NPE thrown when WS-Trust renew binding implementation
-----------------------------------------------------
Key: RAMPART-279
URL: https://issues.apache.org/jira/browse/RAMPART-279
Project: Rampart
Issue Type: Bug
Components: rampart-trust
Reporter: Thilina Buddhika
Assignee: Ruchith Udayanga Fernando
Following error is thrown when trying to renew tokens as per the WS-Trust Renew
binding.
java.lang.NullPointerException
at
sun.security.provider.JavaKeyStore$JKS.convertAlias(JavaKeyStore.java:40)
at
sun.security.provider.JavaKeyStore.engineGetCertificateChain(JavaKeyStore.java:135)
at java.security.KeyStore.getCertificateChain(KeyStore.java:756)
at
org.wso2.carbon.security.util.ServerCrypto.getCertificates(ServerCrypto.java:275)
at
org.apache.rahas.impl.SAMLTokenIssuer.getServiceCert(SAMLTokenIssuer.java:461)
at
org.apache.rahas.impl.SAMLTokenIssuer.createHoKAssertion(SAMLTokenIssuer.java:359)
at org.apache.rahas.impl.SAMLTokenIssuer.issue(SAMLTokenIssuer.java:167)
at
org.apache.rahas.TokenRequestDispatcher.handle(TokenRequestDispatcher.java:70)
at
org.apache.rahas.STSMessageReceiver.invokeBusinessLogic(STSMessageReceiver.java:57)
at
org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
at
org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:114)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:178)
at
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167)
at
org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:142)
This is mainly due to a bug in the Token ID extraction logic when generating
Rahas Data. In the request for token renewal, the token id is sent as a key
identifier. But current implementation does not cover this case. Hence it ends
up with a null value as the token identifier.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
