You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by " Ronny Perinke (Jira)" <ji...@apache.org> on 2023/03/21 11:58:00 UTC
[jira] [Commented] (SANTUARIO-570) javax.xml.crypto.MarshalException: org.w3c.dom.DOMException: NOT_FOUND_ERR: An attempt is made to reference a node in a context where it does not exist.
[ https://issues.apache.org/jira/browse/SANTUARIO-570?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17703165#comment-17703165 ]
Ronny Perinke commented on SANTUARIO-570:
------------------------------------------
still an issue with xmlsec 3.01, jaxws-rt 4.0.1 and saaj-impl 3.0.0 :(
> javax.xml.crypto.MarshalException: org.w3c.dom.DOMException: NOT_FOUND_ERR: An attempt is made to reference a node in a context where it does not exist.
> --------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: SANTUARIO-570
> URL: https://issues.apache.org/jira/browse/SANTUARIO-570
> Project: Santuario
> Issue Type: Bug
> Components: Java
> Affects Versions: Java 2.1.6, Java 2.2.2, Java 3.0.1
> Reporter: Ronny Perinke
> Assignee: Colm O hEigeartaigh
> Priority: Critical
> Labels: jaxws, saaj
> Attachments: metro-jax-ws-issue-226.zip
>
>
> After updating to [jaxws-rt 2.3.4|https://mvnrepository.com/artifact/com.sun.xml.ws/jaxws-rt/2.3.4] with [saaj-impl 1.5.3|https://mvnrepository.com/artifact/com.sun.xml.messaging.saaj/saaj-impl/1.5.3] the following error occurs when validating incoming soap messages secured with ws-security using [wssx-impl 2.4.5|https://mvnrepository.com/artifact/org.glassfish.metro/wssx-impl/2.4.5] and a {{SOAPHandler<SOAPMessageContext>}}.
> {code}
> javax.xml.crypto.MarshalException: org.w3c.dom.DOMException: NOT_FOUND_ERR: An attempt is made to reference a node in a context where it does not exist.
> at com.sun.xml.wss.impl.misc.XWSSProcessor2_0Impl.verifyInboundMessage(XWSSProcessor2_0Impl.java:128)
> at de.test.wss.XMLSignatureUtils.validateWsSec(XMLSignatureUtils.java:160)
> at de.test.wss.handler.SignBodyHandler.verifyMessage(SignBodyHandler.java:165)
> at de.test.wss.handler.SignBodyHandler.handleMessage(SignBodyHandler.java:130)
> at de.test.wss.handler.SignBodyHandler.handleMessage(SignBodyHandler.java:34)
> at com.sun.xml.ws.handler.HandlerProcessor.callHandleMessage(HandlerProcessor.java:259)
> at com.sun.xml.ws.handler.HandlerProcessor.callHandlersRequest(HandlerProcessor.java:110)
> at com.sun.xml.ws.handler.ServerSOAPHandlerTube.callHandlersOnRequest(ServerSOAPHandlerTube.java:108)
> at com.sun.xml.ws.handler.HandlerTube.processRequest(HandlerTube.java:97)
> at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:1106)
> at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:1020)
> at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:989)
> at com.sun.xml.ws.api.pipe.Fiber.run(Fiber.java:783)
> at com.sun.xml.ws.api.pipe.Fiber.start(Fiber.java:390)
> at com.sun.xml.ws.server.WSEndpointImpl.processAsync(WSEndpointImpl.java:348)
> at com.sun.xml.ws.server.WSEndpointImpl.process(WSEndpointImpl.java:378)
> at com.sun.xml.ws.transport.http.HttpAdapter.invokeAsync(HttpAdapter.java:704)
> at com.sun.xml.ws.transport.http.servlet.ServletAdapter.invokeAsync(ServletAdapter.java:182)
> at com.sun.xml.ws.transport.http.servlet.WSServletDelegate.doGet(WSServletDelegate.java:131)
> at com.sun.xml.ws.transport.http.servlet.WSServletDelegate.doPost(WSServletDelegate.java:167)
> at com.sun.xml.ws.transport.http.servlet.WSServlet.doPost(WSServlet.java:51)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:660)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
> at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
> at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690)
> at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
> at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:373)
> at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
> at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
> at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1590)
> at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
> at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
> at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
> at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
> at java.base/java.lang.Thread.run(Thread.java:834)
> Caused by: com.sun.xml.wss.XWSSecurityException: javax.xml.crypto.MarshalException: org.w3c.dom.DOMException: NOT_FOUND_ERR: An attempt is made to reference a node in a context where it does not exist.
> at com.sun.xml.wss.impl.dsig.SignatureProcessor.verify(SignatureProcessor.java:892)
> at com.sun.xml.wss.impl.filter.SignatureFilter.process(SignatureFilter.java:608)
> at com.sun.xml.wss.impl.HarnessUtil.processWSSPolicy(HarnessUtil.java:69)
> at com.sun.xml.wss.impl.HarnessUtil.processDeep(HarnessUtil.java:248)
> at com.sun.xml.wss.impl.SecurityRecipient.processMessagePolicy(SecurityRecipient.java:840)
> at com.sun.xml.wss.impl.SecurityRecipient.processMessagePolicy(SecurityRecipient.java:792)
> at com.sun.xml.wss.impl.SecurityRecipient.validateMessage(SecurityRecipient.java:231)
> at com.sun.xml.wss.impl.misc.XWSSProcessor2_0Impl.verifyInboundMessage(XWSSProcessor2_0Impl.java:126)
> ... 44 more
> Caused by: javax.xml.crypto.MarshalException: org.w3c.dom.DOMException: NOT_FOUND_ERR: An attempt is made to reference a node in a context where it does not exist.
> at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory.unmarshal(DOMXMLSignatureFactory.java:193)
> at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory.unmarshalXMLSignature(DOMXMLSignatureFactory.java:144)
> at com.sun.xml.wss.impl.dsig.SignatureProcessor.verify(SignatureProcessor.java:750)
> ... 51 more
> Caused by: org.w3c.dom.DOMException: NOT_FOUND_ERR: An attempt is made to reference a node in a context where it does not exist.
> at java.xml/com.sun.org.apache.xerces.internal.dom.ElementImpl.setIdAttributeNode(ElementImpl.java:931)
> at com.sun.xml.messaging.saaj.soap.impl.ElementImpl.setIdAttributeNode(ElementImpl.java:1695)
> at org.apache.jcp.xml.dsig.internal.dom.DOMKeyInfo.<init>(DOMKeyInfo.java:104)
> at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.<init>(DOMXMLSignature.java:149)
> at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory.unmarshal(DOMXMLSignatureFactory.java:189)
> ... 53 more
> {code}
> Downgrade saaj-impl to 1.5.2 and the error is gone.
> These are the [changes between saaj-impl 1.5.2 and 1.5.3|https://github.com/eclipse-ee4j/metro-saaj/compare/1.5.2...1.5.3]. I think it is due to [the new cloning behavior|https://github.com/eclipse-ee4j/metro-saaj/commit/b4acaf2b1366f13da1256a171b6bf7f53ce40f59].
--
This message was sent by Atlassian Jira
(v8.20.10#820010)