[
https://issues.apache.org/jira/browse/WSS-520?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14255609#comment-14255609
]
Alekhya Gumudavelli edited comment on WSS-520 at 12/22/14 11:16 AM:
--------------------------------------------------------------------
We are not doing any initialization from our end. I see the below code in wss4j
that tries to call super() - of xml-sexurity's class
And XMLSecurityException is trying to load "certPath" msgId from its own
resource bundle, hence it is failing
public WSSecurityException(ErrorCode errorCode, String msgId, Exception
exception) {
super(msgId, exception); /*XMLSecurityException.java belongs to
xml-sec*/
this.errorCode = errorCode;
}
was (Author: alekhya):
We are not doing any initialization from our end. I see the below code in wss4j
that tries to call super() - of xml-sexurity's class
And XMLSecurityException is trying to load "certPath" msgId from its own
resource bundle, hence it is failing
public WSSecurityException(ErrorCode errorCode, String msgId, Exception
exception) {
super(msgId, exception); //XMLSecurityException.java belongs to xml-sec
this.errorCode = errorCode;
}
> Searching in wrong path for the message.
> ----------------------------------------
>
> Key: WSS-520
> URL: https://issues.apache.org/jira/browse/WSS-520
> Project: WSS4J
> Issue Type: Bug
> Reporter: renu
> Assignee: Colm O hEigeartaigh
>
> Getting exception:
> Caused by: org.apache.wss4j.common.ext.WSSecurityException: No message with
> ID "certpath" found in resource bundle
> "org/apache/xml/security/resource/xmlsecurity". Original Exception was a
> java.security.cert.CertPathValidatorException and message basic constraints
> check failed: this is not a CA certificate
> Original Exception was java.security.cert.CertPathValidatorException: basic
> constraints check failed: this is not a CA certificate
> at org.apache.wss4j.common.crypto.Merlin.verifyTrust(Merlin.java:933)
> at
> org.apache.wss4j.dom.validate.SignatureTrustValidator.verifyTrustInCerts(SignatureTrustValidator.java:108)
>
> at
> org.apache.wss4j.dom.validate.SignatureTrustValidator.validate(SignatureTrustValidator.java:64)
>
> at
> org.apache.wss4j.dom.validate.SamlAssertionValidator.verifySignedAssertion(SamlAssertionValidator.java:130)
>
> at
> org.apache.wss4j.dom.validate.SamlAssertionValidator.validate(SamlAssertionValidator.java:109)
>
> Instead of searching the message in the resource bundle of wss4j , message is
> searched in xml security and thus causing the exception.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
