS(STSTokenRetriever.java:267)
          at org.apache.cxf.ws.security.trust.STSTokenRetriever.getToken(STSTokenRetriever.java:111)
          at org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:147)
          at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
          at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530)
          at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:441)
          at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:356)
          at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:314)
          at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
          at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:140)
          at com.sun.proxy.$Proxy203.searchOrganisation(Unknown Source)
          at com.eistream.sonora.grammar.extended.OpDoContactConsultationSearchOrganisation.doRequest(Unknown Source)
          at com.eistream.sonora.grammar.extended.OpDoContactConsultationSearchOrganisation.doRequest(Unknown Source)
          at com.eistream.sonora.grammar.extended.OpDoContactConsultationSearchOrganisationByName.evaluate(Unknown Source)
          at com.eistream.utilities.expression.op.OpString.evaluateAsObject(OpString.java:80)
          at com.eistream.utilities.expression.opscript.OpReturn.evaluate(OpReturn.java:43)
          at com.eistream.utilities.expression.op.OpVoid.evaluateAsVoid(OpVoid.java:134)
          at com.eistream.utilities.expression.opscript.OpCodeBlock.evaluate(OpCodeBlock.java:56)
          at com.eistream.utilities.expression.op.OpVoid.evaluateAsVoid(OpVoid.java:134)
          at com.eistream.utilities.expression.opscript.OpCodeBlock.evaluate(OpCodeBlock.java:56)
          at com.eistream.utilities.expression.op.OpVoid.evaluateAsVoid(OpVoid.java:134)
          at com.eistream.utilities.expression.opscript.OpScript.evaluate(OpScript.java:26)
          at com.eistream.utilities.expression.op.OpBoolean.evaluateAsVoid(OpBoolean.java:145)
          at com.eistream.utilities.expression.ExpressionScript.evaluateIt(ExpressionScript.java:1103)
          at com.eistream.utilities.expression.ExpressionScript.getValue(ExpressionScript.java:1030)
          at com.eistream.sonora.system.SystemSessionEJBBean.doAjaxCall(SystemSessionEJBBean.java:646)
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at org.jboss.as.ee.component.ManagedReferenceMethodInterceptor.processInvocation(ManagedReferenceMethodInterceptor.java:52)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:509)
          at org.jboss.as.weld.interceptors.Jsr299BindingsInterceptor.delegateInterception(Jsr299BindingsInterceptor.java:79)
          at org.jboss.as.weld.interceptors.Jsr299BindingsInterceptor.doMethodInterception(Jsr299BindingsInterceptor.java:89)
          at org.jboss.as.weld.interceptors.Jsr299BindingsInterceptor.processInvocation(Jsr299BindingsInterceptor.java:102)
          at org.jboss.as.ee.component.interceptors.UserInterceptorFactory$1.processInvocation(UserInterceptorFactory.java:63)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.as.ejb3.component.invocationmetrics.ExecutionTimeInterceptor.processInvocation(ExecutionTimeInterceptor.java:43)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.as.jpa.interceptor.SBInvocationInterceptor.processInvocation(SBInvocationInterceptor.java:47)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.as.ee.concurrent.ConcurrentContextInterceptor.processInvocation(ConcurrentContextInterceptor.java:45)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.invocation.InitialInterceptor.processInvocation(InitialInterceptor.java:40)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:53)
          at org.jboss.as.ee.component.interceptors.ComponentDispatcherInterceptor.processInvocation(ComponentDispatcherInterceptor.java:52)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.as.ejb3.component.pool.PooledInstanceInterceptor.processInvocation(PooledInstanceInterceptor.java:51)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:54)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.as.ejb3.tx.CMTTxInterceptor.invokeInOurTx(CMTTxInterceptor.java:250)
          at org.jboss.as.ejb3.tx.CMTTxInterceptor.required(CMTTxInterceptor.java:386)
          at org.jboss.as.ejb3.tx.CMTTxInterceptor.processInvocation(CMTTxInterceptor.java:156)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:509)
          at org.jboss.weld.module.ejb.AbstractEJBRequestScopeActivationInterceptor.aroundInvoke(AbstractEJBRequestScopeActivationInterceptor.java:81)
          at org.jboss.as.weld.ejb.EjbRequestScopeActivationInterceptor.processInvocation(EjbRequestScopeActivationInterceptor.java:89)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.as.ejb3.component.interceptors.CurrentInvocationContextInterceptor.processInvocation(CurrentInvocationContextInterceptor.java:41)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.as.ejb3.component.invocationmetrics.WaitTimeInterceptor.processInvocation(WaitTimeInterceptor.java:47)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.as.ejb3.security.IdentityOutflowInterceptor.processInvocation(IdentityOutflowInterceptor.java:73)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.as.ejb3.security.SecurityDomainInterceptor.processInvocation(SecurityDomainInterceptor.java:44)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.as.ejb3.deployment.processors.StartupAwaitInterceptor.processInvocation(StartupAwaitInterceptor.java:22)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:64)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:67)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.invocation.ContextClassLoaderInterceptor.processInvocation(ContextClassLoaderInterceptor.java:60)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:438)
          at org.wildfly.security.manager.WildFlySecurityManager.doChecked(WildFlySecurityManager.java:628)
          at org.jboss.invocation.AccessCheckingInterceptor.processInvocation(AccessCheckingInterceptor.java:57)
          at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
