Problem with SamlHeaderIn

[geecxf]

This is regarding cxf version 2.7.2. My systests/rs-security builds fine and
all tests pass. However, if I try to host a RESTful service in an OSGI
container with a class="org.apache.cxf.rs.security.saml.SamlHeaderInHandler
provider to handle authentication I get the following exception:

2013-02-12
16:35:29,204[qtp1827713539-118]|WARN|org.apache.cxf.jaxrs.impl.WebApplicationExceptionMapper|144-org.apache.cxf.bundle-minimal-2.7.2|javax.ws.rs.NotAuthorizedException:
java.lang.IllegalArgumentException: InputStream cannot be null
        at
org.apache.cxf.rs.security.saml.AbstractSamlInHandler.throwFault(AbstractSamlInHandler.java:161)
        at
org.apache.cxf.rs.security.saml.AbstractSamlInHandler.validateToken(AbstractSamlInHandler.java:127)
        at
org.apache.cxf.rs.security.saml.AbstractSamlInHandler.validateToken(AbstractSamlInHandler.java:91)
        at
org.apache.cxf.rs.security.saml.AbstractSamlBase64InHandler.handleToken(AbstractSamlBase64InHandler.java:53)
        at
org.apache.cxf.rs.security.saml.SamlHeaderInHandler.handleRequest(SamlHeaderInHandler.java:51)
        at
org.apache.cxf.jaxrs.interceptor.JAXRSInInterceptor.processRequest(JAXRSInInterceptor.java:190)
        at
org.apache.cxf.jaxrs.interceptor.JAXRSInInterceptor.handleMessage(JAXRSInInterceptor.java:97)
        at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
        at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
        at
org.apache.cxf.transport.http_jetty.JettyHTTPDestination.serviceRequest(JettyHTTPDestination.java:355)
        at
org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(JettyHTTPDestination.java:319)
        at
org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java:72)
        at
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1040)
        at
org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:976)
        at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
        at
org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
        at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
        at org.eclipse.jetty.server.Server.handle(Server.java:363)
        at
org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:483)
        at
org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:920)
        at
org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:982)
        at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:635)
        at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)
        at
org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
        at org.eclipse.jetty.io.nio.SslConnection.handle(SslConnection.java:196)
        at
org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:627)
        at
org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:51)
        at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
        at
org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
        at java.lang.Thread.run(Thread.java:680)
Caused by: java.lang.IllegalArgumentException: InputStream cannot be null
        at javax.xml.parsers.DocumentBuilder.parse(Unknown Source)
        at
org.opensaml.xml.parse.BasicParserPool$DocumentBuilderProxy.parse(BasicParserPool.java:671)
        at 
org.opensaml.xml.parse.BasicParserPool.parse(BasicParserPool.java:215)
        at org.opensaml.xml.XMLConfigurator.load(XMLConfigurator.java:141)
        at
org.apache.ws.security.saml.ext.OpenSAMLBootstrap.initializeXMLTooling(OpenSAMLBootstrap.java:99)
        at
org.apache.ws.security.saml.ext.OpenSAMLBootstrap.bootstrap(OpenSAMLBootstrap.java:80)
        at
org.apache.ws.security.saml.ext.OpenSAMLUtil.initSamlEngine(OpenSAMLUtil.java:61)
        at
org.apache.ws.security.saml.ext.AssertionWrapper.<init>(AssertionWrapper.java:155)
        at
org.apache.cxf.rs.security.saml.AbstractSamlInHandler.validateToken(AbstractSamlInHandler.java:97)
        ... 28 more


In terms of debugging here's what I know:
1. The authentication header of the request looks like it has a SAML
assertion in it.
2. The input stream that contains the SAML assertion is not null.
3. The result of DocumentBuilderImpl.parse on the input stream returns a
null "Doc" instance.

I feel like maybe my OSGI runtime is using the wrong parser or something. If
anyone knows why this is happening or can offer some helpful debugging
suggestions I would greatly appreciate it.

Thanks,

D



--
View this message in context: 
http://cxf.547215.n5.nabble.com/Problem-with-SamlHeaderIn-tp5723070.html
Sent from the cxf-user mailing list archive at Nabble.com.