You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Anthony Davidson <am...@gmail.com> on 2009/06/29 17:05:27 UTC
NullPointerException in PolicyEngineImpl
Hello,
I am using CXF 2.2.2 and I am trying to implement a policy that requires
transport-level security for securing messages. I followed the intructions
for enabling and configuring the policy engine (
http://cwiki.apache.org/CXF20DOC/wspconfiguration.html). The contents of my
cxf.xml is included below along with my policy expression, which is
contained in a separate file called policies.xml. When I ran my code I got
an error shown in the stacktrace below. I did some searching online and
found a currently open bug describing the same problem (
https://issues.apache.org/jira/browse/CXF-1318?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
).
I tried the workaround given in the bug and it got rid of the
NullPointerException, however, the policy now isn't being enforced. Does
anyone have any ideas on how I can have CXF enforce transport-level
security?
Thanks.
cxf.xml
======
<?xml version="1.0" encoding="UTF-8" ?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:p="http://cxf.apache.org/policy"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:http-conf="http://cxf.apache.org/transports/http/configuration"
xmlns:cxf="http://cxf.apache.org/core"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xsi:schemaLocation="
http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://cxf.apache.org/policy
http://cxf.apache.org/schemas/policy.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd">
<!-- This causes NPE in PolicyEngineImpl -->
<!--
<p:engine enabled="true" ignoreUnknownAssertions="false"/>
<p:externalAttachment location="classpath:/policies.xml"/>
-->
<bean
class="org.apache.cxf.ws.policy.attachment.external.ExternalAttachmentProvider">
<constructor-arg ref="cxf"/>
<property name="location" value="classpath:/policies.xml"/>
</bean>
<bean id="org.apache.cxf.ws.policy.PolicyEngine"
class="org.apache.cxf.ws.policy.spring.InitializingPolicyEngine">
<property name="bus" ref="cxf"/>
<property name="enabled" value="true"/>
</bean>
</beans>
policies.xml
=========
<?xml version="1.0" encoding="UTF-8" ?>
<attachments xmlns:wsp="http://www.w3.org/ns/ws-policy"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:PolicyAttachment>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>xs:anyURI</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wsp:Policy>
<sp:TransportBinding>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken>
<wsp:Policy/>
</sp:HttpsToken>
</wsp:Policy>
</sp:TransportToken>
</wsp:Policy>
</sp:TransportBinding>
</wsp:Policy>
</wsp:PolicyAttachment>
</attachments>
Stacktrace
========
java.lang.NullPointerException
org.apache.cxf.ws.policy.PolicyEngineImpl.supportsAlternative(PolicyEngineImpl.java:499)
org.apache.cxf.ws.policy.EndpointPolicyImpl.getSupportedAlternatives(EndpointPolicyImpl.java:166)
org.apache.cxf.ws.policy.EndpointPolicyImpl.chooseAlternative(EndpointPolicyImpl.java:153)
org.apache.cxf.ws.policy.EndpointPolicyImpl.finalizeConfig(EndpointPolicyImpl.java:137)
org.apache.cxf.ws.policy.EndpointPolicyImpl.initialize(EndpointPolicyImpl.java:133)
org.apache.cxf.ws.policy.PolicyEngineImpl.createEndpointPolicyInfo(PolicyEngineImpl.java:482)
org.apache.cxf.ws.policy.PolicyEngineImpl.getEndpointPolicy(PolicyEngineImpl.java:229)
org.apache.cxf.ws.policy.PolicyEngineImpl.getServerEndpointPolicy(PolicyEngineImpl.java:217)
org.apache.cxf.transport.http.policy.PolicyUtils.getServer(PolicyUtils.java:180)
org.apache.cxf.transport.http.AbstractHTTPDestination.initConfig(AbstractHTTPDestination.java:398)
org.apache.cxf.transport.http.AbstractHTTPDestination.<init>(AbstractHTTPDestination.java:119)
org.apache.cxf.transport.servlet.ServletDestination.<init>(ServletDestination.java:66)
org.apache.cxf.transport.servlet.ServletTransportFactory.getDestination(ServletTransportFactory.java:102)
org.apache.cxf.endpoint.ServerImpl.initDestination(ServerImpl.java:90)
org.apache.cxf.endpoint.ServerImpl.<init>(ServerImpl.java:69)
org.apache.cxf.frontend.ServerFactoryBean.create(ServerFactoryBean.java:118)
org.apache.cxf.jaxws.JaxWsServerFactoryBean.create(JaxWsServerFactoryBean.java:167)
org.apache.cxf.jaxws.EndpointImpl.getServer(EndpointImpl.java:346)
org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:259)
org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:209)
org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:404)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeCustomInitMethod(AbstractAutowireCapableBeanFactory.java:1413)
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1374)
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1334)
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:473)
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409)
java.security.AccessController.doPrivileged(Native Method)
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380)
org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264)
org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:221)
org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:261)
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164)
org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:429)
org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:729)
org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:381)
org.apache.cxf.transport.servlet.CXFServlet.loadAdditionalConfig(CXFServlet.java:166)
org.apache.cxf.transport.servlet.CXFServlet.updateContext(CXFServlet.java:134)
org.apache.cxf.transport.servlet.CXFServlet.loadSpringBus(CXFServlet.java:101)
org.apache.cxf.transport.servlet.CXFServlet.loadBus(CXFServlet.java:70)
org.apache.cxf.transport.servlet.AbstractCXFServlet.init(AbstractCXFServlet.java:79)
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
java.lang.Thread.run(Thread.java:619)
Re: NullPointerException in PolicyEngineImpl
Posted by Daniel Kulp <dk...@apache.org>.
On Tue June 30 2009 12:01:34 pm Anthony Davidson wrote:
> The deficiency in the class EndpointReferenceDomainExpression is still a
> problem though. The ws addressing schema (
> http://www.w3.org/2006/03/addressing/ws-addr.xsd) indicates that xs:anyURI
> is a valid value for the Address element.
Actually, the schema says the TYPE (actually baseType) of the Address element
is anyURI. It doesn't say that anyURI is a valid value. Thus, the value in
the type needs to be a valid URI according to XML Schema rules:
http://www.w3.org/TR/xmlschema-2/#anyURI
"The ·lexical space· of anyURI is finite-length character sequences which,
when the algorithm defined in Section 5.4 of [XML Linking Language] is applied
to them, result in strings which are legal URIs according to [RFC 2396], as
amended by [RFC 2732]."
I don't think "xsd:anyURI" (which is a QName) would meet that criteria.
