You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2013/10/15 11:21:45 UTC

[jira] [Assigned] (CXF-5335) Incorrect handle of ws-policy 1.1 (Incorrect inclusion value: null)

     [ https://issues.apache.org/jira/browse/CXF-5335?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh reassigned CXF-5335:
----------------------------------------

    Assignee: Colm O hEigeartaigh

> Incorrect handle of ws-policy 1.1 (Incorrect inclusion value: null)
> -------------------------------------------------------------------
>
>                 Key: CXF-5335
>                 URL: https://issues.apache.org/jira/browse/CXF-5335
>             Project: CXF
>          Issue Type: Bug
>          Components: WS-* Components
>    Affects Versions: 2.7.6
>            Reporter: Kirill Sokolov
>            Assignee: Colm O hEigeartaigh
>             Fix For: 2.7.8, 2.6.11
>
>
> I created of JAX-WS client for working with "third-party" web service.
> Web service provides the WSDL with ws-policy settings:
> {code:xml}
> <sp:AsymmetricBinding
> 	xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> 	<wsp:Policy>
> 		<sp:InitiatorToken>
> 			<wsp:Policy>
> 				<sp:X509Token
> 					sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
> 					<wsp:Policy>
> 						<sp:WssX509V3Token10 />
> 					</wsp:Policy>
> 				</sp:X509Token>
> 			</wsp:Policy>
> 		</sp:InitiatorToken>
> 		<sp:RecipientToken>
> 			<wsp:Policy>
> 				<sp:X509Token
> 					sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToInitiator">
> 					<wsp:Policy>
> 						<sp:WssX509V3Token10 />
> 					</wsp:Policy>
> 				</sp:X509Token>
> 			</wsp:Policy>
> 		</sp:RecipientToken>
> 		<sp:AlgorithmSuite>
> {code}
> During of the client execution I got next exception:
> {code:java}
> org.apache.cxf.binding.soap.SoapFault: Incorrect inclusion value: null
> Caused by: java.lang.RuntimeException: Incorrect inclusion value: null
> 	at org.apache.cxf.ws.security.policy.model.Token.setInclusion(Token.java:70)
> 	at org.apache.cxf.ws.security.policy.builders.X509TokenBuilder.build(X509TokenBuilder.java:69)
> 	at org.apache.cxf.ws.security.policy.builders.X509TokenBuilder.build(X509TokenBuilder.java:40)
> 	at org.apache.neethi.AssertionBuilderFactoryImpl.invokeBuilder(AssertionBuilderFactoryImpl.java:138)
> 	at org.apache.neethi.AssertionBuilderFactoryImpl.build(AssertionBuilderFactoryImpl.java:117)
> 	at org.apache.neethi.PolicyBuilder.processOperationElement(PolicyBuilder.java:224)
> 	at org.apache.neethi.PolicyBuilder.getPolicyOperator(PolicyBuilder.java:174)
> 	at org.apache.neethi.PolicyBuilder.getPolicy(PolicyBuilder.java:124)
> . . .
> {code}
> After examining the documentation for WS-Policy specification v.1.1, I found a difference in the list of X.509 token inclusions. Specification Errata contains token inclusion as in WSDL: <...>/AlwaysToInitiator. "Base" specification is not contains of that inclusion.
> CXF implementation of ws-policy 1.1 is not contains the constant for "Errata" version of the specification (i.e. not contains constant for http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToInitiator) and as result the code throw RuntimeException.
> In runtime after executing the method from class org.apache.cxf.ws.security.policy.SP11Constants:
> {code:java}
> public IncludeTokenType getInclusionFromAttributeValue(String value) {
>    
>         if (INCLUDE_ALWAYS.equals(value)) {
>             return IncludeTokenType.INCLUDE_TOKEN_ALWAYS;
>         } else if (INCLUDE_ALWAYS_TO_RECIPIENT.equals(value)) {
>             return IncludeTokenType.INCLUDE_TOKEN_ALWAYS_TO_RECIPIENT;
>         } else if (INCLUDE_NEVER.equals(value)) {
>             return IncludeTokenType.INCLUDE_TOKEN_NEVER;
>         } else if (INCLUDE_ONCE.equals(value)) {
>             return IncludeTokenType.INCLUDE_TOKEN_ONCE;
>         }
>         return StringUtils.isEmpty(value) ? IncludeTokenType.INCLUDE_TOKEN_ALWAYS : null;
>     }
> {code}
> return result is NULL and next code from class org.apache.cxf.ws.security.policy.model.Token:
> {code:java}
> public void setInclusion(IncludeTokenType inclusion) {
>         if (IncludeTokenType.INCLUDE_TOKEN_ALWAYS == inclusion
>             || IncludeTokenType.INCLUDE_TOKEN_ALWAYS_TO_RECIPIENT == inclusion
>             || IncludeTokenType.INCLUDE_TOKEN_ALWAYS_TO_INITIATOR == inclusion
>             || IncludeTokenType.INCLUDE_TOKEN_NEVER == inclusion 
>             || IncludeTokenType.INCLUDE_TOKEN_ONCE == inclusion) {
>             this.inclusion = inclusion;
>         } else {
>             // TODO replace this with a proper (WSSPolicyException) exception
>             throw new RuntimeException("Incorrect inclusion value: " + inclusion);
>         }
>     }
> {code}
> throws of RuntimeException...
> Please help me solve this problem!



--
This message was sent by Atlassian JIRA
(v6.1#6144)