[ https://issues.apache.org/jira/browse/WSS-235?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
martin voegeli updated WSS-235: ------------------------------- Problem also arises with xmlbeans/2.5.0 > xmlsec/1.4.3 not compatible with xmlbeans/2.4.0, resulting in > NullPointerException in IdResolver, more robustness would help > ---------------------------------------------------------------------------------------------------------------------------- > > Key: WSS-235 > URL: https://issues.apache.org/jira/browse/WSS-235 > Project: WSS4J > Issue Type: Wish > Environment: xmm security structure generated with xmlbeans, verified > with xmlsec. > Reporter: martin voegeli > Assignee: Ruchith Udayanga Fernando > Priority: Minor > Original Estimate: 1h > Remaining Estimate: 1h > > IdResolver.java was refactored from release xmlsec/1.3.0 to xmlsec/1.4.3. > (I know, not part of wss4j, but xmlsec seams to be a sub-component here). > Symptoms: > java.lang.NullPointerException > at org.apache.xml.security.utils.IdResolver.isElement(Unknown Source) > at org.apache.xml.security.utils.IdResolver.getEl(Unknown Source) > at org.apache.xml.security.utils.IdResolver.getElementBySearching(Unknown > Source) > at org.apache.xml.security.utils.IdResolver.getElementById(Unknown Source) > at > org.apache.xml.security.utils.resolver.implementations.ResolverFragment.engineResolve(Unknown > Source) > at > org.apache.xml.security.utils.resolver.ResourceResolver.resolve(Unknown > Source) > Problem: > Under certain circumstances, the ID attribute of an XML node in the XMLBeans > DOM implementation is treated as !nodeCanHavePrefixUri (which might not be > DOM specification compliant, but never mind). The Id Resolver code does not > expect this behavior > xmlbenas/2.4.0 org.apache.xmlbeans.impl.store.DomImpl > public static String _node_getLocalName ( Dom n ) > { > if (! n.nodeCanHavePrefixUri() ) return null; > QName name = n.getQName(); > return name == null ? "" : name.getLocalPart(); > } > xml-security/1.4.3 org.apache.xml.security.utils.IdResolver: > Suggested robustness optimization near line 247: > String name=n.getLocalName(); > if (name == null) { name = n.getName(); } <<< > Changing xmlbeans to not return null as a local name might be the better > solution but that change seems somewhat risky. > thanks > martin -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- To unsubscribe, e-mail: wss4j-dev-unsubscr...@ws.apache.org For additional commands, e-mail: wss4j-dev-h...@ws.apache.org