> Since CXF isn't honoring this value, it seems this is a bug.
While not a bug, it's definitely something that I also consider a deficiency.
I'm wondering if we could treat it as a regex pattern or something that could
be applied. Thus, you could specify ".*" for everything, or "http://.*" for
all http and "https://" for all https or similar.
--
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog
Re: NullPointerException in PolicyEngineImpl
Posted by Anthony Davidson <am...@gmail.com>.
I have been able to get this working by specifying a specific port in the
Address element. Here is what the policy file looks like now:
<?xml version="1.0" encoding="UTF-8" ?>
<attachments xmlns:wsp="http://www.w3.org/ns/ws-policy"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:PolicyAttachment>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>/AuthenticationService</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wsp:Policy>
<sp:TransportBinding>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken RequireClientCertificate="true">
<wsp:Policy/>
</sp:HttpsToken>
</wsp:Policy>
</sp:TransportToken>
</wsp:Policy>
</sp:TransportBinding>
</wsp:Policy>
</wsp:PolicyAttachment>
</attachments>
The deficiency in the class EndpointReferenceDomainExpression is still a
problem though. The ws addressing schema (
http://www.w3.org/2006/03/addressing/ws-addr.xsd) indicates that xs:anyURI
is a valid value for the Address element. Since CXF isn't honoring this
value, it seems this is a bug.
Re: NullPointerException in PolicyEngineImpl
Posted by Anthony Davidson <am...@gmail.com>.
I tried switching to the URI for a specific endpoint and the policies still
seem to be ignored. I looked at the documentation again and I saw something
that said that CXF only supports Assertion implementation for the following
Assertion types:
{http://schemas.xmlsoap.org/ws/2005/02/rm/policy}RMAssertion
{http://www.w3.org/2007/01/addressing/metadata}Addressing
{http://www.w3.org/2007/01/addressing/metadata}AnonymousResponses
{http://www.w3.org/2007/01/addressing/metadata}NonAnonymousResponses
{http://cxf.apache.org/transports/http/configuration}client
{http://cxf.apache.org/transports/http/configuration}server
This seems to suggest that CXF does not currently support what I'm trying to
do, enforce a transport level security policy. Correct? I looked at the
2.2.2 source code and I see Assertion implementations for the TransportToken
and HttpsToken so I'm thinking that what I'm trying to do is supported. Can
you clarify?
Thanks.
On Mon, Jun 29, 2009 at 5:15 PM, Daniel Kulp <dk...@apache.org> wrote:
>
> I believe this is a deficiency in the "appliesTo" handling for the EPR
> stuff.
> Looking at the code, I see:
>
> public boolean appliesTo(EndpointInfo ei) {
> return epr.getAddress().getValue().equals(ei.getAddress());
> }
>
> Thus, it will only match on an exact string compare of the URL. Your
> policy
> has xsd:anyUri which doesn't match exactly. I'd need to dig in to specs
> more to figure out what is allowed.
>
> Dan
>
>
>
> On Mon June 29 2009 2:05:34 pm Anthony Davidson wrote:
> > Daniel,
> >
> > Thanks for responding.
> >
> > I put together a small application based on one of the sample
> applications
> > but I was not able to reproduce the NPE. In my main application cxf.xml I
> > removed the line
> >
> > <p:engine enabled="true" ignoreUnknownAssertions="false"/>
> >
> > and now I do not get the NPE. Weird.
> >
> > However, I do not think the policy engine is reading my policy file
> because
> > the policy still isn't being enforced. Any ideas?
> >
> > Thanks.
> >
> > On Mon, Jun 29, 2009 at 12:12 PM, Daniel Kulp <dk...@apache.org> wrote:
> > > Well, with 2.2.x, the policy engine is turned on by default. Thus, any
> > > config
> > > related to turning that on should not be needed. I've updated that
> wiki
> > > page.
> > >
> > > <p:externalAttachment location="classpath:/policies.xml"/>
> > >
> > > should work however. Any chance you could package up a small sample
> > > that shows the NPE or similar and attach to that JIRA?
> > >
> > > Thanks!
> > > Dan
> > >
> > > On Mon June 29 2009 11:05:27 am Anthony Davidson wrote:
> > > > Hello,
> > > >
> > > > I am using CXF 2.2.2 and I am trying to implement a policy that
> > > > requires transport-level security for securing messages. I followed
> the
> > >
> > > intructions
> > >
> > > > for enabling and configuring the policy engine (
> > > > http://cwiki.apache.org/CXF20DOC/wspconfiguration.html). The
> contents
> > > > of
> > >
> > > my
> > >
> > > > cxf.xml is included below along with my policy expression, which is
> > > > contained in a separate file called policies.xml. When I ran my code
> I
> > >
> > > got
> > >
> > > > an error shown in the stacktrace below. I did some searching online
> and
> > > > found a currently open bug describing the same problem (
> > >
> > >
> https://issues.apache.org/jira/browse/CXF-1318?page=com.atlassian.jira.pl
> > >ug
> > >
> > > >in.system.issuetabpanels:all-tabpanel ).
> > > >
> > > > I tried the workaround given in the bug and it got rid of the
> > > > NullPointerException, however, the policy now isn't being enforced.
> > > > Does anyone have any ideas on how I can have CXF enforce
> > > > transport-level security?
> > > >
> > > > Thanks.
