[ https://issues.apache.org/jira/browse/CXF-8907?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andriy Redko resolved CXF-8907. ------------------------------- Resolution: Fixed > java.lang.NullPointerException at AsymmetricBindingHandler.java > ---------------------------------------------------------------- > > Key: CXF-8907 > URL: https://issues.apache.org/jira/browse/CXF-8907 > Project: CXF > Issue Type: Bug > Components: JAX-RS Security > Affects Versions: 3.3.9, 3.4.10, 3.5.6, 3.6.1, 4.0.2 > Reporter: Rich M > Assignee: Andriy Redko > Priority: Critical > Fix For: 3.4.11, 3.5.7, 3.6.2, 4.0.3 > > Attachments: image-2023-07-27-21-41-35-390.png > > > I am facing an issue with CXF PolicyBasedWSS4JOutInterceptor. The class > AsymmetricBindingHandler.java has a method getSAMLToken(). Previous version > of this class (cxf-rt-ws-security-2.7.14.jar) had a null check for > RECV_RESULTS, but the newer versions (using > cxf-rt-ws-security-3.3.12.redhat-00001.jar) removed the null check, which now > leads to NullPointerException. > Stacktrace: > Caused by: java.lang.NullPointerException > at > org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.getSAMLToken(AsymmetricBindingHandler.java:818) > [cxf-rt-ws-security.jar:3.3.12.redhat-00001] > at > org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:159) > [cxf-rt-ws-security.jar:3.3.12.redhat-00001] > !image-2023-07-27-21-41-35-390.png! > -- This message was sent by Atlassian Jira (v8.20.10#820010)