You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Thilina Buddhika (JIRA)" <ji...@apache.org> on 2010/01/28 16:22:57 UTC
[jira] Created: (RAMPART-279) NPE thrown when WS-Trust renew
binding implementation
NPE thrown when WS-Trust renew binding implementation
-----------------------------------------------------
Key: RAMPART-279
URL: https://issues.apache.org/jira/browse/RAMPART-279
Project: Rampart
Issue Type: Bug
Components: rampart-trust
Reporter: Thilina Buddhika
Assignee: Ruchith Udayanga Fernando
Following error is thrown when trying to renew tokens as per the WS-Trust Renew binding.
java.lang.NullPointerException
at sun.security.provider.JavaKeyStore$JKS.convertAlias(JavaKeyStore.java:40)
at sun.security.provider.JavaKeyStore.engineGetCertificateChain(JavaKeyStore.java:135)
at java.security.KeyStore.getCertificateChain(KeyStore.java:756)
at org.wso2.carbon.security.util.ServerCrypto.getCertificates(ServerCrypto.java:275)
at org.apache.rahas.impl.SAMLTokenIssuer.getServiceCert(SAMLTokenIssuer.java:461)
at org.apache.rahas.impl.SAMLTokenIssuer.createHoKAssertion(SAMLTokenIssuer.java:359)
at org.apache.rahas.impl.SAMLTokenIssuer.issue(SAMLTokenIssuer.java:167)
at org.apache.rahas.TokenRequestDispatcher.handle(TokenRequestDispatcher.java:70)
at org.apache.rahas.STSMessageReceiver.invokeBusinessLogic(STSMessageReceiver.java:57)
at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:114)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:178)
at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167)
at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:142)
This is mainly due to a bug in the Token ID extraction logic when generating Rahas Data. In the request for token renewal, the token id is sent as a key identifier. But current implementation does not cover this case. Hence it ends up with a null value as the token identifier.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-279) NPE thrown when WS-Trust renew
binding implementation
Posted by "Thilina Buddhika (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-279?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Thilina Buddhika updated RAMPART-279:
-------------------------------------
Attachment: RAMPART-279.patch
updated the token-id extraction logic to consider key identifiers, if references are not present.
> NPE thrown when WS-Trust renew binding implementation
> -----------------------------------------------------
>
> Key: RAMPART-279
> URL: https://issues.apache.org/jira/browse/RAMPART-279
> Project: Rampart
> Issue Type: Bug
> Components: rampart-trust
> Reporter: Thilina Buddhika
> Assignee: Ruchith Udayanga Fernando
> Attachments: RAMPART-279.patch
>
>
> Following error is thrown when trying to renew tokens as per the WS-Trust Renew binding.
> java.lang.NullPointerException
> at sun.security.provider.JavaKeyStore$JKS.convertAlias(JavaKeyStore.java:40)
> at sun.security.provider.JavaKeyStore.engineGetCertificateChain(JavaKeyStore.java:135)
> at java.security.KeyStore.getCertificateChain(KeyStore.java:756)
> at org.wso2.carbon.security.util.ServerCrypto.getCertificates(ServerCrypto.java:275)
> at org.apache.rahas.impl.SAMLTokenIssuer.getServiceCert(SAMLTokenIssuer.java:461)
> at org.apache.rahas.impl.SAMLTokenIssuer.createHoKAssertion(SAMLTokenIssuer.java:359)
> at org.apache.rahas.impl.SAMLTokenIssuer.issue(SAMLTokenIssuer.java:167)
> at org.apache.rahas.TokenRequestDispatcher.handle(TokenRequestDispatcher.java:70)
> at org.apache.rahas.STSMessageReceiver.invokeBusinessLogic(STSMessageReceiver.java:57)
> at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
> at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:114)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:178)
> at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167)
> at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:142)
> This is mainly due to a bug in the Token ID extraction logic when generating Rahas Data. In the request for token renewal, the token id is sent as a key identifier. But current implementation does not cover this case. Hence it ends up with a null value as the token identifier.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (RAMPART-279) NPE thrown when WS-Trust renew
binding implementation
Posted by "Prabath Siriwardena (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-279?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12866095#action_12866095 ]
Prabath Siriwardena commented on RAMPART-279:
---------------------------------------------
Applied the patch at revision: 943049
Thanks Thilina for the patch...
Thanks & regards.
-Prabath
> NPE thrown when WS-Trust renew binding implementation
> -----------------------------------------------------
>
> Key: RAMPART-279
> URL: https://issues.apache.org/jira/browse/RAMPART-279
> Project: Rampart
> Issue Type: Bug
> Components: rampart-trust
> Reporter: Thilina Buddhika
> Assignee: Ruchith Udayanga Fernando
> Attachments: RAMPART-279.patch
>
>
> Following error is thrown when trying to renew tokens as per the WS-Trust Renew binding.
> java.lang.NullPointerException
> at sun.security.provider.JavaKeyStore$JKS.convertAlias(JavaKeyStore.java:40)
> at sun.security.provider.JavaKeyStore.engineGetCertificateChain(JavaKeyStore.java:135)
> at java.security.KeyStore.getCertificateChain(KeyStore.java:756)
> at org.wso2.carbon.security.util.ServerCrypto.getCertificates(ServerCrypto.java:275)
> at org.apache.rahas.impl.SAMLTokenIssuer.getServiceCert(SAMLTokenIssuer.java:461)
> at org.apache.rahas.impl.SAMLTokenIssuer.createHoKAssertion(SAMLTokenIssuer.java:359)
> at org.apache.rahas.impl.SAMLTokenIssuer.issue(SAMLTokenIssuer.java:167)
> at org.apache.rahas.TokenRequestDispatcher.handle(TokenRequestDispatcher.java:70)
> at org.apache.rahas.STSMessageReceiver.invokeBusinessLogic(STSMessageReceiver.java:57)
> at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
> at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:114)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:178)
> at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167)
> at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:142)
> This is mainly due to a bug in the Token ID extraction logic when generating Rahas Data. In the request for token renewal, the token id is sent as a key identifier. But current implementation does not cover this case. Hence it ends up with a null value as the token identifier.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.