Hi Stephen, This NPE is due to the fact that we don't validate "ActAs" tokens using a TokenValidator instance in the STS, only "OnBehalfOf" tokens (+ hence no principal is created for the token, causing the NPE). Unfortunately this fix is too late for the current release votes, and so it'll be fixed in the next set of releases:
https://issues.apache.org/jira/browse/CXF-5885 Colm. On Wed, Jul 16, 2014 at 8:15 PM, <[email protected]> wrote: > Oops, sorry about the mangled source line in my original message. This is > the line the exception is referencing... > > map.put(KEYS.ONBEHALFOF_PRINCIPAL.name(), > params.getTokenRequirements().getActAs().getPrincipal().getName()); > > Stephen W. Chappell > > > -----Original Message----- > From: Chappell, Stephen CTR (FAA) > Sent: Wednesday, July 16, 2014 3:06 PM > To: [email protected] > Subject: NullPointer in ...sts.event.map.EventMapper > > I recently enabled audit logging in my STS (based on 2.7.12-SNAPSHOT), by > configuring eventListener in my TokenIssueOperation with an > org.apache.cxf.sts.event.map.EventMapper object. This works great in most > cases. But when my incoming RST contains an ActAs element, I get a > NullPointerException: > > java.lang.NullPointerException > at > org.apache.cxf.sts.event.map.EventMapper.handleEvent(EventMapper.java:106) > at > org.apache.cxf.sts.event.map.EventMapper.handleSTSEvent(EventMapper.java:70) > at > org.apache.cxf.sts.operation.AbstractOperation.publishEvent(AbstractOperation.java:729) > at > org.apache.cxf.sts.operation.TokenIssueOperation.issueSingle(TokenIssueOperation.java:233) > at > org.apache.cxf.sts.operation.TokenIssueOperation.issue(TokenIssueOperation.java:83) > ... > > If I de-configure eventListener in my TokenIssueOperation I have no > issues. Looking over the handleEvent method, it looks like it is > referencing this line: > > > map.put< > http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/6-b27/java/util/Map.java#Map.put%28java.lang.String%2Cjava.lang.Object%29 > >(KEYS< > http://grepcode.com/file/repo1.maven.org/maven2/org.apache.cxf.services.sts/cxf-services-sts-core/2.7.11/org/apache/cxf/sts/event/map/KEYS.java#KEYS.0ACTAS_PRINCIPAL > >.ACTAS_PRINCIPAL< > http://grepcode.com/file/repo1.maven.org/maven2/org.apache.cxf.services.sts/cxf-services-sts-core/2.7.11/org/apache/cxf/sts/event/map/KEYS.java#KEYS.0ACTAS_PRINCIPAL > >.name< > http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/6-b27/java/lang/Enum.java#Enum.name%28%29>(), > params.getTokenRequirements< > http://grepcode.com/file/repo1.maven.org/maven2/org.apache.cxf.services.sts/cxf-services-sts-core/2.7.11/org/apache/cxf/sts/token/provider/TokenProviderParameters.java#TokenProviderParameters.getTokenRequirements%28%29 > >().getActAs< > http://grepcode.com/file/repo1.maven.org/maven2/org.apache.cxf.services.sts/cxf-services-sts-core/2.7.11/org/apache/cxf/sts/request/TokenRequirements.java#TokenRequirements.getActAs%28%29 > >().getPrincipal< > http://grepcode.com/file/repo1.maven.org/maven2/org.apache.cxf.services.sts/cxf-services-sts-core/2.7.11/org/apache/cxf/sts/request/ReceivedToken.java#ReceivedToken.getPrincipal%28%29 > >().getName< > http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/6-b27/java/security/Principal.java#Principal.getName%28%29 > >()); > > I haven't had a chance to track it much further than this, but it looks > like the event handler is either prematurely accessing the ActAs token, or > the ActAs token was read in and not parseable. The ActAs element, in my > case, contains a SAML 2 assertion previously issued by this STS, so it > should certainly be parseable, and in fact when I disable audit logging > everything works fine and completes normally. I've been away for a few > weeks, but my recollection is that this all worked fine three weeks ago. > Has something changed in the snapshot? Any help or insight would be > appreciated, thanx! > > > Stephen W. Chappell > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