> > > >
> > > >
> > > >
> > > > cxf.xml
> > > > ======
> > > > <?xml version="1.0" encoding="UTF-8" ?>
> > > > <beans xmlns="http://www.springframework.org/schema/beans"
> > > > xmlns:p="http://cxf.apache.org/policy"
> > > > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> > > >
> > > > xmlns:http-conf="http://cxf.apache.org/transports/http/configuration
> "
> > > >
> > > > xmlns:cxf="http://cxf.apache.org/core"
> > > > xmlns:xs="http://www.w3.org/2001/XMLSchema"
> > > > xsi:schemaLocation="
> > > > http://cxf.apache.org/transports/http/configuration
> > > > http://cxf.apache.org/schemas/configuration/http-conf.xsd
> > > > http://cxf.apache.org/policy
> > > > http://cxf.apache.org/schemas/policy.xsd
> > > > http://www.springframework.org/schema/beans
> > > >
> http://www.springframework.org/schema/beans/spring-beans.xsd
> > > > http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd">
> > > > <!-- This causes NPE in PolicyEngineImpl -->
> > > > <!--
> > > > <p:engine enabled="true" ignoreUnknownAssertions="false"/>
> > > > <p:externalAttachment location="classpath:/policies.xml"/>
> > > > -->
> > > > <bean
> > >
> > >
> class="org.apache.cxf.ws.policy.attachment.external.ExternalAttachmentPro
> > >vi
> > >
> > > >der"> <constructor-arg ref="cxf"/>
> > > > <property name="location" value="classpath:/policies.xml"/>
> > > > </bean>
> > > > <bean id="org.apache.cxf.ws.policy.PolicyEngine"
> > > > class="org.apache.cxf.ws.policy.spring.InitializingPolicyEngine">
> > > > <property name="bus" ref="cxf"/>
> > > > <property name="enabled" value="true"/>
> > > > </bean>
> > > > </beans>
> > > >
> > > >
> > > >
> > > > policies.xml
> > > > =========
> > > > <?xml version="1.0" encoding="UTF-8" ?>
> > > > <attachments xmlns:wsp="http://www.w3.org/ns/ws-policy"
> > > > xmlns:wsa="http://www.w3.org/2005/08/addressing"
> > > > xmlns:xs="http://www.w3.org/2001/XMLSchema"
> > > > xmlns:sp="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
> > >
> > > ">
> > >
> > > > <wsp:PolicyAttachment>
> > > > <wsp:AppliesTo>
> > > > <wsa:EndpointReference>
> > > > <wsa:Address>xs:anyURI</wsa:Address>
> > > > </wsa:EndpointReference>
> > > > </wsp:AppliesTo>
> > > > <wsp:Policy>
> > > > <sp:TransportBinding>
> > > > <wsp:Policy>
> > > > <sp:TransportToken>
> > > > <wsp:Policy>
> > > > <sp:HttpsToken>
> > > > <wsp:Policy/>
> > > > </sp:HttpsToken>
> > > > </wsp:Policy>
> > > > </sp:TransportToken>
> > > > </wsp:Policy>
> > > > </sp:TransportBinding>
> > > > </wsp:Policy>
> > > > </wsp:PolicyAttachment>
> > > > </attachments>
> > > >
> > > > Stacktrace
> > > > ========
> > > >
> > > > java.lang.NullPointerException
> > >
> > >
> org.apache.cxf.ws.policy.PolicyEngineImpl.supportsAlternative(PolicyEngin
> > >eI
> > >
> > > >mpl.java:499)
> > >
> > >
> org.apache.cxf.ws.policy.EndpointPolicyImpl.getSupportedAlternatives(Endp
> > >oi
> > >
> > > >ntPolicyImpl.java:166)
> > >
> > >
> org.apache.cxf.ws.policy.EndpointPolicyImpl.chooseAlternative(EndpointPol
> > >ic
> > >
> > > >yImpl.java:153)
> > >
> > >
> org.apache.cxf.ws.policy.EndpointPolicyImpl.finalizeConfig(EndpointPolicy
> > >Im
> > >
> > > >pl.java:137)
> > >
> > >
> org.apache.cxf.ws.policy.EndpointPolicyImpl.initialize(EndpointPolicyImpl
> > >.j
> > >
> > > >ava:133)
> > >
> > >
> org.apache.cxf.ws.policy.PolicyEngineImpl.createEndpointPolicyInfo(Policy
> > >En
> > >
> > > >gineImpl.java:482)
> > >
> > >
> org.apache.cxf.ws.policy.PolicyEngineImpl.getEndpointPolicy(PolicyEngineI
> > >mp
> > >
> > > >l.java:229)
> > >
> > >
> org.apache.cxf.ws.policy.PolicyEngineImpl.getServerEndpointPolicy(PolicyE
> > >ng
> > >
> > > >ineImpl.java:217)
> > >
> > >
> org.apache.cxf.transport.http.policy.PolicyUtils.getServer(PolicyUtils.ja
> > >va
> > >
> > > >:180)
> > >
> > >
> org.apache.cxf.transport.http.AbstractHTTPDestination.initConfig(Abstract
> > >HT
> > >
> > > >TPDestination.java:398)
> > >
> > >
> org.apache.cxf.transport.http.AbstractHTTPDestination.<init>(AbstractHTTP
> > >De
> > >
> > > >stination.java:119)
> > >
> > >
> org.apache.cxf.transport.servlet.ServletDestination.<init>(ServletDestina
> > >ti
> > >
> > > >on.java:66)
> > >
> > >
> org.apache.cxf.transport.servlet.ServletTransportFactory.getDestination(S
> > >er
> > >
> > > >vletTransportFactory.java:102)
> > > >
> org.apache.cxf.endpoint.ServerImpl.initDestination(ServerImpl.java:90)
> > > > org.apache.cxf.endpoint.ServerImpl.<init>(ServerImpl.java:69)
> > >
> > >
> org.apache.cxf.frontend.ServerFactoryBean.create(ServerFactoryBean.java:1
> > >18
> > >
> > > >)
> > >
> > >
> org.apache.cxf.jaxws.JaxWsServerFactoryBean.create(JaxWsServerFactoryBean
> > >.j
> > >
> > > >ava:167)
> > >
> > > org.apache.cxf.jaxws.EndpointImpl.getServer(EndpointImpl.java:346)
> > >
> > > > org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:259)
> > > > org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:209)
> > > > org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:404)
> > > > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> > >
> > >
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java
> > >:3
> > >
> > > >9)
> > >
> > >
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorI
> > >mp
> > >
> > > >l.java:25) java.lang.reflect.Method.invoke(Method.java:597)
> > >
> > >
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFact
> > >or
> > >
> > > >y.invokeCustomInitMethod(AbstractAutowireCapableBeanFactory.java:1413)
> > >
> > >
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFact
> > >or
> > >
> > > >y.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1374)
> > >
> > >
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFact
> > >or
> > >
> > > >y.initializeBean(AbstractAutowireCapableBeanFactory.java:1334)
