[JBoss JIRA] Created: (JBWS-1948) Optional SOAP Header element is required by WSSecurityHandlerServer handler.
10:23 a.m.
Optional SOAP Header element is required by WSSecurityHandlerServer handler.
----------------------------------------------------------------------------
Key: JBWS-1948
URL: http://jira.jboss.com/jira/browse/JBWS-1948
Project: JBoss Web Services
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: ws-security
Affects Versions: jbossws-2.0.2
Reporter: Sławomir Wojtasiak
When jbossws is configured to "use
org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer" JaxWS handler, all
SOAP messages have to contain optional Header element. Messages which do not contain this
element causes NullPointerException.
Class: WSSecurityDispatcher
Method: public static void handleInbound(CommonMessageContext ctx) throws SOAPException,
SOAPFaultException
// soapHeader is null for messages without header element.
SOAPHeader soapHeader = soapMessage.getSOAPHeader();
QName secQName = new QName(Constants.WSSE_NS, "Security");
// Method findElement try to use soapHeader without checking against null first and causes
NullPointerException.
Element secHeaderElement = Util.findElement(soapHeader, secQName);
Workaround:
SOAPHeader soapHeader = soapMessage.getSOAPHeader();
Element secHeaderElement = null;
if( soapHeader != null ) {
QName secQName = new QName(Constants.WSSE_NS, "Security");
secHeaderElement = Util.findElement(soapHeader, secQName);
}
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:32 a.m.
New subject: [JBoss JIRA] Updated: (JBWS-1948) Optional SOAP Header element is required by WSSecurityHandlerServer handler.
[ http://jira.jboss.com/jira/browse/JBWS-1948?page=all ]
Sławomir Wojtasiak updated JBWS-1948:
-------------------------------------
Attachment: patch.txt
Workaround
Optional SOAP Header element is required by WSSecurityHandlerServer
handler.
----------------------------------------------------------------------------
Key: JBWS-1948
URL: http://jira.jboss.com/jira/browse/JBWS-1948
Project: JBoss Web Services
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: ws-security
Affects Versions: jbossws-2.0.2
Reporter: Sławomir Wojtasiak
Attachments: patch.txt
When jbossws is configured to "use
org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer" JaxWS handler, all
SOAP messages have to contain optional Header element. Messages which do not contain this
element causes NullPointerException.
Class: WSSecurityDispatcher
Method: public static void handleInbound(CommonMessageContext ctx) throws SOAPException,
SOAPFaultException
// soapHeader is null for messages without header element.
SOAPHeader soapHeader = soapMessage.getSOAPHeader();
QName secQName = new QName(Constants.WSSE_NS, "Security");
// Method findElement try to use soapHeader without checking against null first and
causes NullPointerException.
Element secHeaderElement = Util.findElement(soapHeader, secQName);
Workaround:
SOAPHeader soapHeader = soapMessage.getSOAPHeader();
Element secHeaderElement = null;
if( soapHeader != null ) {
QName secQName = new QName(Constants.WSSE_NS, "Security");
secHeaderElement = Util.findElement(soapHeader, secQName);
}
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:08 p.m.
New subject: [JBoss JIRA] Updated: (JBWS-1948) Optional SOAP Header element is required by WSSecurityHandlerServer handler.
[ http://jira.jboss.com/jira/browse/JBWS-1948?page=all ]
Alessio Soldano updated JBWS-1948:
----------------------------------
Fix Version/s: jbossws-native-2.0.4
Optional SOAP Header element is required by WSSecurityHandlerServer
handler.
----------------------------------------------------------------------------
Key: JBWS-1948
URL: http://jira.jboss.com/jira/browse/JBWS-1948
Project: JBoss Web Services
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: ws-security
Affects Versions: jbossws-2.0.2
Reporter: S?awomir Wojtasiak
Assigned To: Alessio Soldano
Fix For: jbossws-native-2.0.4
Attachments: patch.txt
When jbossws is configured to "use
org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer" JaxWS handler, all
SOAP messages have to contain optional Header element. Messages which do not contain this
element causes NullPointerException.
Class: WSSecurityDispatcher
Method: public static void handleInbound(CommonMessageContext ctx) throws SOAPException,
SOAPFaultException
// soapHeader is null for messages without header element.
