[
https://issues.apache.org/jira/browse/CXF-2524?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12774045#action_12774045
]
Oliver Wulff commented on CXF-2524:
-----------------------------------
Here the NPE:
java.lang.NullPointerException
at
org.apache.cxf.helpers.DOMUtils.getFirstChildWithName(DOMUtils.java:307)
at
org.apache.cxf.ws.security.tokenstore.SecurityToken.processLifeTime(SecurityToken.java:181)
at
org.apache.cxf.ws.security.tokenstore.SecurityToken.<init>(SecurityToken.java:160)
at
org.apache.cxf.ws.security.trust.STSClient.createSecurityToken(STSClient.java:726)
at
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:447)
at
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:345)
at
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClent.java:337)
> STSClient requires Lifetime element in RSTR
> -------------------------------------------
>
> Key: CXF-2524
> URL: https://issues.apache.org/jira/browse/CXF-2524
> Project: CXF
> Issue Type: Bug
> Affects Versions: 2.2.4
> Reporter: Oliver Wulff
>
> The STSClient in CXF requires that an STS returns the Lifetime element which
> is optional as per WS-Trust 1.3 spec:
> [http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.html]
> >>>
> 4.4 Returning a Security Token
> ...
> wst:RequestSecurityTokenResponse/wst:Lifetime
> This optional element specifies the lifetime of the issued security token.
> If omitted the lifetime is unspecified (not necessarily unlimited). It is
> RECOMMENDED that if a lifetime exists for a token that this element be
> included in the response.
> >>>
> STSClient.java:
> ...
> while (el != null) {
> String ln = el.getLocalName();
> if (namespace.equals(el.getNamespaceURI())) {
> if ("Lifetime".equals(ln)) {
> lte = el;
> ...
> SecurityToken token = new SecurityToken(id, rstDec, lte);
> ...
> SecurityToken.java:
> ...
> public SecurityToken(String id,
> Element tokenElem,
> Element lifetimeElem) {
> this.id = id;
> this.token = cloneElement(tokenElem);
> this.processLifeTime(lifetimeElem);
> ...
> /**
> * @param lifetimeElem
> * @throws TrustException
> */
> private void processLifeTime(Element lifetimeElem) {
> try {
> DatatypeFactory factory = DatatypeFactory.newInstance();
>
> Element createdElem =
> DOMUtils.getFirstChildWithName(lifetimeElem,
> WSConstants.WSU_NS,
> WSConstants.CREATED_LN);
> this.created =
> factory.newXMLGregorianCalendar(DOMUtils.getContent(createdElem))
> .toGregorianCalendar();
> Element expiresElem =
> DOMUtils.getFirstChildWithName(lifetimeElem,
> WSConstants.WSU_NS,
> WSConstants.EXPIRES_LN);
> this.expires =
> factory.newXMLGregorianCalendar(DOMUtils.getContent(expiresElem))
> .toGregorianCalendar();
> } catch (DatatypeConfigurationException e) {
> //shouldn't happen
> If "null" is passed to processLifeTime a NPE occurs. If the CXF internals
> don't depend on the lifetime the following might fix it already:
> ...
> public SecurityToken(String id,
> Element tokenElem,
> Element lifetimeElem) {
> this.id = id;
> this.token = cloneElement(tokenElem);
> if (lifetimeElem !=null) this.processLifeTime(lifetimeElem);
> ...
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
