I updated from subversion today( 20060918 10AM EST). The NullPointerException is gone but a new exception UnsupportedOperationException is being thrown.
A basic question. Does axiom+wss4j support blank URI's? Using XPath? The xml message that fails actually uses blank URIs and XPath to refer to the subset that is signed. Here is the stack trace. Thread [http-8888-Processor25] (Suspended (exception UnsupportedOperationException)) SOAPMessageImpl(DocumentImpl).getNextSibling() line: 111 XMLUtils.circumventBug2650internal(Node) line: 490 XMLUtils.circumventBug2650(Document) line: 436 Canonicalizer20010315ExclOmitComments(CanonicalizerBase).engineCanonicalize(XMLSignatureInput) line: 150 Canonicalizer20010315ExclOmitComments(Canonicalizer20010315Excl).engineCanonicalize(XMLSignatureInput, String) line: 115 TransformC14NExclusive.enginePerformTransform(XMLSignatureInput, OutputStream) line: 93 Transform.performTransform(XMLSignatureInput, OutputStream) line: 340 Transforms.performTransforms(XMLSignatureInput, OutputStream) line: 237 Reference.getContentsAfterTransformation(XMLSignatureInput, OutputStream) line: 433 Reference.dereferenceURIandPerformTransforms(OutputStream) line: 603 Reference.calculateDigest() line: 688 Reference.verify() line: 736 SignedInfo(Manifest).verifyReferences(boolean) line: 317 SignedInfo.verify(boolean) line: 224 XMLSignature.checkSignatureValue(Key) line: 590 XMLSignature.checkSignatureValue(X509Certificate) line: 557 SignatureProcessor.verifyXMLSignature(Element, Crypto, X509Certificate[], Set, byte[][]) line: 264 SignatureProcessor.handleToken(Element, Crypto, Crypto, CallbackHandler, WSDocInfo, Vector, WSSConfig) line: 79 WSSecurityEngine.processSecurityHeader(Element, CallbackHandler, Crypto, Crypto) line: 269 WSSecurityEngine.processSecurityHeader(Document, String, CallbackHandler, Crypto, Crypto) line: 191 WSDoAllReceiver.processMessage(MessageContext) line: 180 WSDoAllReceiver(WSDoAllHandler).invoke(MessageContext) line: 82 Phase.invoke(MessageContext) line: 381 AxisEngine.invoke(MessageContext) line: 473 AxisEngine.receive(MessageContext) line: 445 OutInAxisOperationClient.send(MessageContext) line: 355 OutInAxisOperationClient.execute(boolean) line: 279 CustomerInformationServiceStub.isAliveRequest(IsAliveRequestDocument) line: 317 CustomerInformationClient.queryIsAlive() line: 66 IsAliveRequestAction.processRequest(HttpServletRequest, HttpServletResponse) line: 42 IsAliveRequestAction(SimpleAction).executeAction(ActionConfigExt, ActionForm, HttpServletRequest, HttpServletResponse) line: 185 IsAliveRequestAction(AbstractRequestAction).executeAction(ActionConfigExt, ActionForm, HttpServletRequest, HttpServletResponse) line: 162 IsAliveRequestAction(SimpleAction).execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) line: 123 RequestProcessorExt(RequestProcessor).processActionPerform(HttpServletRequest, HttpServletResponse, Action, ActionForm, ActionMapping) line: 484 RequestProcessorExt(RequestProcessor).process(HttpServletRequest, HttpServletResponse) line: 274 RequestProcessorExt.process(HttpServletRequest, HttpServletResponse) line: 126 ActionServletExt(ActionServlet).process(HttpServletRequest, HttpServletResponse) line: 1482 ActionServletExt.process(HttpServletRequest, HttpServletResponse) line: 111 ActionServletExt(ActionServlet).doGet(HttpServletRequest, HttpServletResponse) line: 507 ActionServletExt(HttpServlet).service(HttpServletRequest, HttpServletResponse) line: 697 ActionServletExt(HttpServlet).service(ServletRequest, ServletResponse) line: 810 ApplicationFilterChain.internalDoFilter(ServletRequest, ServletResponse) line: 237 