Uploaded image for project: 'Rampart'
  1. Rampart
  2. RAMPART-429

Invoking org.apache.rahas.Token.writeExternal(ObjectOutput) breaks token insertion when connecting to the serivce

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 1.6.2
    • Fix Version/s: None
    • Component/s: rampart-trust
    • Labels:
      None

      Description

      Hello,

      In our usecase we serialize the Rampart token into secure storage using org.apache.rahas.Token.writeExternal(ObjectOutput out) before rampart handler executes to inject the SAML assertion into security header. Once serialized, It breaks with the following exception:

      Error when inserting assertion into security header
       java.util.NoSuchElementException: End of the document reached
                      at org.apache.axiom.om.impl.llom.SwitchingWrapper.next(SwitchingWrapper.java:987)
                      at javax.xml.stream.util.StreamReaderDelegate.next(StreamReaderDelegate.java:88)
                      at org.apache.axiom.om.impl.builder.StAXOMBuilder.parserNext(StAXOMBuilder.java:668)
                      at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:214)
                      at org.apache.axiom.om.impl.dom.ParentNode.buildNext(ParentNode.java:89)
                      at org.apache.axiom.om.impl.dom.ChildNode.getNextOMSibling(ChildNode.java:103)
                      at org.apache.axiom.om.impl.dom.ChildNode.getNextSibling(ChildNode.java:113)
                      at org.apache.axiom.om.impl.dom.DocumentImpl.importNode(DocumentImpl.java:403)
                      at org.apache.rampart.util.RampartUtil.appendChildToSecHeader(RampartUtil.java:826)
                      at org.apache.rampart.util.RampartUtil.insertSiblingAfter(RampartUtil.java:834)
                      at org.apache.rampart.builder.BindingBuilder.handleSupportingTokens(BindingBuilder.java:380)
                      at org.apache.rampart.builder.TransportBindingBuilder.build(TransportBindingBuilder.java:148)
                      at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:140)
                      at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65)
                      at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
                      at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
                      at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
                      at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:427)
                      at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:406)
                      at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
                      at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
                      at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:555)
                      at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:531)
      

      The above error reported in JIRA's:

      1. https://issues.apache.org/jira/browse/AXIOM-439
      2. https://issues.apache.org/jira/browse/RAMPART-392

      This is because of method:

      org.apache.rahas.Token.java
      private String convertOMElementToString(OMElement element)
              throws IOException {
              String serializedToken = "";
      
              if (null == element) {
                  return serializedToken;
              }
      
       try {
                  serializedToken = element.toStringWithConsume();
              } catch (XMLStreamException e) {
                  throw new IOException("Could not serialize token OM element");
              }
              return serializedToken;
          }
      

      Invoking toStringWithConsume() causes the errors when RampartHandler tries to access the object model to insert <Assertion> into security header.

      I have patched the above code to invoke OMElement.toString() instead of toStringWithConsume() modified source as below:

      org.apache.rahas.Token.java
          private String convertOMElementToString(OMElement element)
              throws IOException {
              String serializedToken = "";
      
              if (null == element) {
                  return serializedToken;
              }
      
              serializedToken = element.toString();
      
              return serializedToken;
          }
      
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                sundeep.garla Sundeep Garla
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated: