[
https://issues.apache.org/jira/browse/CXF-3037?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Kulp resolved CXF-3037.
------------------------------
Resolution: Fixed
Fix Version/s: 2.3.2
> Policy references embedded in policy are not processed
> ------------------------------------------------------
>
> Key: CXF-3037
> URL: https://issues.apache.org/jira/browse/CXF-3037
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.2.10
> Reporter: Dennis Sosnoski
> Assignee: Daniel Kulp
> Fix For: 2.3.2
>
>
> WS-Policy allows <wsp:PolicyReference> to be embedded within policy
> documents, but CXF does not handle these references. Here's an example:
>
> <!-- Policy for symmetric binding, using an ephemeral key generated by the
> client and
> sent to the server as part of the request, using asymmetric encryption
> with the server
> public key to secure the symmetric key. -->
> <wsp:Policy wsu:Id="SymmBinding"
>
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";
> xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl";
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
> <sp:SymmetricBinding>
> <wsp:Policy>
> <sp:ProtectionToken>
> <wsp:Policy>
> <sp:X509Token
> sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
> <wsp:Policy>
> <sp:RequireDerivedKeys/>
> <sp:RequireThumbprintReference/>
> <sp:WssX509V3Token10/>
> </wsp:Policy>
> </sp:X509Token>
> </wsp:Policy>
> </sp:ProtectionToken>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic128Rsa15/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:OnlySignEntireHeadersAndBody/>
> </wsp:Policy>
> </sp:SymmetricBinding>
> </wsp:Policy>
>
> <!-- Policy for symmetric binding, using an ephemeral key generated by the
> client and
> sent to the server as part of the request, using asymmetric encryption
> with the server
> public key to secure the symmetric key. -->
> <wsp:Policy wsu:Id="SymmEncr"
>
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";
> xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl";
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
> <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy";
> URI="#SymmBinding"/>
> <sp:Wss11>
> <wsp:Policy>
> <sp:MustSupportRefKeyIdentifier/>
> <sp:MustSupportRefThumbprint/>
> <sp:MustSupportRefEncryptedKey/>
> </wsp:Policy>
> </sp:Wss11>
> </wsp:Policy>
> When trying to use this policy on the client it causes an NPE inside Neethi:
> [java] WARNING: Interceptor for
> {http://ws.sosnoski.com/library/wsdl}CXFLibrary#{http://ws.sosnoski.com/library/wsdl}getBook
> has thrown exception, unwinding now
> [java] java.lang.NullPointerException
> [java] at
> org.apache.neethi.AbstractPolicyOperator.normalizeOperator(AbstractPolicyOperator.java:116)
> [java] at
> org.apache.neethi.AbstractPolicyOperator.normalize(AbstractPolicyOperator.java:73)
> [java] at org.apache.neethi.Policy.normalize(Policy.java:64)
> [java] at org.apache.neethi.Policy.normalize(Policy.java:49)
> [java] at
> org.apache.cxf.ws.policy.EffectivePolicyImpl.initialisePolicy(EffectivePolicyImpl.java:134)
> [java] at
> org.apache.cxf.ws.policy.EffectivePolicyImpl.initialise(EffectivePolicyImpl.java:86)
> [java] at
> org.apache.cxf.ws.policy.PolicyEngineImpl.getEffectiveClientRequestPolicy(PolicyEngineImpl.java:155)
> [java] at
> org.apache.cxf.ws.policy.PolicyOutInterceptor.handle(PolicyOutInterceptor.java:110)
> The problem here is that CXF passes a null for the policy context when
> calling the Policy.normalize() method. Just passing the context should be
> enough to make this work.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
