You are viewing a plain text version of this content. The canonical link for it is here.

Posted to wss4j-dev@ws.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2010/08/03 12:38:16 UTC

[jira] Commented: (WSS-235) xmlsec/1.4.3 not compatible with xmlbeans/2.4.0, resulting in NullPointerException in IdResolver, more robustness would help

    [ https://issues.apache.org/jira/browse/WSS-235?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12894865#action_12894865 ] 

Colm O hEigeartaigh commented on WSS-235:
-----------------------------------------


Fixed as part of:

https://issues.apache.org/bugzilla/show_bug.cgi?id=49692

Colm.

> xmlsec/1.4.3 not compatible with xmlbeans/2.4.0, resulting in NullPointerException in IdResolver, more robustness would help
> ----------------------------------------------------------------------------------------------------------------------------
>
>                 Key: WSS-235
>                 URL: https://issues.apache.org/jira/browse/WSS-235
>             Project: WSS4J
>          Issue Type: Wish
>         Environment: xmm security structure generated with xmlbeans, verified with xmlsec.
>            Reporter: martin voegeli
>            Assignee: Ruchith Udayanga Fernando
>            Priority: Minor
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> IdResolver.java was refactored from release xmlsec/1.3.0 to xmlsec/1.4.3.
> (I know, not part of wss4j, but xmlsec seams to be a sub-component here).
> Symptoms:
> java.lang.NullPointerException
>     at org.apache.xml.security.utils.IdResolver.isElement(Unknown Source)
>     at org.apache.xml.security.utils.IdResolver.getEl(Unknown Source)
>     at org.apache.xml.security.utils.IdResolver.getElementBySearching(Unknown Source)
>     at org.apache.xml.security.utils.IdResolver.getElementById(Unknown Source)
>     at org.apache.xml.security.utils.resolver.implementations.ResolverFragment.engineResolve(Unknown Source)
>     at org.apache.xml.security.utils.resolver.ResourceResolver.resolve(Unknown Source)
> Problem: 
> Under certain circumstances, the ID attribute of an XML node in the XMLBeans DOM implementation is treated as !nodeCanHavePrefixUri (which might not be DOM specification compliant, but never mind). The Id Resolver code does not expect this behavior
> xmlbenas/2.4.0 org.apache.xmlbeans.impl.store.DomImpl
>     public static String _node_getLocalName ( Dom n )
>     {
>         if (! n.nodeCanHavePrefixUri() ) return null;
>         QName name = n.getQName();
>         return name == null ? "" : name.getLocalPart();
>     }
> xml-security/1.4.3 org.apache.xml.security.utils.IdResolver:
> Suggested robustness optimization near line 247:
>             String name=n.getLocalName();
>             if (name == null) { name = n.getName(); }           <<<
> Changing xmlbeans to not return null as a local name might be the better solution but that change seems somewhat risky.
> thanks
> martin

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org