Uploaded image for project: 'Rampart'
  1. Rampart
  2. RAMPART-274

renewing a sts token doesn't work

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 1.5
    • 1.5.1
    • rampart-trust
    • None
    • axis2 1.5.1, rampart 1.5rc1

    Description

      i'm using following code to request a new token...
      ...
      STSClient stsClient = new STSClient(ctx);

      stsClient.setRstTemplate(getRSTTemplate());
      String action = TrustUtil.getActionValue(RahasConstants.VERSION_05_02, RahasConstants.RST_ACTION_ISSUE);
      stsClient.setAction(action);

      Token responseToken = stsClient.requestSecurityToken(loadPolicy(), getAddress()+"-sts", loadSTSPolicy(), null);

      TokenStorage store = TrustUtil.getTokenStore(ctx);
      store.add(responseToken);
      ...

      afterwards I want to renew my token via:

      stsClient.renewToken(responseToken.getId(), getAddress()+"-sts", loadSTSPolicy());

      but this call fails!

      server-stacktrace:

      java.lang.NullPointerException\
      at java.util.Hashtable.get(Unknown Source)\
      at org.apache.rahas.SimpleTokenStore.getToken(SimpleTokenStore.java:167)\
      at org.apache.rahas.impl.SAMLTokenRenewer.renew(SAMLTokenRenewer.java:127)\
      at org.apache.rahas.TokenRequestDispatcher.handle(TokenRequestDispatcher.java:112)\
      at org.apache.rahas.STSMessageReceiver.invokeBusinessLogic(STSMessageReceiver.java:57)\
      at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)\
      at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:114)\
      at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:173)\
      at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167)\
      at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:142)\
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:738)\
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:831)\
      at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)\
      at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:390)\
      at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)\
      at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)\
      at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)\
      at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)\
      at org.mortbay.jetty.handler.HandlerList.handle(HandlerList.java:49)\
      at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)\
      at org.mortbay.jetty.Server.handle(Server.java:322)\
      at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)\
      at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:938)\
      at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:755)\
      at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)\
      at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)\
      at org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228)\
      at org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:680)\
      at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)

      i did some research - i think the faulty code is in org.apache.rahas.RahasData#processRenewTarget() because the tokenId is only read if a reference is used.

      Attachments

        1. RAMPART-274.patch
          1 kB
          Gerhard Presser

        Activity

          People

            samisa Don Samisa Abeysinghe
            gpresser Gerhard Presser
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: