You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Dennis Sosnoski (JIRA)" <ji...@apache.org> on 2010/10/05 12:16:33 UTC
[jira] Created: (CXF-3037) Policy references embedded in policy are
not processed
Policy references embedded in policy are not processed
------------------------------------------------------
Key: CXF-3037
URL: https://issues.apache.org/jira/browse/CXF-3037
Project: CXF
Issue Type: Bug
Components: WS-* Components
Affects Versions: 2.2.10
Reporter: Dennis Sosnoski
WS-Policy allows <wsp:PolicyReference> to be embedded within policy documents, but CXF does not handle these references. Here's an example:
<!-- Policy for symmetric binding, using an ephemeral key generated by the client and
sent to the server as part of the request, using asymmetric encryption with the server
public key to secure the symmetric key. -->
<wsp:Policy wsu:Id="SymmBinding"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<sp:SymmetricBinding>
<wsp:Policy>
<sp:ProtectionToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
<sp:RequireDerivedKeys/>
<sp:RequireThumbprintReference/>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:ProtectionToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128Rsa15/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:OnlySignEntireHeadersAndBody/>
</wsp:Policy>
</sp:SymmetricBinding>
</wsp:Policy>
<!-- Policy for symmetric binding, using an ephemeral key generated by the client and
sent to the server as part of the request, using asymmetric encryption with the server
public key to secure the symmetric key. -->
<wsp:Policy wsu:Id="SymmEncr"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="#SymmBinding"/>
<sp:Wss11>
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefThumbprint/>
<sp:MustSupportRefEncryptedKey/>
</wsp:Policy>
</sp:Wss11>
</wsp:Policy>
When trying to use this policy on the client it causes an NPE inside Neethi:
[java] WARNING: Interceptor for {http://ws.sosnoski.com/library/wsdl}CXFLibrary#{http://ws.sosnoski.com/library/wsdl}getBook has thrown exception, unwinding now
[java] java.lang.NullPointerException
[java] at org.apache.neethi.AbstractPolicyOperator.normalizeOperator(AbstractPolicyOperator.java:116)
[java] at org.apache.neethi.AbstractPolicyOperator.normalize(AbstractPolicyOperator.java:73)
[java] at org.apache.neethi.Policy.normalize(Policy.java:64)
[java] at org.apache.neethi.Policy.normalize(Policy.java:49)
[java] at org.apache.cxf.ws.policy.EffectivePolicyImpl.initialisePolicy(EffectivePolicyImpl.java:134)
[java] at org.apache.cxf.ws.policy.EffectivePolicyImpl.initialise(EffectivePolicyImpl.java:86)
[java] at org.apache.cxf.ws.policy.PolicyEngineImpl.getEffectiveClientRequestPolicy(PolicyEngineImpl.java:155)
[java] at org.apache.cxf.ws.policy.PolicyOutInterceptor.handle(PolicyOutInterceptor.java:110)
The problem here is that CXF passes a null for the policy context when calling the Policy.normalize() method. Just passing the context should be enough to make this work.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (CXF-3037) Policy references embedded in policy are
not processed
Posted by "Daniel Kulp (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-3037?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Daniel Kulp updated CXF-3037:
-----------------------------
Fix Version/s: (was: 2.2.11)
> Policy references embedded in policy are not processed
> ------------------------------------------------------
>
> Key: CXF-3037
> URL: https://issues.apache.org/jira/browse/CXF-3037
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.2.10
> Reporter: Dennis Sosnoski
> Assignee: Daniel Kulp
>
> WS-Policy allows <wsp:PolicyReference> to be embedded within policy documents, but CXF does not handle these references. Here's an example:
>
> <!-- Policy for symmetric binding, using an ephemeral key generated by the client and
> sent to the server as part of the request, using asymmetric encryption with the server
> public key to secure the symmetric key. -->
> <wsp:Policy wsu:Id="SymmBinding"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
> xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> <sp:SymmetricBinding>
> <wsp:Policy>
> <sp:ProtectionToken>
> <wsp:Policy>
> <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
> <wsp:Policy>
> <sp:RequireDerivedKeys/>
> <sp:RequireThumbprintReference/>
> <sp:WssX509V3Token10/>
> </wsp:Policy>
> </sp:X509Token>
> </wsp:Policy>
> </sp:ProtectionToken>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic128Rsa15/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:OnlySignEntireHeadersAndBody/>
> </wsp:Policy>
> </sp:SymmetricBinding>
> </wsp:Policy>
>
> <!-- Policy for symmetric binding, using an ephemeral key generated by the client and
> sent to the server as part of the request, using asymmetric encryption with the server
> public key to secure the symmetric key. -->
> <wsp:Policy wsu:Id="SymmEncr"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
> xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="#SymmBinding"/>
> <sp:Wss11>
> <wsp:Policy>
> <sp:MustSupportRefKeyIdentifier/>
> <sp:MustSupportRefThumbprint/>
> <sp:MustSupportRefEncryptedKey/>
> </wsp:Policy>
> </sp:Wss11>
> </wsp:Policy>
> When trying to use this policy on the client it causes an NPE inside Neethi:
