[jira] [Commented] (AXIS2-5827) axis2-wsdl2code-maven-plugin shouldn't use Log4j
[
https://issues.apache.org/jira/browse/AXIS2-5827?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16506153#comment-16506153
]
Petr Dvorak commented on AXIS2-5827:
Is there any roadmap for 1.8.0 release? We are postponing our issue that
depends on this one for several releases...
> axis2-wsdl2code-maven-plugin shouldn't use Log4j
>
>
> Key: AXIS2-5827
> URL: https://issues.apache.org/jira/browse/AXIS2-5827
> Project: Axis2
> Issue Type: Bug
> Components: Tools
>Affects Versions: 1.7.4
>Reporter: Petr Dvorak
>Assignee: Andreas Veithen
>Priority: Minor
> Fix For: 1.8.0
>
>
> I am using axis2-wsdl2code-maven-plugin to generate my SOAP service client.
> The plugin itself works correctly and it generates a correct SOAP client, but
> I get following warning in console with every build:
> {code}
> log4j:WARN No appenders could be found for logger
> (org.apache.axiom.locator.DefaultOMMetaFactoryLocator).
> log4j:WARN Please initialize the log4j system properly.
> {code}
> I know I need to configure Log4j properties, but I haven't found any
> documentation / help on how to do this for {{axis2-wsdl2code-maven-plugin}}...
> This is my {{pom.xml}} file:
> {code:xml}
> http://maven.apache.org/POM/4.0.0;
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance;
> xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
> http://maven.apache.org/xsd/maven-4.0.0.xsd;>
> 4.0.0
> powerauth-java-client-axis
> 0.13.0
> powerauth-java-client-axis
> PowerAuth 2.0 Service Client - Axis
>
> io.getlime.security
> powerauth-parent
> 0.13.0
> ../pom.xml
>
>
>
> org.apache.axis2
> axis2
> 1.6.3
>
>
> org.apache.axis2
> axis2-adb
> 1.6.3
>
>
> org.apache.axis2
> axis2-transport-http
> 1.6.3
>
>
> org.apache.axis2
> axis2-transport-local
> 1.6.3
>
>
> org.apache.ws.commons.axiom
> axiom-api
> 1.2.20
>
>
> org.apache.ws.commons.axiom
> axiom-impl
> 1.2.20
>
>
> org.apache.ws.security
> wss4j
> 1.6.19
>
>
> wsdl4j
> wsdl4j
>
>
>
>
>
>
> org.apache.axis2
> axis2-wsdl2code-maven-plugin
> 1.6.4
>
>
>
> wsdl2code
>
>
>
> io.getlime.powerauth.soap
>
> ${basedir}/src/main/resources/soap/wsdl/service.wsdl
>
>
>
>
>
>
>
>
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org
For additional commands, e-mail: java-dev-h...@axis.apache.org
[jira] [Closed] (AXIS2-5863) Possible null dereference in ServiceStub class
[
https://issues.apache.org/jira/browse/AXIS2-5863?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Petr Dvorak closed AXIS2-5863.
--
Confirming fix in 1.7.6.
> Possible null dereference in ServiceStub class
> --
>
> Key: AXIS2-5863
> URL: https://issues.apache.org/jira/browse/AXIS2-5863
> Project: Axis2
> Issue Type: Bug
> Components: codegen
>Affects Versions: 1.7.5
>Reporter: Petr Dvorak
>Priority: Minor
> Labels: security
> Fix For: 1.7.6
>
> Attachments: diff.patch
>
>
> We use Coverity Scan tool to audit our open-source code against security
> vulnerabilities. Possible NullPointerException was detected in Axis2
> generated ServiceStub class code. The issue occurs in following generated
> code:
> {code:java}
> } finally {
> if (_messageContext.getTransportOut() != null) {
> _messageContext.getTransportOut().getSender()
> .cleanup(_messageContext);
> }
> }
> {code}
> In case "_messageContext" is set to null, the if condition throws NPE. Also,
> we can see the path on how this variable value actually may become null, so
> we believe the issue is valid and null check should be present...
> Here are possible implications of the issue from the security perspective:
> http://cwe.mitre.org/data/definitions/476.html
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
-
To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org
For additional commands, e-mail: java-dev-h...@axis.apache.org
[jira] [Resolved] (AXIS2-5863) Possible null dereference in ServiceStub class
[
https://issues.apache.org/jira/browse/AXIS2-5863?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Petr Dvorak resolved AXIS2-5863.
Resolution: Fixed
> Possible null dereference in ServiceStub class
> --
>
> Key: AXIS2-5863
> URL: https://issues.apache.org/jira/browse/AXIS2-5863
> Project: Axis2
> Issue Type: Bug
> Components: codegen
>Affects Versions: 1.7.5
>Reporter: Petr Dvorak
>Priority: Minor
> Labels: security
> Fix For: 1.7.6
>
> Attachments: diff.patch
>
>
> We use Coverity Scan tool to audit our open-source code against security
> vulnerabilities. Possible NullPointerException was detected in Axis2
> generated ServiceStub class code. The issue occurs in following generated
> code:
> {code:java}
> } finally {
> if (_messageContext.getTransportOut() != null) {
> _messageContext.getTransportOut().getSender()
> .cleanup(_messageContext);
> }
> }
> {code}
> In case "_messageContext" is set to null, the if condition throws NPE. Also,
> we can see the path on how this variable value actually may become null, so
> we believe the issue is valid and null check should be present...
> Here are possible implications of the issue from the security perspective:
> http://cwe.mitre.org/data/definitions/476.html
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
-
To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org
For additional commands, e-mail: java-dev-h...@axis.apache.org
[jira] [Commented] (AXIS2-5863) Possible null dereference in ServiceStub class
[
https://issues.apache.org/jira/browse/AXIS2-5863?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16118962#comment-16118962
]
Petr Dvorak commented on AXIS2-5863:
You are right - I have run the static code analyzer and there are no issues.
Sorry for the confusion, I was eagerly checking the generated code and acted
too soon...
> Possible null dereference in ServiceStub class
> --
>
> Key: AXIS2-5863
> URL: https://issues.apache.org/jira/browse/AXIS2-5863
> Project: Axis2
> Issue Type: Bug
> Components: codegen
>Affects Versions: 1.7.5
>Reporter: Petr Dvorak
>Priority: Minor
> Labels: security
> Fix For: 1.7.6
>
> Attachments: diff.patch
>
>
> We use Coverity Scan tool to audit our open-source code against security
> vulnerabilities. Possible NullPointerException was detected in Axis2
> generated ServiceStub class code. The issue occurs in following generated
> code:
> {code:java}
> } finally {
> if (_messageContext.getTransportOut() != null) {
> _messageContext.getTransportOut().getSender()
> .cleanup(_messageContext);
> }
> }
> {code}
> In case "_messageContext" is set to null, the if condition throws NPE. Also,
> we can see the path on how this variable value actually may become null, so
> we believe the issue is valid and null check should be present...
> Here are possible implications of the issue from the security perspective:
> http://cwe.mitre.org/data/definitions/476.html
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
-
To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org
For additional commands, e-mail: java-dev-h...@axis.apache.org
[jira] [Reopened] (AXIS2-5863) Possible null dereference in ServiceStub class
[
https://issues.apache.org/jira/browse/AXIS2-5863?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Petr Dvorak reopened AXIS2-5863:
Universe is broken: The diff patch was not correctly applied. I can still see
the old code in 'trunk' and the issue is still present in 1.7.6.
> Possible null dereference in ServiceStub class
> --
>
> Key: AXIS2-5863
> URL: https://issues.apache.org/jira/browse/AXIS2-5863
> Project: Axis2
> Issue Type: Bug
> Components: codegen
>Affects Versions: 1.7.5
>Reporter: Petr Dvorak
>Priority: Minor
> Labels: security
> Fix For: 1.7.6
>
> Attachments: diff.patch
>
>
> We use Coverity Scan tool to audit our open-source code against security
> vulnerabilities. Possible NullPointerException was detected in Axis2
> generated ServiceStub class code. The issue occurs in following generated
> code:
> {code:java}
> } finally {
> if (_messageContext.getTransportOut() != null) {
> _messageContext.getTransportOut().getSender()
> .cleanup(_messageContext);
> }
> }
> {code}
> In case "_messageContext" is set to null, the if condition throws NPE. Also,
> we can see the path on how this variable value actually may become null, so
> we believe the issue is valid and null check should be present...
> Here are possible implications of the issue from the security perspective:
> http://cwe.mitre.org/data/definitions/476.html
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
-
To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org
For additional commands, e-mail: java-dev-h...@axis.apache.org
[jira] [Updated] (AXIS2-5863) Possible null dereference in ServiceStub class
[
https://issues.apache.org/jira/browse/AXIS2-5863?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Petr Dvorak updated AXIS2-5863:
---
Attachment: diff.patch
I'm attaching a patch file. The change seems very non-intrusive to me, I would
love if we could see it in 1.7.6! :-)
> Possible null dereference in ServiceStub class
> --
>
> Key: AXIS2-5863
> URL: https://issues.apache.org/jira/browse/AXIS2-5863
> Project: Axis2
> Issue Type: Bug
> Components: codegen
>Affects Versions: 1.7.5
>Reporter: Petr Dvorak
> Labels: security
> Attachments: diff.patch
>
>
> We use Coverity Scan tool to audit our open-source code against security
> vulnerabilities. Possible NullPointerException was detected in Axis2
> generated ServiceStub class code. The issue occurs in following generated
> code:
> {code:java}
> } finally {
> if (_messageContext.getTransportOut() != null) {
> _messageContext.getTransportOut().getSender()
> .cleanup(_messageContext);
> }
> }
> {code}
> In case "_messageContext" is set to null, the if condition throws NPE. Also,
> we can see the path on how this variable value actually may become null, so
> we believe the issue is valid and null check should be present...
> Here are possible implications of the issue from the security perspective:
> http://cwe.mitre.org/data/definitions/476.html
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
-
To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org
For additional commands, e-mail: java-dev-h...@axis.apache.org
[jira] [Created] (AXIS2-5829) JavaDoc warnings when using Axis2 (adl) to generate client
Petr Dvorak created AXIS2-5829:
--
Summary: JavaDoc warnings when using Axis2 (adl) to generate client
Key: AXIS2-5829
URL: https://issues.apache.org/jira/browse/AXIS2-5829
Project: Axis2
Issue Type: Bug
Reporter: Petr Dvorak
Priority: Trivial
Attachments: pom.xml, service.wsdl
I use {{axis2-wsdl2code-maven-plugin}} to generate a SOAP service client (using
default ADB).
However, the plugin generates JavaDoc warnings, like these (many more
instances):
{code:ActionScript}
[WARNING] Javadoc Warnings
[WARNING]
/private/tmp/lime-security-powerauth/powerauth-java-client-axis/target/generated-sources/axis2/wsdl2code/src/io/getlime/powerauth/soap/PowerAuthPortServiceStub.java:331:
warning - Tag @see: reference not found:
io.getlime.powerauth.soap.PowerAuthPortService#blockActivation
[WARNING]
/private/tmp/lime-security-powerauth/powerauth-java-client-axis/target/generated-sources/axis2/wsdl2code/src/io/getlime/powerauth/soap/PowerAuthPortServiceStub.java:447:
warning - Tag @see: reference not found:
io.getlime.powerauth.soap.PowerAuthPortService#startblockActivation
[WARNING]
/private/tmp/lime-security-powerauth/powerauth-java-client-axis/target/generated-sources/axis2/wsdl2code/src/io/getlime/powerauth/soap/PowerAuthPortServiceStub.java:599:
warning - Tag @see: reference not found:
io.getlime.powerauth.soap.PowerAuthPortService#getCallbackUrlList
[WARNING]
/private/tmp/lime-security-powerauth/powerauth-java-client-axis/target/generated-sources/axis2/wsdl2code/src/io/getlime/powerauth/soap/PowerAuthPortServiceStub.java:715:
warning - Tag @see: reference not found:
io.getlime.powerauth.soap.PowerAuthPortService#startgetCallbackUrlList
{code}
After looking into the JavaDoc, I noticed that while the JavaDoc refers to
{{PowerAuthPortService}} class, the actual generated class name is
{{PowerAuthPortServiceStub}}.
I assume I am probably supposed to implement my own {{PowerAuthPortService}}
that extends / encapsulates the {{PowerAuthPortServiceStub}} class (?). But
this should IMO be mentioned in the documentation more explicitly (the implicit
naming convention), or I should be able to specify the final client class name
to be referred in JavaDoc, since mine is {{PowerAuthServiceClient}} at the
moment...
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org
For additional commands, e-mail: java-dev-h...@axis.apache.org
[jira] [Created] (AXIS2-5827) Missing documentation on axis2-wsdl2code-maven-plugin configuration of Log4j
Petr Dvorak created AXIS2-5827:
--
Summary: Missing documentation on axis2-wsdl2code-maven-plugin
configuration of Log4j
Key: AXIS2-5827
URL: https://issues.apache.org/jira/browse/AXIS2-5827
Project: Axis2
Issue Type: Bug
Components: codegen
Reporter: Petr Dvorak
I am using axis2-wsdl2code-maven-plugin to generate my SOAP service client. The
plugin itself works correctly and it generates a correct SOAP client, but I get
following warning in console with every build:
{code}
log4j:WARN No appenders could be found for logger
(org.apache.axiom.locator.DefaultOMMetaFactoryLocator).
log4j:WARN Please initialize the log4j system properly.
{code}
I know I need to configure Log4j properties, but I haven't found any
documentation / help on how to do this for {{axis2-wsdl2code-maven-plugin}}...
This is my {{pom.xml}} file:
{code:xml}
http://maven.apache.org/POM/4.0.0;
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance;
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/maven-4.0.0.xsd;>
4.0.0
powerauth-java-client-axis
0.13.0
powerauth-java-client-axis
PowerAuth 2.0 Service Client - Axis
io.getlime.security
powerauth-parent
0.13.0
../pom.xml
org.apache.axis2
axis2
1.6.3
org.apache.axis2
axis2-adb
1.6.3
org.apache.axis2
axis2-transport-http
1.6.3
org.apache.axis2
axis2-transport-local
1.6.3
org.apache.ws.commons.axiom
axiom-api
1.2.20
org.apache.ws.commons.axiom
axiom-impl
1.2.20
org.apache.ws.security
wss4j
1.6.19
wsdl4j
wsdl4j
org.apache.axis2
axis2-wsdl2code-maven-plugin
1.6.4
wsdl2code
io.getlime.powerauth.soap
${basedir}/src/main/resources/soap/wsdl/service.wsdl
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org
For additional commands, e-mail: java-dev-h...@axis.apache.org
