Comment as first element in document causes NPE
-----------------------------------------------
Key: WSS-234
URL: https://issues.apache.org/jira/browse/WSS-234
Project: WSS4J
Issue Type: Bug
Components: WSS4J Core
Affects Versions: 1.5.8
Reporter: Remco Schaar
Assignee: Ruchith Udayanga Fernando
Priority: Minor
When a document contains a comment as its first child element, wss4j will not
find the SOAP body. This causes a NullPointerException during signature
validation.
For example
<?xml version="1.0"?>
<soap:Body....
with a valid document works, while
<?xml version="1.0?>
<!-- comment about document -->
<soap:Body...
will break.
It appears this is caused by code in org.apache.ws.security.util.WSSecurityUtil
in findBodyElement where getFirstChild from the document is used. This will not
be the expected document root, but a comment node.
Proposed patch:
diff -ru wss4j/src/org/apache/ws/security/util/WSSecurityUtil.java
wss4j-patched/src/org/apache/ws/security/util/WSSecurityUtil.java
--- wss4j/src/org/apache/ws/security/util/WSSecurityUtil.java 2010-07-01
10:01:06.277800000 +0200
+++ wss4j-patched/src/org/apache/ws/security/util/WSSecurityUtil.java
2010-07-01 10:04:55.673000000 +0200
@@ -193,7 +193,7 @@
public static Element findBodyElement(Document doc, SOAPConstants sc) {
Element soapBodyElement =
(Element) WSSecurityUtil.getDirectChild(
- doc.getFirstChild(),
+ doc.getDocumentElement(),
sc.getBodyQName().getLocalPart(),
sc.getEnvelopeURI()
);
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscr...@ws.apache.org
For additional commands, e-mail: wss4j-dev-h...@ws.apache.org