> [java] WARNING: Interceptor for {http://ws.sosnoski.com/library/wsdl}CXFLibrary#{http://ws.sosnoski.com/library/wsdl}getBook has thrown exception, unwinding now
> [java] java.lang.NullPointerException
> [java] at org.apache.neethi.AbstractPolicyOperator.normalizeOperator(AbstractPolicyOperator.java:116)
> [java] at org.apache.neethi.AbstractPolicyOperator.normalize(AbstractPolicyOperator.java:73)
> [java] at org.apache.neethi.Policy.normalize(Policy.java:64)
> [java] at org.apache.neethi.Policy.normalize(Policy.java:49)
> [java] at org.apache.cxf.ws.policy.EffectivePolicyImpl.initialisePolicy(EffectivePolicyImpl.java:134)
> [java] at org.apache.cxf.ws.policy.EffectivePolicyImpl.initialise(EffectivePolicyImpl.java:86)
> [java] at org.apache.cxf.ws.policy.PolicyEngineImpl.getEffectiveClientRequestPolicy(PolicyEngineImpl.java:155)
> [java] at org.apache.cxf.ws.policy.PolicyOutInterceptor.handle(PolicyOutInterceptor.java:110)
> The problem here is that CXF passes a null for the policy context when calling the Policy.normalize() method. Just passing the context should be enough to make this work.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Reopened: (CXF-3037) Policy references embedded in policy
are not processed
Posted by "Daniel Kulp (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-3037?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Daniel Kulp reopened CXF-3037:
------------------------------
I was semi-afraid of that. :-(
In the builders, right now, I didn't have access to the registry or Bus or anything that would allow easy access to the registry. Thus, since I was trying to get 2.3 out and the initial bug report didn't show any issue there, I left them alone. I just fixed the issues in the calculation of the effective policies and such which was the stack trace from the initial report.
I'll re-open the issue. It's definitely a bit more complex as I'll need to pass the registry into the builders and such.
> Policy references embedded in policy are not processed
> ------------------------------------------------------
>
> Key: CXF-3037
> URL: https://issues.apache.org/jira/browse/CXF-3037
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.2.10
> Reporter: Dennis Sosnoski
> Assignee: Daniel Kulp
> Fix For: 2.2.11
>
>
> WS-Policy allows <wsp:PolicyReference> to be embedded within policy documents, but CXF does not handle these references. Here's an example:
>
> <!-- Policy for symmetric binding, using an ephemeral key generated by the client and
> sent to the server as part of the request, using asymmetric encryption with the server
> public key to secure the symmetric key. -->
> <wsp:Policy wsu:Id="SymmBinding"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
> xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> <sp:SymmetricBinding>
> <wsp:Policy>
> <sp:ProtectionToken>
> <wsp:Policy>
> <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
> <wsp:Policy>
> <sp:RequireDerivedKeys/>
> <sp:RequireThumbprintReference/>
> <sp:WssX509V3Token10/>
> </wsp:Policy>
> </sp:X509Token>
> </wsp:Policy>
> </sp:ProtectionToken>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic128Rsa15/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:OnlySignEntireHeadersAndBody/>
> </wsp:Policy>
> </sp:SymmetricBinding>
> </wsp:Policy>
>
> <!-- Policy for symmetric binding, using an ephemeral key generated by the client and
> sent to the server as part of the request, using asymmetric encryption with the server
> public key to secure the symmetric key. -->
> <wsp:Policy wsu:Id="SymmEncr"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
> xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="#SymmBinding"/>
> <sp:Wss11>
> <wsp:Policy>
> <sp:MustSupportRefKeyIdentifier/>
> <sp:MustSupportRefThumbprint/>
> <sp:MustSupportRefEncryptedKey/>
> </wsp:Policy>
> </sp:Wss11>
> </wsp:Policy>
> When trying to use this policy on the client it causes an NPE inside Neethi:
> [java] WARNING: Interceptor for {http://ws.sosnoski.com/library/wsdl}CXFLibrary#{http://ws.sosnoski.com/library/wsdl}getBook has thrown exception, unwinding now
> [java] java.lang.NullPointerException
> [java] at org.apache.neethi.AbstractPolicyOperator.normalizeOperator(AbstractPolicyOperator.java:116)
> [java] at org.apache.neethi.AbstractPolicyOperator.normalize(AbstractPolicyOperator.java:73)
> [java] at org.apache.neethi.Policy.normalize(Policy.java:64)
> [java] at org.apache.neethi.Policy.normalize(Policy.java:49)
> [java] at org.apache.cxf.ws.policy.EffectivePolicyImpl.initialisePolicy(EffectivePolicyImpl.java:134)
> [java] at org.apache.cxf.ws.policy.EffectivePolicyImpl.initialise(EffectivePolicyImpl.java:86)
> [java] at org.apache.cxf.ws.policy.PolicyEngineImpl.getEffectiveClientRequestPolicy(PolicyEngineImpl.java:155)
> [java] at org.apache.cxf.ws.policy.PolicyOutInterceptor.handle(PolicyOutInterceptor.java:110)
> The problem here is that CXF passes a null for the policy context when calling the Policy.normalize() method. Just passing the context should be enough to make this work.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CXF-3037) Policy references embedded in policy
are not processed
Posted by "Dennis Sosnoski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-3037?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12919471#action_12919471 ]
Dennis Sosnoski commented on CXF-3037:
--------------------------------------
