[
https://issues.apache.org/jira/browse/CXF-5011?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Syed Abdul Wadood updated CXF-5011:
-----------------------------------
Attachment: wss4j_npe.patch
Attaching the patch for the NPE problem.
> Fix NPE in WSS4JInterceptor
> ---------------------------
>
> Key: CXF-5011
> URL: https://issues.apache.org/jira/browse/CXF-5011
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Environment: Problem occurs on all platforms
> Reporter: Syed Abdul Wadood
> Priority: Critical
> Labels: patch
> Fix For: 2.6.7
>
> Attachments: wss4j_npe.patch
>
>
> The tokens, when symmetric binding is used, are created with lifetime of 5
> minutes. The callback handler code goes through all the tokens in the cache
> to get to the token id that matches the password callback's identifier field.
> If the token has expired, then cache implementation returns null and calling
> code does not have a check against null token and is causing
> NullPointerException (NPE).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
