You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (Jira)" <ji...@apache.org> on 2019/10/31 15:09:00 UTC
[jira] [Resolved] (CXF-8139) SecurityToken, parsing the lifetime
may cause a NullPointerException
[ https://issues.apache.org/jira/browse/CXF-8139?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh resolved CXF-8139.
--------------------------------------
Resolution: Fixed
> SecurityToken, parsing the lifetime may cause a NullPointerException
> --------------------------------------------------------------------
>
> Key: CXF-8139
> URL: https://issues.apache.org/jira/browse/CXF-8139
> Project: CXF
> Issue Type: Bug
> Components: STS
> Affects Versions: 3.1.6
> Reporter: Daniel Baumann
> Assignee: Colm O hEigeartaigh
> Priority: Major
> Fix For: 3.4.0, 3.3.5, 3.2.12
>
>
> According to [http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.html] the wsu:Created and wsu:Expires are optional elements in /wst:RequestSecurityToken/wst:Lifetime.
> When creating the org.apache.cxf.ws.security.tokenstore.SecurityToken using a lifetime Element where not both (created and expired) elements are set, a NullPointerException is thrown as there is no null-check on the child elements of the lifetime element.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)