Did you also include these changes in the 2.3.0 code? I've tried this, using the 2.3.0 distribution build (not yet released), and still have the same NPE (though in a different place, which may be because I'm using a different policy sample:
[java] at org.apache.neethi.AbstractPolicyOperator.normalizeOperator(AbstractPolicyOperator.java:116)
[java] at org.apache.neethi.AbstractPolicyOperator.normalize(AbstractPolicyOperator.java:73)
[java] at org.apache.neethi.Policy.normalize(Policy.java:64)
[java] at org.apache.neethi.Policy.normalize(Policy.java:49)
[java] at org.apache.cxf.ws.security.policy.builders.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:66)
...
Here are the relevant portions of this policy:
<!-- Initiator token policy. -->
<wsp:Policy wsu:Id="InitiatorToken" xmlns:wsu=
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://www.w3.org/ns/ws-policy"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:RequireThumbprintReference/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
</wsp:Policy>
<!-- Recipient token policy. -->
<wsp:Policy wsu:Id="RecipientToken" xmlns:wsu=
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://www.w3.org/ns/ws-policy"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
<sp:RequireThumbprintReference/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
</wsp:Policy>
<!-- Policy for asymmetric binding with the certificate included in the message from
client to server but only a thumbprint on messages from the server to the client. -->
<wsp:Policy wsu:Id="AsymmBinding" xmlns:wsu=
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://www.w3.org/ns/ws-policy"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<sp:AsymmetricBinding>
<wsp:Policy>
<wsp:PolicyReference URI="#InitiatorToken"/>
<wsp:PolicyReference URI="#RecipientToken"/>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128Rsa15/>
</wsp:Policy>
</sp:AlgorithmSuite>
</wsp:Policy>
</sp:AsymmetricBinding>
</wsp:Policy>
> Policy references embedded in policy are not processed
> ------------------------------------------------------
>
> Key: CXF-3037
> URL: https://issues.apache.org/jira/browse/CXF-3037
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.2.10
> Reporter: Dennis Sosnoski
> Assignee: Daniel Kulp
> Fix For: 2.2.11
>
>
> WS-Policy allows <wsp:PolicyReference> to be embedded within policy documents, but CXF does not handle these references. Here's an example:
>
> <!-- Policy for symmetric binding, using an ephemeral key generated by the client and
> sent to the server as part of the request, using asymmetric encryption with the server
> public key to secure the symmetric key. -->
> <wsp:Policy wsu:Id="SymmBinding"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
> xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> <sp:SymmetricBinding>
> <wsp:Policy>
> <sp:ProtectionToken>
> <wsp:Policy>
> <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
> <wsp:Policy>
> <sp:RequireDerivedKeys/>
> <sp:RequireThumbprintReference/>
> <sp:WssX509V3Token10/>
> </wsp:Policy>
> </sp:X509Token>
> </wsp:Policy>
> </sp:ProtectionToken>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic128Rsa15/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:OnlySignEntireHeadersAndBody/>
> </wsp:Policy>
> </sp:SymmetricBinding>
> </wsp:Policy>
>
> <!-- Policy for symmetric binding, using an ephemeral key generated by the client and
> sent to the server as part of the request, using asymmetric encryption with the server
> public key to secure the symmetric key. -->
> <wsp:Policy wsu:Id="SymmEncr"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
> xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="#SymmBinding"/>
> <sp:Wss11>
> <wsp:Policy>
> <sp:MustSupportRefKeyIdentifier/>
> <sp:MustSupportRefThumbprint/>
> <sp:MustSupportRefEncryptedKey/>
> </wsp:Policy>
> </sp:Wss11>
> </wsp:Policy>
> When trying to use this policy on the client it causes an NPE inside Neethi:
> [java] WARNING: Interceptor for {http://ws.sosnoski.com/library/wsdl}CXFLibrary#{http://ws.sosnoski.com/library/wsdl}getBook has thrown exception, unwinding now
> [java] java.lang.NullPointerException
> [java] at org.apache.neethi.AbstractPolicyOperator.normalizeOperator(AbstractPolicyOperator.java:116)
> [java] at org.apache.neethi.AbstractPolicyOperator.normalize(AbstractPolicyOperator.java:73)
> [java] at org.apache.neethi.Policy.normalize(Policy.java:64)
> [java] at org.apache.neethi.Policy.normalize(Policy.java:49)
> [java] at org.apache.cxf.ws.policy.EffectivePolicyImpl.initialisePolicy(EffectivePolicyImpl.java:134)
> [java] at org.apache.cxf.ws.policy.EffectivePolicyImpl.initialise(EffectivePolicyImpl.java:86)
> [java] at org.apache.cxf.ws.policy.PolicyEngineImpl.getEffectiveClientRequestPolicy(PolicyEngineImpl.java:155)
> [java] at org.apache.cxf.ws.policy.PolicyOutInterceptor.handle(PolicyOutInterceptor.java:110)
> The problem here is that CXF passes a null for the policy context when calling the Policy.normalize() method. Just passing the context should be enough to make this work.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (CXF-3037) Policy references embedded in policy
are not processed
Posted by "Daniel Kulp (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-3037?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Daniel Kulp resolved CXF-3037.
