Syed Abdul Wadood created CXF-5011:
--------------------------------------
Summary: Fix NPE in WSS4JInterceptor
Key: CXF-5011
URL: https://issues.apache.org/jira/browse/CXF-5011
Project: CXF
Issue Type: Bug
Components: WS-* Components
Environment: Problem occurs on all platforms
Reporter: Syed Abdul Wadood
Priority: Critical
Fix For: 2.6.7
The tokens, when symmetric binding is used, are created with lifetime of 5
minutes. The callback handler code goes through all the tokens in the cache to
get to the token id that matches the password callback's identifier field. If
the token has expired, then cache implementation returns null and calling code
does not have a check against null token and is causing NullPointerException
(NPE).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
