ws-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andreas Veithen (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AXIOM-423) WSS4J fails when processing SAML Tokens since org.apache.axiom.om.impl.dom.NodeImpl has not implemented some required methods such as lookupNamespaceURI(), hence Rampart Trust module fails.
Date Sun, 27 May 2012 20:09:23 GMT

    [ https://issues.apache.org/jira/browse/AXIOM-423?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13284221#comment-13284221
] 

Andreas Veithen commented on AXIOM-423:
---------------------------------------

Some comments after reviewing your patch:
1. Axiom uses spaces, not tabs for indentation.
2. There is an obvious mistake in the code: it introduces a new attribute "ownerNode", but
there is no code that ever assigns that attribute. However there is code that dereferences
that attribute. This will obviously result in a NullPointerException. Probably that part of
the code has not been tested properly (see next point).
3. There are no unit tests. In Axis2 and related projects it is common practice to implement
changes without ensuring appropriate test coverage. Axiom doesn't do that, but follows commonly
accepted best practices in software development. Can you please write the necessary unit tests?
They should be added to DOMTestSuiteBuilder in axiom-dom-testsuite so that they are validated
against Xerces.
                
> WSS4J fails when processing SAML Tokens since org.apache.axiom.om.impl.dom.NodeImpl has
not implemented some required methods such as lookupNamespaceURI(), hence Rampart Trust module
fails. 
> ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: AXIOM-423
>                 URL: https://issues.apache.org/jira/browse/AXIOM-423
>             Project: Axiom
>          Issue Type: Improvement
>    Affects Versions: 1.2.13
>         Environment: WSS4J 1.6.4, Java 1.6.0.26, Linux
>            Reporter: Suresh Attanayake
>            Priority: Blocker
>         Attachments: Issue-AXIOM-423-resubmit.patch, Issue-AXIOM-423.patch
>
>
> Axiom 1.2.13 implementation's NodeImpl has not implemented methods such as lookupPrefix(),
isDefaultNamespace(), lookupNamespaceURI() etc and they throws UnsupportedOperationException.
But these methods are required methods for WSS4J libraries such as OpenSAML. Since these methods
are not implemented WSS4J fails when processing SAML assertions and hence Rampart Trust module
fails. This is a blocking issue for Apache Rampart. 
> Following is the stack trace you get when trying Apache Rampart policy sample05. For
further info on how to run Rampart samples please refer this http://axis.apache.org/axis2/java/rampart/samples.html.
 
> java.lang.UnsupportedOperationException: TODO
> 	at org.apache.axiom.om.impl.dom.NodeImpl.lookupNamespaceURI(NodeImpl.java:347)
> 	at org.opensaml.xml.util.XMLHelper.getXSIType(XMLHelper.java:132)
> 	at org.opensaml.xml.io.UnmarshallerFactory.getUnmarshaller(UnmarshallerFactory.java:77)
> 	at org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshallChildElement(AbstractXMLObjectUnmarshaller.java:317)
> 	at org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshall(AbstractXMLObjectUnmarshaller.java:121)
> 	at org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshallChildElement(AbstractXMLObjectUnmarshaller.java:334)
> 	at org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshall(AbstractXMLObjectUnmarshaller.java:121)
> 	at org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshallChildElement(AbstractXMLObjectUnmarshaller.java:334)
> 	at org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshall(AbstractXMLObjectUnmarshaller.java:121)
> 	at org.opensaml.saml1.core.impl.AssertionUnmarshaller.unmarshall(AssertionUnmarshaller.java:43)
> 	at org.apache.ws.security.saml.ext.OpenSAMLUtil.fromDom(OpenSAMLUtil.java:84)
> 	at org.apache.ws.security.saml.ext.AssertionWrapper.parseElement(AssertionWrapper.java:678)
> 	at org.apache.ws.security.saml.ext.AssertionWrapper.<init>(AssertionWrapper.java:152)
> 	at org.apache.ws.security.processor.SAMLTokenProcessor.handleSAMLToken(SAMLTokenProcessor.java:109)
> 	at org.apache.ws.security.processor.SAMLTokenProcessor.handleToken(SAMLTokenProcessor.java:53)
> 	at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396)
> 	at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:304)
> 	at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:249)
> 	at org.apache.rampart.RampartEngine.process(RampartEngine.java:132)
> 	at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)
> 	at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
> 	at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
> 	at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
> 	at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:168)
> 	at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172)
> 	at org.apache.axis2.transport.http.HTTPWorker.service(HTTPWorker.java:307)
> 	at org.apache.axis2.transport.http.server.AxisHttpService.doService(AxisHttpService.java:281)
> 	at org.apache.axis2.transport.http.server.AxisHttpService.handleRequest(AxisHttpService.java:187)
> 	at org.apache.axis2.transport.http.server.HttpServiceProcessor.run(HttpServiceProcessor.java:82)
> 	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
> 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
> 	at java.lang.Thread.run(Thread.java:662)
> [ERROR] Error in SAMLToken
> org.apache.axis2.AxisFault: Error in SAMLToken
> 	at org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:180)
> 	at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:95)
> 	at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
> 	at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
> 	at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
> 	at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:168)
> 	at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172)
> 	at org.apache.axis2.transport.http.HTTPWorker.service(HTTPWorker.java:307)
> 	at org.apache.axis2.transport.http.server.AxisHttpService.doService(AxisHttpService.java:281)
> 	at org.apache.axis2.transport.http.server.AxisHttpService.handleRequest(AxisHttpService.java:187)
> 	at org.apache.axis2.transport.http.server.HttpServiceProcessor.run(HttpServiceProcessor.java:82)
> 	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
> 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
> 	at java.lang.Thread.run(Thread.java:662)
> Caused by: org.apache.ws.security.WSSecurityException: Error in SAMLToken
> 	at org.apache.ws.security.processor.SAMLTokenProcessor.handleSAMLToken(SAMLTokenProcessor.java:112)
> 	at org.apache.ws.security.processor.SAMLTokenProcessor.handleToken(SAMLTokenProcessor.java:53)
> 	at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396)
> 	at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:304)
> 	at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:249)
> 	at org.apache.rampart.RampartEngine.process(RampartEngine.java:132)
> 	at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)
> 	... 12 more
>  

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


Mime
View raw message