> > >
> > >
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFact
> > >or
> > >
> > > >y.doCreateBean(AbstractAutowireCapableBeanFactory.java:473)
> > >
> > >
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFact
> > >or
> > >
> > > >y$1.run(AbstractAutowireCapableBeanFactory.java:409)
> > > > java.security.AccessController.doPrivileged(Native Method)
> > >
> > >
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFact
> > >or
> > >
> > > >y.createBean(AbstractAutowireCapableBeanFactory.java:380)
> > >
> > >
> org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject
> > >(A
> > >
> > > >bstractBeanFactory.java:264)
> > >
> > >
> org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.ge<http://org.springframework.beans.factory.support.defaultsingletonbeanregistry.ge/>
> > >tS
> > >
> > > >ingleton(DefaultSingletonBeanRegistry.java:221)
> > >
> > >
> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(A
> > >bs
> > >
> > > >tractBeanFactory.java:261)
> > >
> > >
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(Abs
> > >tr
> > >
> > > >actBeanFactory.java:185)
> > >
> > >
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(Abs
> > >tr
> > >
> > > >actBeanFactory.java:164)
> > >
> > >
> org.springframework.beans.factory.support.DefaultListableBeanFactory.preI
> > >ns
> > >
> > > >tantiateSingletons(DefaultListableBeanFactory.java:429)
> > >
> > >
> org.springframework.context.support.AbstractApplicationContext.finishBean
> > >Fa
> > >
> > > >ctoryInitialization(AbstractApplicationContext.java:729)
> > >
> > >
> org.springframework.context.support.AbstractApplicationContext.refresh(Ab
> > >st
> > >
> > > >ractApplicationContext.java:381)
> > >
> > >
> org.apache.cxf.transport.servlet.CXFServlet.loadAdditionalConfig(CXFServl
> > >et
> > >
> > > >.java:166)
> > >
> > >
> org.apache.cxf.transport.servlet.CXFServlet.updateContext(CXFServlet.java
> > >:1
> > >
> > > >34)
> > >
> > >
> org.apache.cxf.transport.servlet.CXFServlet.loadSpringBus(CXFServlet.java
> > >:1
> > >
> > > >01)
> > >
> > > org.apache.cxf.transport.servlet.CXFServlet.loadBus(CXFServlet.java:70)
> > >
> > >
> org.apache.cxf.transport.servlet.AbstractCXFServlet.init(AbstractCXFServl
> > >et
> > >
> > > >.java:79)
> > >
> > >
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:
> > >10
> > >
> > > >5)
> > >
> > >
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:14
> > >8)
> > >
> > >
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869
> > >)
> > >
> > >
> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.proce
> > >ss
> > >
> > > >Connection(Http11BaseProtocol.java:664)
> > >
> > >
> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.
> > >ja
> > >
> > > >va:527)
> > >
> > >
> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowe
> > >rW
> > >
> > > >orkerThread.java:80)
> > >
> > >
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.
> > >ja
> > >
> > > >va:684) java.lang.Thread.run(Thread.java:619)
> > >
> > > --
> > > Daniel Kulp
> > > dkulp@apache.org
> > > http://www.dankulp.com/blog
>
> --
> Daniel Kulp
> dkulp@apache.org
> http://www.dankulp.com/blog
>
Re: NullPointerException in PolicyEngineImpl
Posted by Daniel Kulp <dk...@apache.org>.
I believe this is a deficiency in the "appliesTo" handling for the EPR stuff.
Looking at the code, I see:
public boolean appliesTo(EndpointInfo ei) {
return epr.getAddress().getValue().equals(ei.getAddress());
}
Thus, it will only match on an exact string compare of the URL. Your policy
has xsd:anyUri which doesn't match exactly. I'd need to dig in to specs
more to figure out what is allowed.
Dan
On Mon June 29 2009 2:05:34 pm Anthony Davidson wrote:
> Daniel,
>
> Thanks for responding.
>
> I put together a small application based on one of the sample applications
> but I was not able to reproduce the NPE. In my main application cxf.xml I
> removed the line
>
> <p:engine enabled="true" ignoreUnknownAssertions="false"/>
>
> and now I do not get the NPE. Weird.
>
> However, I do not think the policy engine is reading my policy file because
> the policy still isn't being enforced. Any ideas?
>
> Thanks.
>
> On Mon, Jun 29, 2009 at 12:12 PM, Daniel Kulp <dk...@apache.org> wrote:
> > Well, with 2.2.x, the policy engine is turned on by default. Thus, any
> > config
> > related to turning that on should not be needed. I've updated that wiki
> > page.
> >
> > <p:externalAttachment location="classpath:/policies.xml"/>
> >
> > should work however. Any chance you could package up a small sample
> > that shows the NPE or similar and attach to that JIRA?
> >
> > Thanks!
> > Dan
> >
> > On Mon June 29 2009 11:05:27 am Anthony Davidson wrote:
> > > Hello,
> > >
> > > I am using CXF 2.2.2 and I am trying to implement a policy that
> > > requires transport-level security for securing messages. I followed the
> >
> > intructions
> >
> > > for enabling and configuring the policy engine (
> > > http://cwiki.apache.org/CXF20DOC/wspconfiguration.html). The contents
> > > of
> >
> > my
> >
> > > cxf.xml is included below along with my policy expression, which is
> > > contained in a separate file called policies.xml. When I ran my code I
> >
> > got
> >
> > > an error shown in the stacktrace below. I did some searching online and
> > > found a currently open bug describing the same problem (
> >
> > https://issues.apache.org/jira/browse/CXF-1318?page=com.atlassian.jira.pl
> >ug
> >
> > >in.system.issuetabpanels:all-tabpanel ).
> > >
> > > I tried the workaround given in the bug and it got rid of the
> > > NullPointerException, however, the policy now isn't being enforced.
> > > Does anyone have any ideas on how I can have CXF enforce
> > > transport-level security?
> > >
> > > Thanks.
> > >
> > >
> > >
> > > cxf.xml
> > > ======
> > > <?xml version="1.0" encoding="UTF-8" ?>
> > > <beans xmlns="http://www.springframework.org/schema/beans"
> > > xmlns:p="http://cxf.apache.org/policy"
> > > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> > >
> > > xmlns:http-conf="http://cxf.apache.org/transports/http/configuration"
> > >
> > > xmlns:cxf="http://cxf.apache.org/core"
> > > xmlns:xs="http://www.w3.org/2001/XMLSchema"
> > > xsi:schemaLocation="
> > > http://cxf.apache.org/transports/http/configuration
> > > http://cxf.apache.org/schemas/configuration/http-conf.xsd
> > > http://cxf.apache.org/policy
> > > http://cxf.apache.org/schemas/policy.xsd
> > > http://www.springframework.org/schema/beans
> > > http://www.springframework.org/schema/beans/spring-beans.xsd
> > > http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd">
> > > <!-- This causes NPE in PolicyEngineImpl -->
> > > <!--
> > > <p:engine enabled="true" ignoreUnknownAssertions="false"/>
> > > <p:externalAttachment location="classpath:/policies.xml"/>
> > > -->
> > > <bean
> >
> > class="org.apache.cxf.ws.policy.attachment.external.ExternalAttachmentPro
> >vi
> >
> > >der"> <constructor-arg ref="cxf"/>
> > > <property name="location" value="classpath:/policies.xml"/>
> > > </bean>
> > > <bean id="org.apache.cxf.ws.policy.PolicyEngine"
> > > class="org.apache.cxf.ws.policy.spring.InitializingPolicyEngine">
> > > <property name="bus" ref="cxf"/>
> > > <property name="enabled" value="true"/>
> > > </bean>
> > > </beans>
> > >
> > >
> > >
> > > policies.xml
> > > =========
> > > <?xml version="1.0" encoding="UTF-8" ?>
> > > <attachments xmlns:wsp="http://www.w3.org/ns/ws-policy"
> > > xmlns:wsa="http://www.w3.org/2005/08/addressing"
> > > xmlns:xs="http://www.w3.org/2001/XMLSchema"
> > > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
> >
> > ">
> >
> > > <wsp:PolicyAttachment>
> > > <wsp:AppliesTo>
> > > <wsa:EndpointReference>
> > > <wsa:Address>xs:anyURI</wsa:Address>
> > > </wsa:EndpointReference>
> > > </wsp:AppliesTo>
> > > <wsp:Policy>
> > > <sp:TransportBinding>
> > > <wsp:Policy>
> > > <sp:TransportToken>
> > > <wsp:Policy>
> > > <sp:HttpsToken>
> > > <wsp:Policy/>
> > > </sp:HttpsToken>
> > > </wsp:Policy>
> > > </sp:TransportToken>
> > > </wsp:Policy>
> > > </sp:TransportBinding>
> > > </wsp:Policy>
> > > </wsp:PolicyAttachment>
> > > </attachments>
> > >
> > > Stacktrace
> > > ========
> > >
> > > java.lang.NullPointerException
> >
> > org.apache.cxf.ws.policy.PolicyEngineImpl.supportsAlternative(PolicyEngin
> >eI
> >
> > >mpl.java:499)
> >
> > org.apache.cxf.ws.policy.EndpointPolicyImpl.getSupportedAlternatives(Endp
> >oi
> >
> > >ntPolicyImpl.java:166)
> >
> > org.apache.cxf.ws.policy.EndpointPolicyImpl.chooseAlternative(EndpointPol
> >ic
> >
> > >yImpl.java:153)
> >
> > org.apache.cxf.ws.policy.EndpointPolicyImpl.finalizeConfig(EndpointPolicy
> >Im
> >
> > >pl.java:137)
> >
> > org.apache.cxf.ws.policy.EndpointPolicyImpl.initialize(EndpointPolicyImpl
> >.j
> >
> > >ava:133)
> >
> > org.apache.cxf.ws.policy.PolicyEngineImpl.createEndpointPolicyInfo(Policy
> >En
> >
> > >gineImpl.java:482)
> >
> > org.apache.cxf.ws.policy.PolicyEngineImpl.getEndpointPolicy(PolicyEngineI
> >mp
> >
> > >l.java:229)
> >
> > org.apache.cxf.ws.policy.PolicyEngineImpl.getServerEndpointPolicy(PolicyE
> >ng
> >
> > >ineImpl.java:217)
> >
> > org.apache.cxf.transport.http.policy.PolicyUtils.getServer(PolicyUtils.ja
> >va
> >
> > >:180)
> >
> > org.apache.cxf.transport.http.AbstractHTTPDestination.initConfig(Abstract
> >HT
> >
> > >TPDestination.java:398)
> >
> > org.apache.cxf.transport.http.AbstractHTTPDestination.<init>(AbstractHTTP
> >De
> >
> > >stination.java:119)
> >
> > org.apache.cxf.transport.servlet.ServletDestination.<init>(ServletDestina
> >ti
> >
> > >on.java:66)
> >
> > org.apache.cxf.transport.servlet.ServletTransportFactory.getDestination(S
> >er
> >
> > >vletTransportFactory.java:102)
> > > org.apache.cxf.endpoint.ServerImpl.initDestination(ServerImpl.java:90)
> > > org.apache.cxf.endpoint.ServerImpl.<init>(ServerImpl.java:69)
> >
> > org.apache.cxf.frontend.ServerFactoryBean.create(ServerFactoryBean.java:1
> >18
> >
> > >)
> >
> > org.apache.cxf.jaxws.JaxWsServerFactoryBean.create(JaxWsServerFactoryBean
> >.j
> >
> > >ava:167)
> >
> > org.apache.cxf.jaxws.EndpointImpl.getServer(EndpointImpl.java:346)
> >
> > > org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:259)
> > > org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:209)
> > > org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:404)
> > > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> >
> > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java
> >:3
> >
> > >9)
> >
> > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorI
> >mp
> >
> > >l.java:25) java.lang.reflect.Method.invoke(Method.java:597)
> >
> > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFact
> >or
> >
> > >y.invokeCustomInitMethod(AbstractAutowireCapableBeanFactory.java:1413)
> >
> > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFact
> >or
> >
> > >y.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1374)
> >
> > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFact
> >or
> >
> > >y.initializeBean(AbstractAutowireCapableBeanFactory.java:1334)
> >
> > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFact
> >or
> >
> > >y.doCreateBean(AbstractAutowireCapableBeanFactory.java:473)
> >
> > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFact
> >or
> >
> > >y$1.run(AbstractAutowireCapableBeanFactory.java:409)
> > > java.security.AccessController.doPrivileged(Native Method)
> >
> > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFact
> >or
> >
> > >y.createBean(AbstractAutowireCapableBeanFactory.java:380)
> >
> > org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject
> >(A
> >
> > >bstractBeanFactory.java:264)
> >
> > org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.ge
> >tS
> >
> > >ingleton(DefaultSingletonBeanRegistry.java:221)
> >
> > org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(A
> >bs
> >
> > >tractBeanFactory.java:261)
> >
> > org.springframework.beans.factory.support.AbstractBeanFactory.getBean(Abs
> >tr
> >
> > >actBeanFactory.java:185)
> >
> > org.springframework.beans.factory.support.AbstractBeanFactory.getBean(Abs
> >tr
> >
> > >actBeanFactory.java:164)
> >
> > org.springframework.beans.factory.support.DefaultListableBeanFactory.preI
> >ns
> >
> > >tantiateSingletons(DefaultListableBeanFactory.java:429)
> >
> > org.springframework.context.support.AbstractApplicationContext.finishBean
> >Fa
> >
> > >ctoryInitialization(AbstractApplicationContext.java:729)
> >
> > org.springframework.context.support.AbstractApplicationContext.refresh(Ab
> >st
> >
> > >ractApplicationContext.java:381)
> >
> > org.apache.cxf.transport.servlet.CXFServlet.loadAdditionalConfig(CXFServl
> >et
> >
> > >.java:166)
> >
> > org.apache.cxf.transport.servlet.CXFServlet.updateContext(CXFServlet.java
> >:1
> >
> > >34)
> >
> > org.apache.cxf.transport.servlet.CXFServlet.loadSpringBus(CXFServlet.java
> >:1
> >
> > >01)
> >
> > org.apache.cxf.transport.servlet.CXFServlet.loadBus(CXFServlet.java:70)
> >
> > org.apache.cxf.transport.servlet.AbstractCXFServlet.init(AbstractCXFServl
> >et
> >
> > >.java:79)
> >
> > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:
> >10
> >
> > >5)
> >
> > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:14
> >8)
> >
> > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869
> >)
> >
> > org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.proce
> >ss
> >
> > >Connection(Http11BaseProtocol.java:664)
> >
> > org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.
