You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (Jira)" <ji...@apache.org> on 2019/10/31 15:09:00 UTC

[jira] [Resolved] (CXF-8139) SecurityToken, parsing the lifetime may cause a NullPointerException

     [ https://issues.apache.org/jira/browse/CXF-8139?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh resolved CXF-8139.
--------------------------------------
    Resolution: Fixed

> SecurityToken, parsing the lifetime may cause a NullPointerException
> --------------------------------------------------------------------
>
>                 Key: CXF-8139
>                 URL: https://issues.apache.org/jira/browse/CXF-8139
>             Project: CXF
>          Issue Type: Bug
>          Components: STS
>    Affects Versions: 3.1.6
>            Reporter: Daniel Baumann
>            Assignee: Colm O hEigeartaigh
>            Priority: Major
>             Fix For: 3.4.0, 3.3.5, 3.2.12
>
>
> According to [http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.html] the wsu:Created and wsu:Expires are optional elements in /wst:RequestSecurityToken/wst:Lifetime.
> When creating the org.apache.cxf.ws.security.tokenstore.SecurityToken using a lifetime Element where not both (created and expired) elements are set, a NullPointerException is thrown as there is no null-check on the child elements of the lifetime element.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)