Rampart
  1. Rampart
  2. RAMPART-279

NPE thrown when WS-Trust renew binding implementation

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.5.1
    • Component/s: rampart-trust
    • Labels:
      None

      Description

      Following error is thrown when trying to renew tokens as per the WS-Trust Renew binding.

      java.lang.NullPointerException
      at sun.security.provider.JavaKeyStore$JKS.convertAlias(JavaKeyStore.java:40)
      at sun.security.provider.JavaKeyStore.engineGetCertificateChain(JavaKeyStore.java:135)
      at java.security.KeyStore.getCertificateChain(KeyStore.java:756)
      at org.wso2.carbon.security.util.ServerCrypto.getCertificates(ServerCrypto.java:275)
      at org.apache.rahas.impl.SAMLTokenIssuer.getServiceCert(SAMLTokenIssuer.java:461)
      at org.apache.rahas.impl.SAMLTokenIssuer.createHoKAssertion(SAMLTokenIssuer.java:359)
      at org.apache.rahas.impl.SAMLTokenIssuer.issue(SAMLTokenIssuer.java:167)
      at org.apache.rahas.TokenRequestDispatcher.handle(TokenRequestDispatcher.java:70)
      at org.apache.rahas.STSMessageReceiver.invokeBusinessLogic(STSMessageReceiver.java:57)
      at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
      at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:114)
      at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:178)
      at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167)
      at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:142)

      This is mainly due to a bug in the Token ID extraction logic when generating Rahas Data. In the request for token renewal, the token id is sent as a key identifier. But current implementation does not cover this case. Hence it ends up with a null value as the token identifier.

      1. RAMPART-279.patch
        0.8 kB
        Thilina Buddhika

        Activity

        No work has yet been logged on this issue.

          People

          • Assignee:
            S.Uthaiyashankar
            Reporter:
            Thilina Buddhika
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development