> >ja
> >
> > >va:527)
> >
> > org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowe
> >rW
> >
> > >orkerThread.java:80)
> >
> > org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.
> >ja
> >
> > >va:684) java.lang.Thread.run(Thread.java:619)
> >
> > --
> > Daniel Kulp
> > dkulp@apache.org
> > http://www.dankulp.com/blog
--
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog
Re: NullPointerException in PolicyEngineImpl
Posted by Anthony Davidson <am...@gmail.com>.
Daniel,
Thanks for responding.
I put together a small application based on one of the sample applications
but I was not able to reproduce the NPE. In my main application cxf.xml I
removed the line
<p:engine enabled="true" ignoreUnknownAssertions="false"/>
and now I do not get the NPE. Weird.
However, I do not think the policy engine is reading my policy file because
the policy still isn't being enforced. Any ideas?
Thanks.
On Mon, Jun 29, 2009 at 12:12 PM, Daniel Kulp <dk...@apache.org> wrote:
>
> Well, with 2.2.x, the policy engine is turned on by default. Thus, any
> config
> related to turning that on should not be needed. I've updated that wiki
> page.
>
> <p:externalAttachment location="classpath:/policies.xml"/>
>
> should work however. Any chance you could package up a small sample that
> shows the NPE or similar and attach to that JIRA?
>
> Thanks!
> Dan
>
>
> On Mon June 29 2009 11:05:27 am Anthony Davidson wrote:
> > Hello,
> >
> > I am using CXF 2.2.2 and I am trying to implement a policy that requires
> > transport-level security for securing messages. I followed the
> intructions
> > for enabling and configuring the policy engine (
> > http://cwiki.apache.org/CXF20DOC/wspconfiguration.html). The contents of
> my
> > cxf.xml is included below along with my policy expression, which is
> > contained in a separate file called policies.xml. When I ran my code I
> got
> > an error shown in the stacktrace below. I did some searching online and
> > found a currently open bug describing the same problem (
> >
> https://issues.apache.org/jira/browse/CXF-1318?page=com.atlassian.jira.plug
> >in.system.issuetabpanels:all-tabpanel ).
> >
> > I tried the workaround given in the bug and it got rid of the
> > NullPointerException, however, the policy now isn't being enforced. Does
> > anyone have any ideas on how I can have CXF enforce transport-level
> > security?
> >
> > Thanks.
> >
> >
> >
> > cxf.xml
> > ======
> > <?xml version="1.0" encoding="UTF-8" ?>
> > <beans xmlns="http://www.springframework.org/schema/beans"
> > xmlns:p="http://cxf.apache.org/policy"
> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> >
> > xmlns:http-conf="http://cxf.apache.org/transports/http/configuration"
> >
> > xmlns:cxf="http://cxf.apache.org/core"
> > xmlns:xs="http://www.w3.org/2001/XMLSchema"
> > xsi:schemaLocation="
> > http://cxf.apache.org/transports/http/configuration
> > http://cxf.apache.org/schemas/configuration/http-conf.xsd
> > http://cxf.apache.org/policy
> > http://cxf.apache.org/schemas/policy.xsd
> > http://www.springframework.org/schema/beans
> > http://www.springframework.org/schema/beans/spring-beans.xsd
> > http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd">
> > <!-- This causes NPE in PolicyEngineImpl -->
> > <!--
> > <p:engine enabled="true" ignoreUnknownAssertions="false"/>
> > <p:externalAttachment location="classpath:/policies.xml"/>
> > -->
> > <bean
> >
> class="org.apache.cxf.ws.policy.attachment.external.ExternalAttachmentProvi
> >der"> <constructor-arg ref="cxf"/>
> > <property name="location" value="classpath:/policies.xml"/>
> > </bean>
> > <bean id="org.apache.cxf.ws.policy.PolicyEngine"
> > class="org.apache.cxf.ws.policy.spring.InitializingPolicyEngine">
> > <property name="bus" ref="cxf"/>
> > <property name="enabled" value="true"/>
> > </bean>
> > </beans>
> >
> >
> >
> > policies.xml
> > =========
> > <?xml version="1.0" encoding="UTF-8" ?>
> > <attachments xmlns:wsp="http://www.w3.org/ns/ws-policy"
> > xmlns:wsa="http://www.w3.org/2005/08/addressing"
> > xmlns:xs="http://www.w3.org/2001/XMLSchema"
> > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
> ">
> > <wsp:PolicyAttachment>
> > <wsp:AppliesTo>
> > <wsa:EndpointReference>
> > <wsa:Address>xs:anyURI</wsa:Address>
> > </wsa:EndpointReference>
> > </wsp:AppliesTo>
> > <wsp:Policy>
> > <sp:TransportBinding>
> > <wsp:Policy>
> > <sp:TransportToken>
> > <wsp:Policy>
> > <sp:HttpsToken>
> > <wsp:Policy/>
> > </sp:HttpsToken>
> > </wsp:Policy>
> > </sp:TransportToken>
> > </wsp:Policy>
> > </sp:TransportBinding>
> > </wsp:Policy>
> > </wsp:PolicyAttachment>
> > </attachments>
> >
> > Stacktrace
> > ========
> >
> > java.lang.NullPointerException
> >
> org.apache.cxf.ws.policy.PolicyEngineImpl.supportsAlternative(PolicyEngineI
> >mpl.java:499)
> >
> org.apache.cxf.ws.policy.EndpointPolicyImpl.getSupportedAlternatives(Endpoi
> >ntPolicyImpl.java:166)
> >
> org.apache.cxf.ws.policy.EndpointPolicyImpl.chooseAlternative(EndpointPolic
> >yImpl.java:153)
> >
> org.apache.cxf.ws.policy.EndpointPolicyImpl.finalizeConfig(EndpointPolicyIm
> >pl.java:137)
> >
> org.apache.cxf.ws.policy.EndpointPolicyImpl.initialize(EndpointPolicyImpl.j
> >ava:133)
> >
> org.apache.cxf.ws.policy.PolicyEngineImpl.createEndpointPolicyInfo(PolicyEn
> >gineImpl.java:482)
> >
> org.apache.cxf.ws.policy.PolicyEngineImpl.getEndpointPolicy(PolicyEngineImp
> >l.java:229)
> >
> org.apache.cxf.ws.policy.PolicyEngineImpl.getServerEndpointPolicy(PolicyEng
> >ineImpl.java:217)
> >