SOAPHeader soapHeader = soapMessage.getSOAPHeader();
QName secQName = new QName(Constants.WSSE_NS, "Security");
// Method findElement try to use soapHeader without checking against null first and
causes NullPointerException.
Element secHeaderElement = Util.findElement(soapHeader, secQName);
Workaround:
SOAPHeader soapHeader = soapMessage.getSOAPHeader();
Element secHeaderElement = null;
if( soapHeader != null ) {
QName secQName = new QName(Constants.WSSE_NS, "Security");
secHeaderElement = Util.findElement(soapHeader, secQName);
}
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:37 p.m.
New subject: [JBoss JIRA] Commented: (JBWS-1948) Optional SOAP Header element is required by WSSecurityHandlerServer handler.
[ http://jira.jboss.com/jira/browse/JBWS-1948?page=comments#action_12412618 ]
Norbert Schollum commented on JBWS-1948:
----------------------------------------
hi, can sbd give a link to the specification, which exactly defines that:
if a outgoing request has wsse headers, the incoming response is required to have those
headers also ?
Optional SOAP Header element is required by WSSecurityHandlerServer
handler.
----------------------------------------------------------------------------
Key: JBWS-1948
URL: http://jira.jboss.com/jira/browse/JBWS-1948
Project: JBoss Web Services
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: ws-security
Affects Versions: jbossws-2.0.2
Reporter: S?awomir Wojtasiak
Assigned To: Alessio Soldano
Fix For: jbossws-native-3.0.1
Attachments: patch.txt
When jbossws is configured to "use
org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer" JaxWS handler, all
SOAP messages have to contain optional Header element. Messages which do not contain this
element causes NullPointerException.
Class: WSSecurityDispatcher
Method: public static void handleInbound(CommonMessageContext ctx) throws SOAPException,
SOAPFaultException
// soapHeader is null for messages without header element.
SOAPHeader soapHeader = soapMessage.getSOAPHeader();
QName secQName = new QName(Constants.WSSE_NS, "Security");
// Method findElement try to use soapHeader without checking against null first and
causes NullPointerException.
Element secHeaderElement = Util.findElement(soapHeader, secQName);
Workaround:
SOAPHeader soapHeader = soapMessage.getSOAPHeader();
Element secHeaderElement = null;
if( soapHeader != null ) {
QName secQName = new QName(Constants.WSSE_NS, "Security");
secHeaderElement = Util.findElement(soapHeader, secQName);
}
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
5:32 p.m.
New subject: [JBoss JIRA] Updated: (JBWS-1948) Optional SOAP Header element is required by WSSecurityHandlerServer handler.
[ http://jira.jboss.com/jira/browse/JBWS-1948?page=all ]
Darran Lofthouse updated JBWS-1948:
-----------------------------------
Comment: was deleted
Optional SOAP Header element is required by WSSecurityHandlerServer
handler.
----------------------------------------------------------------------------
Key: JBWS-1948
URL: http://jira.jboss.com/jira/browse/JBWS-1948
Project: JBoss Web Services
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: ws-security
Affects Versions: jbossws-2.0.2
Reporter: S?awomir Wojtasiak
Assigned To: Alessio Soldano
Fix For: jbossws-native-3.0.1
Attachments: patch.txt
When jbossws is configured to "use
org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer" JaxWS handler, all
SOAP messages have to contain optional Header element. Messages which do not contain this
element causes NullPointerException.
Class: WSSecurityDispatcher
Method: public static void handleInbound(CommonMessageContext ctx) throws SOAPException,
SOAPFaultException
// soapHeader is null for messages without header element.
SOAPHeader soapHeader = soapMessage.getSOAPHeader();
QName secQName = new QName(Constants.WSSE_NS, "Security");
// Method findElement try to use soapHeader without checking against null first and
causes NullPointerException.
Element secHeaderElement = Util.findElement(soapHeader, secQName);
Workaround:
SOAPHeader soapHeader = soapMessage.getSOAPHeader();
Element secHeaderElement = null;
if( soapHeader != null ) {
QName secQName = new QName(Constants.WSSE_NS, "Security");
secHeaderElement = Util.findElement(soapHeader, secQName);
}
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
5814
days inactive
5945
days old
jbossws-issues@lists.jboss.org
4 comments
4 participants
participants (4)
-
Alessio Soldano (JIRA) -
Darran Lofthouse (JIRA)
-
Norbert Schollum (JIRA)
-
Sławomir Wojtasiak (JIRA)