[jira] [Updated] (CXF-8139) SecurityToken, parsing the lifetime may cause a NullPointerException

Colm O hEigeartaigh (Jira) Thu, 31 Oct 2019 05:35:39 -0700


     [ 
https://issues.apache.org/jira/browse/CXF-8139?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Colm O hEigeartaigh updated CXF-8139:
-------------------------------------
    Fix Version/s: 3.2.12
                   3.3.5
                   3.4.0

> SecurityToken, parsing the lifetime may cause a NullPointerException
> --------------------------------------------------------------------
>
>                 Key: CXF-8139
>                 URL: https://issues.apache.org/jira/browse/CXF-8139
>             Project: CXF
>          Issue Type: Bug
>          Components: STS
>    Affects Versions: 3.1.6
>            Reporter: Daniel Baumann
>            Assignee: Colm O hEigeartaigh
>            Priority: Major
>             Fix For: 3.4.0, 3.3.5, 3.2.12
>
>
> According to 
> [http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.html] the 
> wsu:Created and wsu:Expires are optional elements in 
> /wst:RequestSecurityToken/wst:Lifetime.
> When creating the org.apache.cxf.ws.security.tokenstore.SecurityToken using a 
> lifetime Element where not both (created and expired) elements are set, a 
> NullPointerException is thrown as there is no null-check on the child 
> elements of the lifetime element.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (CXF-8139) SecurityToken, parsing the lifetime may cause a NullPointerException

Reply via email to