> org.apache.cxf.transport.http.policy.PolicyUtils.getServer(PolicyUtils.java
> >:180)
> >
> org.apache.cxf.transport.http.AbstractHTTPDestination.initConfig(AbstractHT
> >TPDestination.java:398)
> >
> org.apache.cxf.transport.http.AbstractHTTPDestination.<init>(AbstractHTTPDe
> >stination.java:119)
> >
> org.apache.cxf.transport.servlet.ServletDestination.<init>(ServletDestinati
> >on.java:66)
> >
> org.apache.cxf.transport.servlet.ServletTransportFactory.getDestination(Ser
> >vletTransportFactory.java:102)
> > org.apache.cxf.endpoint.ServerImpl.initDestination(ServerImpl.java:90)
> > org.apache.cxf.endpoint.ServerImpl.<init>(ServerImpl.java:69)
> >
> org.apache.cxf.frontend.ServerFactoryBean.create(ServerFactoryBean.java:118
> >)
> >
> org.apache.cxf.jaxws.JaxWsServerFactoryBean.create(JaxWsServerFactoryBean.j
> >ava:167)
> org.apache.cxf.jaxws.EndpointImpl.getServer(EndpointImpl.java:346)
> > org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:259)
> > org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:209)
> > org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:404)
> > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> >
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:3
> >9)
> >
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImp
> >l.java:25) java.lang.reflect.Method.invoke(Method.java:597)
> >
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
> >y.invokeCustomInitMethod(AbstractAutowireCapableBeanFactory.java:1413)
> >
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
> >y.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1374)
> >
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
> >y.initializeBean(AbstractAutowireCapableBeanFactory.java:1334)
> >
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
> >y.doCreateBean(AbstractAutowireCapableBeanFactory.java:473)
> >
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
> >y$1.run(AbstractAutowireCapableBeanFactory.java:409)
> > java.security.AccessController.doPrivileged(Native Method)
> >
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
> >y.createBean(AbstractAutowireCapableBeanFactory.java:380)
> >
> org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(A
> >bstractBeanFactory.java:264)
> >
> org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getS
> >ingleton(DefaultSingletonBeanRegistry.java:221)
> >
> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(Abs
> >tractBeanFactory.java:261)
> >
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(Abstr
> >actBeanFactory.java:185)
> >
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(Abstr
> >actBeanFactory.java:164)
> >
> org.springframework.beans.factory.support.DefaultListableBeanFactory.preIns
> >tantiateSingletons(DefaultListableBeanFactory.java:429)
> >
> org.springframework.context.support.AbstractApplicationContext.finishBeanFa
> >ctoryInitialization(AbstractApplicationContext.java:729)
> >
> org.springframework.context.support.AbstractApplicationContext.refresh(Abst
> >ractApplicationContext.java:381)
> >
> org.apache.cxf.transport.servlet.CXFServlet.loadAdditionalConfig(CXFServlet
> >.java:166)
> >
> org.apache.cxf.transport.servlet.CXFServlet.updateContext(CXFServlet.java:1
> >34)
> >
> org.apache.cxf.transport.servlet.CXFServlet.loadSpringBus(CXFServlet.java:1
> >01)
> org.apache.cxf.transport.servlet.CXFServlet.loadBus(CXFServlet.java:70)
> >
> org.apache.cxf.transport.servlet.AbstractCXFServlet.init(AbstractCXFServlet
> >.java:79)
> >
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:10
> >5)
> >
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
> >
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
> >
> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.process
> >Connection(Http11BaseProtocol.java:664)
> >
> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.ja
> >va:527)
> >
> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerW
> >orkerThread.java:80)
> >
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.ja
> >va:684) java.lang.Thread.run(Thread.java:619)
>
> --
> Daniel Kulp
> dkulp@apache.org
> http://www.dankulp.com/blog
>
Re: NullPointerException in PolicyEngineImpl
Posted by Daniel Kulp <dk...@apache.org>.
Well, with 2.2.x, the policy engine is turned on by default. Thus, any config
related to turning that on should not be needed. I've updated that wiki
page.
<p:externalAttachment location="classpath:/policies.xml"/>
should work however. Any chance you could package up a small sample that
shows the NPE or similar and attach to that JIRA?
Thanks!
Dan
On Mon June 29 2009 11:05:27 am Anthony Davidson wrote:
> Hello,
>
> I am using CXF 2.2.2 and I am trying to implement a policy that requires
> transport-level security for securing messages. I followed the intructions
> for enabling and configuring the policy engine (
> http://cwiki.apache.org/CXF20DOC/wspconfiguration.html). The contents of my
> cxf.xml is included below along with my policy expression, which is
> contained in a separate file called policies.xml. When I ran my code I got
> an error shown in the stacktrace below. I did some searching online and
> found a currently open bug describing the same problem (
> https://issues.apache.org/jira/browse/CXF-1318?page=com.atlassian.jira.plug
>in.system.issuetabpanels:all-tabpanel ).
>
> I tried the workaround given in the bug and it got rid of the
> NullPointerException, however, the policy now isn't being enforced. Does
> anyone have any ideas on how I can have CXF enforce transport-level
> security?
>
> Thanks.