------------------------------
Resolution: Fixed
Fix Version/s: 2.2.11
Assignee: Daniel Kulp
I went ahead and passed the registry into the normalize calls in the areas where I have access to the registry. Hopefully that will fix it.
> Policy references embedded in policy are not processed
> ------------------------------------------------------
>
> Key: CXF-3037
> URL: https://issues.apache.org/jira/browse/CXF-3037
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.2.10
> Reporter: Dennis Sosnoski
> Assignee: Daniel Kulp
> Fix For: 2.2.11
>
>
> WS-Policy allows <wsp:PolicyReference> to be embedded within policy documents, but CXF does not handle these references. Here's an example:
>
> <!-- Policy for symmetric binding, using an ephemeral key generated by the client and
> sent to the server as part of the request, using asymmetric encryption with the server
> public key to secure the symmetric key. -->
> <wsp:Policy wsu:Id="SymmBinding"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
> xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> <sp:SymmetricBinding>
> <wsp:Policy>
> <sp:ProtectionToken>
> <wsp:Policy>
> <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
> <wsp:Policy>
> <sp:RequireDerivedKeys/>
> <sp:RequireThumbprintReference/>
> <sp:WssX509V3Token10/>
> </wsp:Policy>
> </sp:X509Token>
> </wsp:Policy>
> </sp:ProtectionToken>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic128Rsa15/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:OnlySignEntireHeadersAndBody/>
> </wsp:Policy>
> </sp:SymmetricBinding>
> </wsp:Policy>
>
> <!-- Policy for symmetric binding, using an ephemeral key generated by the client and
> sent to the server as part of the request, using asymmetric encryption with the server
> public key to secure the symmetric key. -->
> <wsp:Policy wsu:Id="SymmEncr"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
> xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="#SymmBinding"/>
> <sp:Wss11>
> <wsp:Policy>
> <sp:MustSupportRefKeyIdentifier/>
> <sp:MustSupportRefThumbprint/>
> <sp:MustSupportRefEncryptedKey/>
> </wsp:Policy>
> </sp:Wss11>
> </wsp:Policy>
> When trying to use this policy on the client it causes an NPE inside Neethi:
> [java] WARNING: Interceptor for {http://ws.sosnoski.com/library/wsdl}CXFLibrary#{http://ws.sosnoski.com/library/wsdl}getBook has thrown exception, unwinding now
> [java] java.lang.NullPointerException
> [java] at org.apache.neethi.AbstractPolicyOperator.normalizeOperator(AbstractPolicyOperator.java:116)
> [java] at org.apache.neethi.AbstractPolicyOperator.normalize(AbstractPolicyOperator.java:73)
> [java] at org.apache.neethi.Policy.normalize(Policy.java:64)
> [java] at org.apache.neethi.Policy.normalize(Policy.java:49)
> [java] at org.apache.cxf.ws.policy.EffectivePolicyImpl.initialisePolicy(EffectivePolicyImpl.java:134)
> [java] at org.apache.cxf.ws.policy.EffectivePolicyImpl.initialise(EffectivePolicyImpl.java:86)
> [java] at org.apache.cxf.ws.policy.PolicyEngineImpl.getEffectiveClientRequestPolicy(PolicyEngineImpl.java:155)
> [java] at org.apache.cxf.ws.policy.PolicyOutInterceptor.handle(PolicyOutInterceptor.java:110)
> The problem here is that CXF passes a null for the policy context when calling the Policy.normalize() method. Just passing the context should be enough to make this work.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.