Policy references embedded in policy are not processed
------------------------------------------------------
Key: CXF-3037
URL: https://issues.apache.org/jira/browse/CXF-3037
Project: CXF
Issue Type: Bug
Components: WS-* Components
Affects Versions: 2.2.10
Reporter: Dennis Sosnoski
WS-Policy allows <wsp:PolicyReference> to be embedded within policy documents,
but CXF does not handle these references. Here's an example:
<!-- Policy for symmetric binding, using an ephemeral key generated by the
client and
sent to the server as part of the request, using asymmetric encryption with
the server
public key to secure the symmetric key. -->
<wsp:Policy wsu:Id="SymmBinding"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";
xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl";
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
<sp:SymmetricBinding>
<wsp:Policy>
<sp:ProtectionToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
<wsp:Policy>
<sp:RequireDerivedKeys/>
<sp:RequireThumbprintReference/>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:ProtectionToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128Rsa15/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:OnlySignEntireHeadersAndBody/>
</wsp:Policy>
</sp:SymmetricBinding>
</wsp:Policy>
<!-- Policy for symmetric binding, using an ephemeral key generated by the
client and
sent to the server as part of the request, using asymmetric encryption with
the server
public key to secure the symmetric key. -->
<wsp:Policy wsu:Id="SymmEncr"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";
xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl";
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
<wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy";
URI="#SymmBinding"/>
<sp:Wss11>
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefThumbprint/>
<sp:MustSupportRefEncryptedKey/>
</wsp:Policy>
</sp:Wss11>
</wsp:Policy>
When trying to use this policy on the client it causes an NPE inside Neethi:
[java] WARNING: Interceptor for
{http://ws.sosnoski.com/library/wsdl}CXFLibrary#{http://ws.sosnoski.com/library/wsdl}getBook
has thrown exception, unwinding now
[java] java.lang.NullPointerException
[java] at
org.apache.neethi.AbstractPolicyOperator.normalizeOperator(AbstractPolicyOperator.java:116)
[java] at
org.apache.neethi.AbstractPolicyOperator.normalize(AbstractPolicyOperator.java:73)
[java] at org.apache.neethi.Policy.normalize(Policy.java:64)
[java] at org.apache.neethi.Policy.normalize(Policy.java:49)
[java] at
org.apache.cxf.ws.policy.EffectivePolicyImpl.initialisePolicy(EffectivePolicyImpl.java:134)
[java] at
org.apache.cxf.ws.policy.EffectivePolicyImpl.initialise(EffectivePolicyImpl.java:86)
[java] at
org.apache.cxf.ws.policy.PolicyEngineImpl.getEffectiveClientRequestPolicy(PolicyEngineImpl.java:155)
[java] at
org.apache.cxf.ws.policy.PolicyOutInterceptor.handle(PolicyOutInterceptor.java:110)
The problem here is that CXF passes a null for the policy context when calling
the Policy.normalize() method. Just passing the context should be enough to
make this work.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