>
>
>
> cxf.xml
> ======
> <?xml version="1.0" encoding="UTF-8" ?>
> <beans xmlns="http://www.springframework.org/schema/beans"
> xmlns:p="http://cxf.apache.org/policy"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>
> xmlns:http-conf="http://cxf.apache.org/transports/http/configuration"
>
> xmlns:cxf="http://cxf.apache.org/core"
> xmlns:xs="http://www.w3.org/2001/XMLSchema"
> xsi:schemaLocation="
> http://cxf.apache.org/transports/http/configuration
> http://cxf.apache.org/schemas/configuration/http-conf.xsd
> http://cxf.apache.org/policy
> http://cxf.apache.org/schemas/policy.xsd
> http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans.xsd
> http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd">
> <!-- This causes NPE in PolicyEngineImpl -->
> <!--
> <p:engine enabled="true" ignoreUnknownAssertions="false"/>
> <p:externalAttachment location="classpath:/policies.xml"/>
> -->
> <bean
> class="org.apache.cxf.ws.policy.attachment.external.ExternalAttachmentProvi
>der"> <constructor-arg ref="cxf"/>
> <property name="location" value="classpath:/policies.xml"/>
> </bean>
> <bean id="org.apache.cxf.ws.policy.PolicyEngine"
> class="org.apache.cxf.ws.policy.spring.InitializingPolicyEngine">
> <property name="bus" ref="cxf"/>
> <property name="enabled" value="true"/>
> </bean>
> </beans>
>
>
>
> policies.xml
> =========
> <?xml version="1.0" encoding="UTF-8" ?>
> <attachments xmlns:wsp="http://www.w3.org/ns/ws-policy"
> xmlns:wsa="http://www.w3.org/2005/08/addressing"
> xmlns:xs="http://www.w3.org/2001/XMLSchema"
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> <wsp:PolicyAttachment>
> <wsp:AppliesTo>
> <wsa:EndpointReference>
> <wsa:Address>xs:anyURI</wsa:Address>
> </wsa:EndpointReference>
> </wsp:AppliesTo>
> <wsp:Policy>
> <sp:TransportBinding>
> <wsp:Policy>
> <sp:TransportToken>
> <wsp:Policy>
> <sp:HttpsToken>
> <wsp:Policy/>
> </sp:HttpsToken>
> </wsp:Policy>
> </sp:TransportToken>
> </wsp:Policy>
> </sp:TransportBinding>
> </wsp:Policy>
> </wsp:PolicyAttachment>
> </attachments>
>
> Stacktrace
> ========
>
> java.lang.NullPointerException
> org.apache.cxf.ws.policy.PolicyEngineImpl.supportsAlternative(PolicyEngineI
>mpl.java:499)
> org.apache.cxf.ws.policy.EndpointPolicyImpl.getSupportedAlternatives(Endpoi
>ntPolicyImpl.java:166)
> org.apache.cxf.ws.policy.EndpointPolicyImpl.chooseAlternative(EndpointPolic
>yImpl.java:153)
> org.apache.cxf.ws.policy.EndpointPolicyImpl.finalizeConfig(EndpointPolicyIm
>pl.java:137)
> org.apache.cxf.ws.policy.EndpointPolicyImpl.initialize(EndpointPolicyImpl.j
>ava:133)
> org.apache.cxf.ws.policy.PolicyEngineImpl.createEndpointPolicyInfo(PolicyEn
>gineImpl.java:482)
> org.apache.cxf.ws.policy.PolicyEngineImpl.getEndpointPolicy(PolicyEngineImp
>l.java:229)
> org.apache.cxf.ws.policy.PolicyEngineImpl.getServerEndpointPolicy(PolicyEng
>ineImpl.java:217)
> org.apache.cxf.transport.http.policy.PolicyUtils.getServer(PolicyUtils.java
>:180)
> org.apache.cxf.transport.http.AbstractHTTPDestination.initConfig(AbstractHT
>TPDestination.java:398)
> org.apache.cxf.transport.http.AbstractHTTPDestination.<init>(AbstractHTTPDe
>stination.java:119)
> org.apache.cxf.transport.servlet.ServletDestination.<init>(ServletDestinati
>on.java:66)
> org.apache.cxf.transport.servlet.ServletTransportFactory.getDestination(Ser
>vletTransportFactory.java:102)
> org.apache.cxf.endpoint.ServerImpl.initDestination(ServerImpl.java:90)
> org.apache.cxf.endpoint.ServerImpl.<init>(ServerImpl.java:69)
> org.apache.cxf.frontend.ServerFactoryBean.create(ServerFactoryBean.java:118
>)
> org.apache.cxf.jaxws.JaxWsServerFactoryBean.create(JaxWsServerFactoryBean.j
>ava:167) org.apache.cxf.jaxws.EndpointImpl.getServer(EndpointImpl.java:346)
> org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:259)
> org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:209)
> org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:404)
> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:3
>9)
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImp
>l.java:25) java.lang.reflect.Method.invoke(Method.java:597)
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.invokeCustomInitMethod(AbstractAutowireCapableBeanFactory.java:1413)
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1374)
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.initializeBean(AbstractAutowireCapableBeanFactory.java:1334)
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.doCreateBean(AbstractAutowireCapableBeanFactory.java:473)
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y$1.run(AbstractAutowireCapableBeanFactory.java:409)
> java.security.AccessController.doPrivileged(Native Method)
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.createBean(AbstractAutowireCapableBeanFactory.java:380)
> org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(A
>bstractBeanFactory.java:264)
> org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getS
>ingleton(DefaultSingletonBeanRegistry.java:221)
> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(Abs
>tractBeanFactory.java:261)
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(Abstr
>actBeanFactory.java:185)
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(Abstr
>actBeanFactory.java:164)
> org.springframework.beans.factory.support.DefaultListableBeanFactory.preIns
>tantiateSingletons(DefaultListableBeanFactory.java:429)
> org.springframework.context.support.AbstractApplicationContext.finishBeanFa
>ctoryInitialization(AbstractApplicationContext.java:729)
> org.springframework.context.support.AbstractApplicationContext.refresh(Abst
>ractApplicationContext.java:381)
> org.apache.cxf.transport.servlet.CXFServlet.loadAdditionalConfig(CXFServlet
>.java:166)
> org.apache.cxf.transport.servlet.CXFServlet.updateContext(CXFServlet.java:1
>34)
> org.apache.cxf.transport.servlet.CXFServlet.loadSpringBus(CXFServlet.java:1
>01) org.apache.cxf.transport.servlet.CXFServlet.loadBus(CXFServlet.java:70)
> org.apache.cxf.transport.servlet.AbstractCXFServlet.init(AbstractCXFServlet
>.java:79)
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:10
>5)
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.process
>Connection(Http11BaseProtocol.java:664)
> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.ja
>va:527)
> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerW
>orkerThread.java:80)
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.ja
>va:684) java.lang.Thread.run(Thread.java:619)
--
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog