Re: NPE when no token delivered with SecurityPolicy?

Tue, 10 Aug 2010 06:18:58 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

just an addition: the CXF version is 2.2.9.

- -- Michael


Am 10.08.2010 15:17, schrieb Michael Kleinhenz:
> Hi,
> 
> I have a CXF SOAP service configured to require a SAML token. If I try
> to access that service without a token, the server throws a NPE:
> 
> java.lang.NullPointerException
>       at
> org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenInInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:198)
> 
> The corresponding code line in IssuedTokenInterceptorProvider reads like
> this:
> 
>  Vector results = (Vector)message.get(WSHandlerConstants.RECV_RESULTS);
>  for (int i = 0; i < results.size(); i++) {
>          WSHandlerResult rResult = (WSHandlerResult) results.get(i);
>  [..]
> 
> Shouldn't this check for results being null like this:
> 
>  Vector results = null;
>  if ((results = (Vector)message
>               .get(WSHandlerConstants.RECV_RESULTS)) == null) {
>       throw new RuntimeException("No security results!");
>  }
>  for (int i = 0; i < results.size(); i++) {
>          WSHandlerResult rResult = (WSHandlerResult) results.get(i);
> 
> (maybe with something else than a RTE obviously)?
> 
> Maybe I have done something wrong in the server configuration, but the
> execution never reaches my security callback to check the (even
> non-existent) token but fails right at retrieving the RECV_RESULTS key
> from the message context.
> 
> Any opinions?
> 
> Thanks,
> Michael
> 
> 

- -- 
Dipl.-Technoinform Michael Kleinhenz

tarent Gesellschaft für Softwareentwicklung und IT-Beratung mbH
Geschäftsführer: Boris Esser, Elmar Geese
HRB AG Bonn 5168 - USt-ID (VAT): DE122264941

Heilsbachstraße 24, 53123 Bonn,   Telefon: +49 228 52675-0
Thiemanstraße 36a,  12059 Berlin, Telefon: +49 30 5682943-30
Internet: http://www.tarent.de/ • Telefax: +49 228 52675-25
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJMYVGPAAoJEDXyhJ6Q5l/LtsoH/3jOxGLxXbGugYrCISgHX0fI
7pqN8J8LPQ0Po3rpYI/5tGKaKjEnx3NIRuQlRV4kdTXsClXvxSq3m1DtFOcyRZxS
HE9mMj19QoTBRvEtmxzbmscQkWsU4epAiXorCd8F3o+7xcGnmOUE/puiZDLl9Ofw
01HbD+a9cM+o2UERWksHrrrf+mUr+bAXaSC1JLBtnmscx6pntcGfcsjZ18eUbOJd
ND3WykQAGbxdelGC/uF92PJEw8dIBUTSuen0kUz11tULYjQmOPdton+kPv7uduBg
MEIXvtcD7vUo+fOLucr3KuUcQkJ242xhpoWyRfrluZK3gPXYOvZQ1dDRa8ob4Ls=
=tHGy
-----END PGP SIGNATURE-----

Reply via email to