Stefan Vladov created RAMPART-388:
-------------------------------------
Summary: NPE in RampartUtil#setKeyIdentifierType (line #1389) wss
(web service security options assertion) is null.
Key: RAMPART-388
URL: https://issues.apache.org/jira/browse/RAMPART-388
Project: Rampart
Issue Type: Bug
Components: rampart-core
Affects Versions: 1.6.2
Reporter: Stefan Vladov
Priority: Minor
When a security policy requires a token reference (instead of including the
token directly) but there is no Wss10 or Wss11 assertion in the policy, Rampart
throws a NPE in RampartUtil#setKeyIdentifierType (line #1389).
Neither of the assertions is obligatory and all the configuration settings in
those assertions are optional. Wss4j will by default use Issuer+Serial
reference identifier. As a workaround One could add an empty Wss10 or Wss11
assertion in the policy but this is an inconvenience and is absolutely
unnecessary.
A simple null check will solve the problem.
Thanks,
Stefan
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
