[jira] [Updated] (RAMPART-429) Invoking org.apache.rahas.Token.writeExternal(ObjectOutput) breaks token insertion when connecting to the serivce

Wed, 23 Sep 2015 22:25:53 -0700 

     [ 
https://issues.apache.org/jira/browse/RAMPART-429?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sundeep Garla updated RAMPART-429:
----------------------------------
    Fix Version/s:     (was: 1.6.2)

> Invoking org.apache.rahas.Token.writeExternal(ObjectOutput) breaks token 
> insertion when connecting to the serivce
> -----------------------------------------------------------------------------------------------------------------
>
>                 Key: RAMPART-429
>                 URL: https://issues.apache.org/jira/browse/RAMPART-429
>             Project: Rampart
>          Issue Type: Bug
>          Components: rampart-trust
>    Affects Versions: 1.6.2
>            Reporter: Sundeep Garla
>
> Hello, 
> In our usecase we serialize the Rampart token into secure storage using 
> org.apache.rahas.Token.writeExternal(ObjectOutput out) before rampart handler 
> executes to inject the SAML assertion into security header. Once serialized, 
> It breaks with the following exception:
> {code:title=Error when inserting assertion into security header}
>  java.util.NoSuchElementException: End of the document reached
>                 at 
> org.apache.axiom.om.impl.llom.SwitchingWrapper.next(SwitchingWrapper.java:987)
>                 at 
> javax.xml.stream.util.StreamReaderDelegate.next(StreamReaderDelegate.java:88)
>                 at 
> org.apache.axiom.om.impl.builder.StAXOMBuilder.parserNext(StAXOMBuilder.java:668)
>                 at 
> org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:214)
>                 at 
> org.apache.axiom.om.impl.dom.ParentNode.buildNext(ParentNode.java:89)
>                 at 
> org.apache.axiom.om.impl.dom.ChildNode.getNextOMSibling(ChildNode.java:103)
>                 at 
> org.apache.axiom.om.impl.dom.ChildNode.getNextSibling(ChildNode.java:113)
>                 at 
> org.apache.axiom.om.impl.dom.DocumentImpl.importNode(DocumentImpl.java:403)
>                 at 
> org.apache.rampart.util.RampartUtil.appendChildToSecHeader(RampartUtil.java:826)
>                 at 
> org.apache.rampart.util.RampartUtil.insertSiblingAfter(RampartUtil.java:834)
>                 at 
> org.apache.rampart.builder.BindingBuilder.handleSupportingTokens(BindingBuilder.java:380)
>                 at 
> org.apache.rampart.builder.TransportBindingBuilder.build(TransportBindingBuilder.java:148)
>                 at 
> org.apache.rampart.MessageBuilder.build(MessageBuilder.java:140)
>                 at 
> org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65)
>                 at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
>                 at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
>                 at 
> org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
>                 at 
> org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:427)
>                 at 
> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:406)
>                 at 
> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
>                 at 
> org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
>                 at 
> org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:555)
>                 at 
> org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:531)
> {code}
> The above error reported in JIRA's:
> # https://issues.apache.org/jira/browse/AXIOM-439
> # https://issues.apache.org/jira/browse/RAMPART-392
> This is because of method:
> {code:title=org.apache.rahas.Token.java|borderStyle=solid}
> private String convertOMElementToString(OMElement element)
>         throws IOException {
>         String serializedToken = "";
>         if (null == element) {
>             return serializedToken;
>         }
>  try {
>             serializedToken = element.toStringWithConsume();
>         } catch (XMLStreamException e) {
>             throw new IOException("Could not serialize token OM element");
>         }
>         return serializedToken;
>     }
> {code}
> Invoking toStringWithConsume() causes the errors when RampartHandler tries to 
> access the object model to insert <Assertion> into security header. 
> I have patched the above code to invoke OMElement.toString() instead of 
> toStringWithConsume() modified source as below:
> {code:title=org.apache.rahas.Token.java|borderStyle=solid}
>     private String convertOMElementToString(OMElement element)
>         throws IOException {
>         String serializedToken = "";
>         if (null == element) {
>             return serializedToken;
>         }
>         serializedToken = element.toString();
>         return serializedToken;
>     }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to