You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by "Sundeep Garla (JIRA)" <ji...@apache.org> on 2015/09/24 07:25:04 UTC
[jira] [Updated] (RAMPART-429) Invoking org.apache.rahas.Token.writeExternal(ObjectOutput) breaks token insertion when connecting to the serivce

     [ https://issues.apache.org/jira/browse/RAMPART-429?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Sundeep Garla updated RAMPART-429:
----------------------------------
    Fix Version/s:     (was: 1.6.2)

> Invoking org.apache.rahas.Token.writeExternal(ObjectOutput) breaks token insertion when connecting to the serivce
> -----------------------------------------------------------------------------------------------------------------
>
>                 Key: RAMPART-429
>                 URL: https://issues.apache.org/jira/browse/RAMPART-429
>             Project: Rampart
>          Issue Type: Bug
>          Components: rampart-trust
>    Affects Versions: 1.6.2
>            Reporter: Sundeep Garla
>
> Hello, 
> In our usecase we serialize the Rampart token into secure storage using org.apache.rahas.Token.writeExternal(ObjectOutput out) before rampart handler executes to inject the SAML assertion into security header. Once serialized, It breaks with the following exception:
> {code:title=Error when inserting assertion into security header}
>  java.util.NoSuchElementException: End of the document reached
>                 at org.apache.axiom.om.impl.llom.SwitchingWrapper.next(SwitchingWrapper.java:987)
>                 at javax.xml.stream.util.StreamReaderDelegate.next(StreamReaderDelegate.java:88)
>                 at org.apache.axiom.om.impl.builder.StAXOMBuilder.parserNext(StAXOMBuilder.java:668)
>                 at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:214)
>                 at org.apache.axiom.om.impl.dom.ParentNode.buildNext(ParentNode.java:89)
>                 at org.apache.axiom.om.impl.dom.ChildNode.getNextOMSibling(ChildNode.java:103)
>                 at org.apache.axiom.om.impl.dom.ChildNode.getNextSibling(ChildNode.java:113)
>                 at org.apache.axiom.om.impl.dom.DocumentImpl.importNode(DocumentImpl.java:403)
>                 at org.apache.rampart.util.RampartUtil.appendChildToSecHeader(RampartUtil.java:826)
>                 at org.apache.rampart.util.RampartUtil.insertSiblingAfter(RampartUtil.java:834)
>                 at org.apache.rampart.builder.BindingBuilder.handleSupportingTokens(BindingBuilder.java:380)
>                 at org.apache.rampart.builder.TransportBindingBuilder.build(TransportBindingBuilder.java:148)
>                 at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:140)
>                 at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65)
>                 at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
>                 at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
>                 at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
>                 at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:427)
>                 at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:406)
>                 at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
>                 at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
>                 at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:555)
>                 at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:531)
> {code}
> The above error reported in JIRA's:
> # https://issues.apache.org/jira/browse/AXIOM-439
> # https://issues.apache.org/jira/browse/RAMPART-392
> This is because of method:
> {code:title=org.apache.rahas.Token.java|borderStyle=solid}
> private String convertOMElementToString(OMElement element)
>         throws IOException {
>         String serializedToken = "";
>         if (null == element) {
>             return serializedToken;
>         }
>  try {
>             serializedToken = element.toStringWithConsume();
>         } catch (XMLStreamException e) {
>             throw new IOException("Could not serialize token OM element");
>         }
>         return serializedToken;
>     }
> {code}
> Invoking toStringWithConsume() causes the errors when RampartHandler tries to access the object model to insert <Assertion> into security header. 
> I have patched the above code to invoke OMElement.toString() instead of toStringWithConsume() modified source as below:
> {code:title=org.apache.rahas.Token.java|borderStyle=solid}
>     private String convertOMElementToString(OMElement element)
>         throws IOException {
>         String serializedToken = "";
>         if (null == element) {
>             return serializedToken;
>         }
>         serializedToken = element.toString();
>         return serializedToken;
>     }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org