          at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:53)
          at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:198)
          at org.jboss.as.ee.component.ViewDescription$1.processInvocation(ViewDescription.java:191)
          at org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:81)
          at com.eistream.sonora.system.SystemSessionEJBLocal$$$view33.doAjaxCall(Unknown Source)
          at com.eistream.sonora.ajax.AjaxServlet.doGetOrPost(AjaxServlet.java:314)
          at com.eistream.sonora.ajax.AjaxServlet.doGetOrPost(AjaxServlet.java:157)
          at com.eistream.sonora.ajax.AjaxServlet.doGet(AjaxServlet.java:107)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:503)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:590)
          at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
          at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
          at io.opentracing.contrib.jaxrs2.server.SpanFinishingFilter.doFilter(SpanFinishingFilter.java:52)
          at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
          at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
          at com.eistream.sonora.filters.XFrameOptionsFilter.doFilter(XFrameOptionsFilter.java:32)
          at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
          at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
          at com.eistream.sonora.filters.CrossSiteScriptingXSSFilter.doFilter(CrossSiteScriptingXSSFilter.java:471)
          at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
          at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
          at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:59)
          at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
          at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
          at com.eistream.sonora.filters.ReadOnlyFilter.doFilter(ReadOnlyFilter.java:182)
          at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
          at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
          at com.eistream.sonora.filters.HttpVerbFilter.doFilter(HttpVerbFilter.java:105)
          at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
          at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
          at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
          at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
          at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
          at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
          at org.wildfly.elytron.web.undertow.server.ElytronRunAsHandler.lambda$handleRequest$1(ElytronRunAsHandler.java:68)
          at org.wildfly.security.auth.server.FlexibleIdentityAssociation.runAsFunctionEx(FlexibleIdentityAssociation.java:103)
          at org.wildfly.security.auth.server.Scoped.runAsFunctionEx(Scoped.java:161)
          at org.wildfly.security.auth.server.Scoped.runAs(Scoped.java:73)
          at org.wildfly.elytron.web.undertow.server.ElytronRunAsHandler.handleRequest(ElytronRunAsHandler.java:67)
          at io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
          at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:111)
          at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
          at io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33)
          at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
          at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53)
          at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
          at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
          at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59)
          at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
          at org.wildfly.elytron.web.undertow.server.servlet.CleanUpHandler.handleRequest(CleanUpHandler.java:38)
          at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
          at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
          at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
          at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68)
          at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
          at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:280)
          at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:79)
          at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:134)
          at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:131)
          at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
          at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
          at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
          at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
          at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
          at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
          at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
          at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:260)
          at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:79)
          at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:100)
          at io.undertow.server.Connectors.executeRootHandler(Connectors.java:390)
          at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:841)
          at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
          at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982)
          at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
          at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
          at org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1280)
          at java.lang.Thread.run(Thread.java:750)
         

      Attachments

        1. STSCustomClient.java
          12 kB
          David Leruse
        2. good_interaction_simplejavaprogram.txt
          61 kB
          David Leruse

        Activity

          People

            Unassigned Unassigned
            DL9442 David Leruse
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: