Really appreciate your timely help Dan. Will look forward to tomorrow's build.
best regards Sid dkulp wrote: > > > Thanks for following up with them. Their hints helped me figure out where > to > look. I THINK I see what may be happening here on our side and I've just > committed a fix. If you could test tomorrows snapshots (or checkout the > source and build it) to see if that helps, that would be great. > > Dan > > On Mon March 1 2010 11:20:28 pm PrSd wrote: >> Dan, >> >> I approached the folks at OpenSAML. As per Scott Cantor (one of the >> person >> heading that project), the issue is not at the SAML end, it is where DOM >> is >> first being created. The XML Parser is creating the DOM without namespace >> awareness which causes the SAML code to fail when it tries creating a >> QName(localpart). The localName of the DOM attribute is null. >> >> Following link is a detailed exchange I had with them >> https://mail.internet2.edu/wws/arc/mace-opensaml-users/2010-03/msg00025.htm >> l >> >> >> >> He clearly mentioned that I need to use a DOM2 or DOM3 Level >> specification. >> It is also possible that the CXF client or server side SOAP/SAAJ >> Interceptors are altering the DOM in a certain way that is causing the >> umarshalling process using the SAML to fail. >> >> I managed to catch hold of the stack trace on the client side. >> >> at >> org.apache.cxf.binding.soap.saaj.SAAJInInterceptor.handleMessage(SAAJInInte >> rceptor.java:154) at >> org.apache.cxf.jaxws.handler.soap.SOAPMessageContextImpl.getMessage(SOAPMes >> sageContextImpl.java:78) at >> org.apache.cxf.jaxws.handler.soap.SOAPHandlerInterceptor.createProtocolMess >> ageContext(SOAPHandlerInterceptor.java:236) at >> org.apache.cxf.jaxws.handler.soap.SOAPHandlerInterceptor.handleMessageInter >> nal(SOAPHandlerInterceptor.java:144) at >> org.apache.cxf.jaxws.handler.soap.SOAPHandlerInterceptor.handleMessage(SOAP >> HandlerInterceptor.java:119) at >> org.apache.cxf.jaxws.handler.soap.SOAPHandlerInterceptor.handleMessage(SOAP >> HandlerInterceptor.java:69) at >> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai >> n.java:243) at >> org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:672) at >> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRespons >> eInternal(HTTPConduit.java:2210) at >> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRespons >> e(HTTPConduit.java:2087) at >> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPCon >> duit.java:1985) at >> org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66) >> at >> org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:640) at >> org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInte >> rceptor.handleMessage(MessageSenderInterceptor.java:62) at >> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai >> n.java:243) at >> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:484) at >> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:310) at >> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:262) at >> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) at >> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124) >> at $Proxy47.findTaskListUsingLoginCreds(Unknown Source) >> at >> com.hsc.security.saml.soap.SpringWSClient.main(SpringWSClient.java:77) >> >> Q1. Does CXF uses its own DOM Parser when building the SOAPMessages? Is >> there a way to turn on the namespace awareness at DOM parsing time. >> Q2. If not, can we turn off the CXF interceptors on both the client and >> server side and if we do are there any ripple effects. As you are already >> aware I am using a JAX WS Handler to intercept the SOAP request - Will >> that >> be sufficient or I would still need the SOAP and SAAJ interceptors? >> >> Eagerly waiting to hear from you >> >> thanks >> Sid >> >> dkulp wrote: >> > This is being thrown from down in Opensaml. I really don't know what >> > would >> > cause it. You would probably need to ask on their lists and give them >> > the >> > stack trace and the XML of the SAML assertion. >> > >> > Dan >> >> dkulp wrote: >> > This is being thrown from down in Opensaml. I really don't know what >> > would >> > cause it. You would probably need to ask on their lists and give them >> > the >> > stack trace and the XML of the SAML assertion. >> > >> > Dan >> > >> > On Fri February 26 2010 7:19:15 pm PrSd wrote: >> >> Daniel, >> >> >> >> Here is the stack trace you had requested regarding this issue. I just >> >> cannot figure out a solution to this >> >> >> >> [2/26/10 17:16:11:596 EST] 0000001c SystemErr R >> >> java.lang.IllegalArgumentException: local part cannot be "null" when >> >> creating a QName >> >> [2/26/10 17:16:11:612 EST] 0000001c SystemErr R at >> >> javax.xml.namespace.QName.<init>(Unknown Source) >> >> [2/26/10 17:16:11:612 EST] 0000001c SystemErr R at >> >> javax.xml.namespace.QName.<init>(Unknown Source) >> >> [2/26/10 17:16:11:612 EST] 0000001c SystemErr R at >> >> org.opensaml.xml.util.XMLHelper.constructQName(XMLHelper.java:433) >> >> [2/26/10 17:16:11:612 EST] 0000001c SystemErr R at >> >> org.opensaml.xml.util.XMLHelper.getNodeQName(XMLHelper.java:171) >> >> [2/26/10 17:16:11:612 EST] 0000001c SystemErr R at >> >> >> org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshallAttribute(Ab >> >> str actXMLObjectUnmarshaller.java:215) [2/26/10 17:16:11:612 EST] >> >> 0000001c SystemErr R at >> >> >> org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshall(AbstractXML >> >> Obj ectUnmarshaller.java:107) [2/26/10 17:16:11:612 EST] 0000001c >> >> SystemErr R at >> >> >> com.syscom.hsc.web.soap.ServiceSAMLHandler.handleMessage(ServiceSAMLHand >> >> ler .java:222) [2/26/10 17:16:11:612 EST] 0000001c SystemErr R >> at >> >> >> com.syscom.hsc.web.soap.ServiceSAMLHandler.handleMessage(ServiceSAMLHan >> >> dler .java:1) [2/26/10 17:16:11:612 EST] 0000001c SystemErr R >> at >> >> >> org.apache.cxf.jaxws.handler.HandlerChainInvoker.invokeHandleMessage(Ha >> >> ndle rChainInvoker.java:335) [2/26/10 17:16:11:612 EST] 0000001c >> >> SystemErr R >> >> >> >> at >> >> >> >> >> org.apache.cxf.jaxws.handler.HandlerChainInvoker.invokeHandlerChain(Hand >> >> ler ChainInvoker.java:253) [2/26/10 17:16:11:612 EST] 0000001c >> SystemErr >> >> R >> >> >> >> at >> >> >> >> >> org.apache.cxf.jaxws.handler.HandlerChainInvoker.invokeProtocolHandlers( >> >> Han dlerChainInvoker.java:131) [2/26/10 17:16:11:612 EST] 0000001c >> >> SystemErr >> >> >> >> R at >> >> >> >> >> org.apache.cxf.jaxws.handler.soap.SOAPHandlerInterceptor.handleMessageIn >> >> ter nal(SOAPHandlerInterceptor.java:152) [2/26/10 17:16:11:612 EST] >> >> 0000001c SystemErr R at >> >> >> org.apache.cxf.jaxws.handler.soap.SOAPHandlerInterceptor.handleMessage(S >> >> OAP HandlerInterceptor.java:119) [2/26/10 17:16:11:612 EST] 0000001c >> >> SystemErr >> >> >> >> R at >> >> >> >> >> org.apache.cxf.jaxws.handler.soap.SOAPHandlerInterceptor.handleMessage(S >> >> OAP HandlerInterceptor.java:69) [2/26/10 17:16:11:612 EST] 0000001c >> >> SystemErr >> >> >> >> R at >> >> >> >> >> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC >> >> hai n.java:243) [2/26/10 17:16:11:612 EST] 0000001c SystemErr R >> >> at >> >> >> org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiat >> >> ionO bserver.java:109) [2/26/10 17:16:11:612 EST] 0000001c SystemErr >> >> R at >> >> >> org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestin >> >> ati on.java:98) [2/26/10 17:16:11:612 EST] 0000001c SystemErr R >> >> at >> >> >> org.apache.cxf.transport.servlet.ServletController.invokeDestination(Se >> >> rvle tController.java:406) [2/26/10 17:16:11:612 EST] 0000001c >> SystemErr >> >> R >> >> >> >> at >> >> >> >> >> org.apache.cxf.transport.servlet.ServletController.invoke(ServletControl >> >> ler .java:178) [2/26/10 17:16:11:612 EST] 0000001c SystemErr R >> at >> >> >> org.apache.cxf.transport.servlet.AbstractCXFServlet.invoke(AbstractCXFS >> >> ervl et.java:142) [2/26/10 17:16:11:612 EST] 0000001c SystemErr R >> >> at >> >> >> org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(Abst >> >> ract HTTPServlet.java:179) [2/26/10 17:16:11:612 EST] 0000001c >> SystemErr >> >> R >> >> >> >> at >> >> >> >> >> org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTP >> >> Ser vlet.java:103) [2/26/10 17:16:11:612 EST] 0000001c SystemErr R >> >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:763) >> >> [2/26/10 17:16:11:612 EST] 0000001c SystemErr R at >> >> >> org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTT >> >> PSe rvlet.java:159) [2/26/10 17:16:11:612 EST] 0000001c SystemErr >> R >> >> at >> >> >> com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.j >> >> ava: 1096) [2/26/10 17:16:11:612 EST] 0000001c SystemErr R at >> >> >> com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWra >> >> pper .java:570) [2/26/10 17:16:11:612 EST] 0000001c SystemErr R >> >> at >> >> >> com.ibm.ws.wswebcontainer.servlet.ServletWrapper.handleRequest(ServletW >> >> rapp er.java:478) [2/26/10 17:16:11:612 EST] 0000001c SystemErr R >> >> at >> >> >> com.ibm.ws.webcontainer.servlet.CacheServletWrapper.handleRequest(Cache >> >> Serv letWrapper.java:90) [2/26/10 17:16:11:612 EST] 0000001c SystemErr >> >> R >> >> >> >> at >> >> >> >> >> com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:748 >> >> ) [2/26/10 17:16:11:612 EST] 0000001c SystemErr R at >> >> >> com.ibm.ws.wswebcontainer.WebContainer.handleRequest(WebContainer.java:1 >> >> 466 ) [2/26/10 17:16:11:612 EST] 0000001c SystemErr R at >> >> >> com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:1 >> >> 19) [2/26/10 17:16:11:612 EST] 0000001c SystemErr R at >> >> >> com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscriminatio >> >> n(H ttpInboundLink.java:458) [2/26/10 17:16:11:612 EST] 0000001c >> >> SystemErr R at >> >> >> com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformatio >> >> n(H ttpInboundLink.java:387) [2/26/10 17:16:11:612 EST] 0000001c >> >> SystemErr R at >> >> >> com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLi >> >> nk. java:267) [2/26/10 17:16:11:612 EST] 0000001c SystemErr R >> at >> >> >> com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDisc >> >> rimi nators(NewConnectionInitialReadCallback.java:214) [2/26/10 >> >> 17:16:11:612 EST] 0000001c SystemErr R at >> >> >> com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(Ne >> >> wCo nnectionInitialReadCallback.java:113) [2/26/10 17:16:11:612 EST] >> >> 0000001c SystemErr R at >> >> >> com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(Ai >> >> oRe adCompletionListener.java:165) [2/26/10 17:16:11:612 EST] 0000001c >> >> SystemErr R at >> >> >> com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture. >> >> jav a:217) [2/26/10 17:16:11:612 EST] 0000001c SystemErr R at >> >> >> com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelF >> >> utur e.java:161) [2/26/10 17:16:11:612 EST] 0000001c SystemErr R >> >> at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:136) >> >> [2/26/10 17:16:11:612 EST] 0000001c SystemErr R at >> >> com.ibm.io.async.ResultHandler.complete(ResultHandler.java:195) >> >> [2/26/10 17:16:11:612 EST] 0000001c SystemErr R at >> >> >> com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java >> >> :74 3) [2/26/10 17:16:11:612 EST] 0000001c SystemErr R at >> >> com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:873) >> >> [2/26/10 17:16:11:612 EST] 0000001c SystemErr R at >> >> com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1473) >> > >> > ----------- >> > >> >> > Here is the SAML Assertion that is being sent into the SOAP Header >> >> > <soap:Envelope >> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";> >> >> > >> >> > <soap:Header> >> >> > <wsse:Security >> >> >> >> >> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse >> >> c >> >> >> >> > urity-secext-1.0.xsd"> >> >> > >> >> > <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" >> >> > ID="123" IssueInstant="2010-02-24T19:10:32.724Z" Version="2.0"> >> >> > >> >> > <saml2:Issuer>http://localhost:9088</saml2:Issuer> >> >> > >> >> > <saml2:Subject> >> >> > >> >> > <saml2:NameID >> >> >> >> >> Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName">p8adm >> >> i >> >> >> >> > n</saml2:NameID> </saml2:Subject> >> >> > >> >> > <saml2:AuthnStatement >> >> > >> >> > AuthnInstant="2010-02-24T19:10:32.787Z"> >> >> > >> >> > <saml2:AuthnContext> >> >> >> >> >> <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:X509< >> >> / >> >> >> >> > saml2:AuthnContextClassRef> >> >> > >> >> > </saml2:AuthnContext> >> >> > >> >> > </saml2:AuthnStatement> >> >> > >> >> > <saml2:AuthzDecisionStatement Decision="Permit" Resource="DoubleIt"> >> >> > >> >> > <saml2:Action >> >> >> >> >> Namespace="urn:doubleit:doubleitactions">DoubleEvenNumbers</saml2:Action >> >> > >> >> >> >> > </saml2:AuthzDecisionStatement> >> >> > >> >> > <saml2:AttributeStatement> >> >> > >> >> > <saml2:Attribute Name="degree" >> >> > NameFormat="http://www.example.org/DoubleIt/Security";> >> >> > >> >> > <saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"; >> >> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> >> > xsi:type="xs:string">Mathematics</saml2:AttributeValue> >> >> > </saml2:Attribute></saml2:AttributeStatement> >> >> > >> >> > </saml2:Assertion></wsse:Security></soap:Header> >> >> > >> >> > <soap:Body><findTaskListUsingLoginCreds >> >> > xmlns="http://web.hsc.syscom.com/";><username >> >> > xmlns="http://web.hsc.syscom.com/";>kpham</username><password >> >> > xmlns="http://web.hsc.syscom.com/";>hdfuhgdg</password><category >> >> >> >> >> xmlns="http://web.hsc.syscom.com/";>GETFULLEOPINWRK</category><maxResults >> >> >> >> >> xmlns="http://web.hsc.syscom.com/";>-1</maxResults></findTaskListUsingLog >> >> i >> >> >> >> > nCreds></soap:Body></soap:Envelope> > > -- > Daniel Kulp > [email protected] > http://www.dankulp.com/blog > > -- View this message in context: http://old.nabble.com/local-part-cannot-be-%22null%22-when-creating-a-QName-tp27714287p27757264.html Sent from the cxf-user mailing list archive at Nabble.com.