ApplicationFilterChain.doFilter(ServletRequest, ServletResponse) line: 157 StandardWrapperValve.invoke(Request, Response, ValveContext) line: 214 StandardValveContext.invokeNext(Request, Response) line: 104 StandardPipeline.invoke(Request, Response) line: 520 StandardContextValve.invokeInternal(Wrapper, Request, Response) line: 198 StandardContextValve.invoke(Request, Response, ValveContext) line: 152 StandardValveContext.invokeNext(Request, Response) line: 104 StandardPipeline.invoke(Request, Response) line: 520 StandardHostValve.invoke(Request, Response, ValveContext) line: 137 StandardValveContext.invokeNext(Request, Response) line: 104 ErrorReportValve.invoke(Request, Response, ValveContext) line: 118 StandardValveContext.invokeNext(Request, Response) line: 102 StandardPipeline.invoke(Request, Response) line: 520 StandardEngineValve.invoke(Request, Response, ValveContext) line: 109 StandardValveContext.invokeNext(Request, Response) line: 104 StandardPipeline.invoke(Request, Response) line: 520 StandardEngine(ContainerBase).invoke(Request, Response) line: 929 CoyoteAdapter.service(Request, Response) line: 160 Http11Processor.process(InputStream, OutputStream) line: 799 Http11Protocol$Http11ConnectionHandler.processConnection(TcpConnection, Object[]) line: 705 TcpWorkerThread.runIt(Object[]) line: 577 ThreadPool$ControlRunnable.run() line: 684 ThreadWithAttributes(Thread).run() line: 534 On 9/18/06, Ruchith Fernando <[EMAIL PROTECTED]> wrote:
Hi Aravind, I just checked the latest axiom-dom impl code and there is a null check in line #353 in ElementImpl. Therefore IMHO this exception is not possible. Are you sure you are using the latest axiom-*-SNAPSHOT jars? Thanks, Ruchith On 9/14/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > I upgraded to stax-1.0.1 and wstx-asl-3.0.0.jar as you said. And I get a > NullPointerException. Here is the stack trace. I have also attached the xml > message. > In the soap message that causes the problem,I have commented out the private > information as confidential. I hope that doesn't cause a problem for you as > it is outside > the signed part. The odd thing is the URI is blank and the message uses > XPath to refer to the part that is signed. I am not sure how good is the > support for XPath in xmlsecurity library suite. > > Any help will be greatly appreciated. Thanks in advance. > > Aravind > > > > ------------------------------------------------------------------------------------- > > > > SOAPEnvelopeImpl(ElementImpl).getAttributeNodeNS(String, > String) line: 353 > > XMLUtils.circumventBug2650(Document) line: 429 > > > Canonicalizer20010315ExclOmitComments(CanonicalizerBase).engineCanonicalize(XMLSignatureInput) > line: 150 > > > Canonicalizer20010315ExclOmitComments(Canonicalizer20010315Excl).engineCanonicalize(XMLSignatureInput, > String) line: 115 > > > TransformC14NExclusive.enginePerformTransform(XMLSignatureInput, > OutputStream) line: 93 > > Transform.performTransform(XMLSignatureInput, OutputStream) line: 340 > > Transforms.performTransforms(XMLSignatureInput, OutputStream) line: 237 > > > Reference.getContentsAfterTransformation(XMLSignatureInput, > OutputStream) line: 433 > > > Reference.dereferenceURIandPerformTransforms(OutputStream) > line: 603 > > Reference.calculateDigest() line: 688 > > Reference.verify() line: 736 > > SignedInfo(Manifest).verifyReferences(boolean) line: 317 > > > SignedInfo.verify(boolean) line: 224 > > XMLSignature.checkSignatureValue(Key) line: 590 > > XMLSignature.checkSignatureValue(X509Certificate) line: > 557 > > SignatureProcessor.verifyXMLSignature(Element, Crypto, > X509Certificate[], Set, byte[][]) line: 264 > > SignatureProcessor.handleToken(Element, Crypto, Crypto, CallbackHandler, > WSDocInfo, Vector, WSSConfig) line: 79 > > WSSecurityEngine.processSecurityHeader(Element, > CallbackHandler, Crypto, Crypto) line: 269 > > WSSecurityEngine.processSecurityHeader(Document, String, > CallbackHandler, Crypto, Crypto) line: 191 > > WSDoAllReceiver.processMessage(MessageContext) line: 180 > > WSDoAllReceiver(WSDoAllHandler).invoke(MessageContext) > line: 82 > > Phase.invoke(MessageContext) line: 381 > > AxisEngine.invoke(MessageContext) line: 473 > > AxisEngine.receive(MessageContext) line: 445 > > OutInAxisOperationClient.send(MessageContext) line: 355 > > OutInAxisOperationClient.execute (boolean) line: 279 > > > ------------------------------------------------------------------------- > > > > On 9/13/06, Ruchith Fernando < [EMAIL PROTECTED]> wrote: > > Yes ! > > > > You have to use stax-1.0.1. Please replace your stax-api jar with this > > [1] and woodstox (wstx-asl-*.jar) with this [2]. > > > > Thanks, > > Ruchith > > > > [1] > http://www.ibiblio.org/maven/stax/jars/stax-api-1.0.1.jar > > [2] > http://www.ibiblio.org/maven/woodstox/jars/wstx-asl-3.0.0.jar > > > > On 9/14/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > > Hi, > > > > > > Do I need to upgrade any other libraries? When I used the the latest > > > snapshot I get this error in my application. I have pasted only > > > the relevant portion of the stack trace as the other parts are > > > confidential. > > > > > > thanks > > > > > > Aravind > > > > > > Error is > > > > > > java.lang.NoSuchMethodError: > > > javax.xml.stream.XMLOutputFactory.newInstance > (Ljava/lang/String;Ljava/lang/ClassLoader;)Ljavax/xml/stream/XMLOutputFactory; > > > at > org.apache.axiom.om.util.StAXUtils.getXMLOutputFactory(StAXUtils.java :97) > > > at > org.apache.axiom.om.util.StAXUtils.createXMLStreamWriter > (StAXUtils.java:111) > > > at > org.apache.axiom.om.impl.dom.NodeImpl.serialize(NodeImpl.java:577) > > > at > org.apache.axiom.om.impl.dom.ElementImpl.toString(ElementImpl.java:1139) > > > > > > > > > > > > On 9/13/06, Ruchith Fernando <[EMAIL PROTECTED]> wrote: > > > > > > > > Hi, > > > > > > > > Can you please try this with the latest axiom-*-SNAPSHOT jars. > > > > > > > > > http://people.apache.org/repository/ws-commons/jars/axiom-api-SNAPSHOT.jar > > > > > http://people.apache.org/repository/ws-commons/jars/axiom-dom-SNAPSHOT.jar > > > > > > > > > http://people.apache.org/repository/ws-commons/jars/axiom-impl-SNAPSHOT.jar > > > > > > > > Thanks, > > > > Ruchith > > > > > > > > On 9/13/06, [EMAIL PROTECTED] <[EMAIL PROTECTED] > wrote: > > > > > At ResolverFragment.java:60 > > > > > > > > > > Document doc = uri.getOwnerElement().getOwnerDocument(); > > > > > > > > > > This happens when we try to verify a xml signature. We are using > > > > > axiom(version > 1)/wss4j-1.5.0/xerces-2.7.1/xml-api-1.3.02/xmlsec-1.3.0with > > > > > Tomcat. > > > > > > > > > > uri.getOwnerElement() is of type DocumentImpl that can't be type > cast > > > > > into Element as none of the super classes implement the Element > > > > interface. > > > > > Am I right? I am new to web services and I don't understand fully. > But > > > > this > > > > > problem is always reproducible in our environment. > > > > > > > > > > Any help will be greatly appreciated. > > > > > > > > > > thanks > > > > > > > > > > Aravind > > > > > > > > > > > > > > > > > > > > > > -- > > > > www.ruchith.org > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > -- > > www.ruchith.org > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- www.ruchith.org --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
