Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
1.6.2
-
None
-
None
Description
Hello,
In our usecase we serialize the Rampart token into secure storage using org.apache.rahas.Token.writeExternal(ObjectOutput out) before rampart handler executes to inject the SAML assertion into security header. Once serialized, It breaks with the following exception:
java.util.NoSuchElementException: End of the document reached
at org.apache.axiom.om.impl.llom.SwitchingWrapper.next(SwitchingWrapper.java:987)
at javax.xml.stream.util.StreamReaderDelegate.next(StreamReaderDelegate.java:88)
at org.apache.axiom.om.impl.builder.StAXOMBuilder.parserNext(StAXOMBuilder.java:668)
at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:214)
at org.apache.axiom.om.impl.dom.ParentNode.buildNext(ParentNode.java:89)
at org.apache.axiom.om.impl.dom.ChildNode.getNextOMSibling(ChildNode.java:103)
at org.apache.axiom.om.impl.dom.ChildNode.getNextSibling(ChildNode.java:113)
at org.apache.axiom.om.impl.dom.DocumentImpl.importNode(DocumentImpl.java:403)
at org.apache.rampart.util.RampartUtil.appendChildToSecHeader(RampartUtil.java:826)
at org.apache.rampart.util.RampartUtil.insertSiblingAfter(RampartUtil.java:834)
at org.apache.rampart.builder.BindingBuilder.handleSupportingTokens(BindingBuilder.java:380)
at org.apache.rampart.builder.TransportBindingBuilder.build(TransportBindingBuilder.java:148)
at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:140)
at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65)
at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:427)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:406)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:555)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:531)
The above error reported in JIRA's:
This is because of method:
private String convertOMElementToString(OMElement element) throws IOException { String serializedToken = ""; if (null == element) { return serializedToken; } try { serializedToken = element.toStringWithConsume(); } catch (XMLStreamException e) { throw new IOException("Could not serialize token OM element"); } return serializedToken; }
Invoking toStringWithConsume() causes the errors when RampartHandler tries to access the object model to insert <Assertion> into security header.
I have patched the above code to invoke OMElement.toString() instead of toStringWithConsume() modified source as below:
private String convertOMElementToString(OMElement element) throws IOException { String serializedToken = ""; if (null == element) { return serializedToken; } serializedToken = element.toString(); return serializedToken; }
Attachments
Issue Links
- relates to
-
-
- Resolved
-
-
-
- Resolved
-