You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by "S.Uthaiyashankar (JIRA)" <ji...@apache.org> on 2010/12/21 15:04:01 UTC
[jira] Assigned: (RAMPART-290) NullPointerException in
RampartEngine.isSecurityFault if the incoming fault message contains an
invalid fault code element
[ https://issues.apache.org/jira/browse/RAMPART-290?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
S.Uthaiyashankar reassigned RAMPART-290:
----------------------------------------
Assignee: S.Uthaiyashankar (was: Ruchith Udayanga Fernando)
> NullPointerException in RampartEngine.isSecurityFault if the incoming fault message contains an invalid fault code element
> --------------------------------------------------------------------------------------------------------------------------
>
> Key: RAMPART-290
> URL: https://issues.apache.org/jira/browse/RAMPART-290
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.5
> Reporter: Dave Bryant
> Assignee: S.Uthaiyashankar
> Fix For: NextVersion
>
>
> Rampart evaluates incoming fault messages to see if they appear to be security faults, so that it knows if it should apply the security policy to them. Currently this causes a NullPointerException if the SOAP fault either doesn't contain a fault code, or contains a fault code that AXIOM fails to parse correctly.
> For example, the following message qualifies the faultcode element with the soap namespace. This is not expected by AXIOM so it returns null when the fault code is requested:
> {code:xml}
> <?xml version="1.0"?>
> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
> <soap:Header/>
> <soap:Body>
> <soap:Fault>
> <soap:faultcode>Client</soap:faultcode>
> <soap:faultstring>Error Handling Incoming Document</soap:faultstring>
> <soap:faultactor>http://127.0.0.1:8080/web/SOAP/ITKIntegrationHandler.pws</soap:faultactor>
> <soap:detail>
> <ToolkitErrorInfo xmlns="http://www.nhs.cfh.org/interoperability.toolkit/ToolkitUtilities/1.0">
> <ErrorID>D1DFCE50-3749-11DF-A3A6-001111077E2C</ErrorID>
> <ErrorCode codeSystem="2.16.840.1.113883.2.1.3.2.4.17.999" displayName="Error Handling Incoming Document">999</ErrorCode>
> <ErrorText>Processing is already underway for a document with this ID (EB876DA7-19A0-40E4-9D01-866958D13653). On the fly document version changes are not yet supported</ErrorText>
> <ErrorDiagnosticText>9a.lang.Exception
> </ErrorDiagnosticText>
> </ToolkitErrorInfo>
> </soap:detail>
> </soap:Fault>
> </soap:Body>
> </soap:Envelope>
> {code}
> The null pointer exception then occurs in RampartEngine.isSecurityFault():
> {code}
> ...
> Caused by: java.lang.NullPointerException
> at org.apache.rampart.RampartEngine.isSecurityFault(RampartEngine.java:294)
> at org.apache.rampart.RampartEngine.process(RampartEngine.java:85)
> at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:318)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:251)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:160)
> at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:364)
> at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:417)
> at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
> at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
> ...
> {code}
> I'm still investigating whether the failure to parse the fault code element is a bug in AXIOM or not, but in any case Rampart should not cause a null pointer exception if the fault code is not available.
> The following patch fixes the problem:
> {code}
> Index: src/main/java/org/apache/rampart/RampartEngine.java
> ===================================================================
> --- src/main/java/org/apache/rampart/RampartEngine.java (revision 62317)
> +++ src/main/java/org/apache/rampart/RampartEngine.java (working copy)
> @@ -291,17 +291,19 @@
> SOAPFaultCode faultCode = soapFault.getCode();
>
> // This is a fault processing the security header
> - if (faultCode.getTextAsQName().getNamespaceURI().equals(WSConstants.WSSE_NS)) {
> - return true;
> - }
> + if (faultCode != null && faultCode.getTextAsQName().getNamespaceURI().equals(WSConstants.WSSE_NS)) {
> + return true;
> + }
>
>
> } else if (soapVersionURI.equals(SOAP12Constants.SOAP_ENVELOPE_NAMESPACE_URI)) {
>
> //TODO AXIOM API returns only one fault sub code, there can be many
> - SOAPFaultSubCode faultSubCode = soapFault.getCode().getSubCode();
> -
> - if (faultSubCode != null) {
> + final SOAPFaultCode faultCode = soapFault.getCode();
> + if (faultCode != null) {
> + SOAPFaultSubCode faultSubCode = faultCode.getSubCode();
> +
> + if (faultSubCode != null) {
> SOAPFaultValue faultSubCodeValue = faultSubCode.getValue();
>
> // This is a fault processing the security header
> @@ -309,8 +311,8 @@
> faultSubCodeValue.getTextAsQName().getNamespaceURI().equals(WSConstants.WSSE_NS)) {
> return true;
> }
> - }
> -
> + }
> + }
> }
>
> return false;
> {code}
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org