Skip to main content

/wst:RequestSecurityTokenResponse/wst:Lifetime in WS-SecureConversation

2 replies [Last post]
Anonymous

Hello,
I am facing a WS-SecureConversation error in my Metro 2.0 client
because of a missing /wst:Created element in a
/wst:RequestSecurityTokenResponse/wst:Lifetime.

Here is the incoming RSTR from the STS:

http://www.layer7tech.com/uuid/a3ef065df57ddf2bf5bf24a8ea2144bd5da63cb6

2eIQ0bWLm2cJ26zkyVsdppb4vxOdrWmXKq40nIueiiw=

2010-03-31T10:29:22.052Z

Here is the exception thrown in the Metro client:

javax.xml.ws.WebServiceException: java.lang.NullPointerException
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processRequest(SecurityClientTube.java:243)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:629)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:588)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:573)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:470)
at com.sun.xml.ws.client.Stub.process(Stub.java:319)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:157)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:109)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:89)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:140)
at $Proxy45.greetMe(Unknown Source)
at demo.hw.client.HelloWorldWSClient.main(HelloWorldWSClient.java:65)
Caused by: java.lang.NullPointerException
at com.sun.xml.ws.security.secconv.WSSCClientContract.setLifetime(WSSCClientContract.java:233)
at com.sun.xml.ws.security.secconv.WSSCClientContract.handleRSTR(WSSCClientContract.java:128)
at com.sun.xml.ws.security.secconv.WSSCPlugin.processRequestSecurityTokenResponse(WSSCPlugin.java:799)
at com.sun.xml.ws.security.secconv.WSSCPlugin.process(WSSCPlugin.java:272)
at com.sun.xml.ws.security.secconv.impl.client.SCTokenProviderImpl.issue(SCTokenProviderImpl.java:131)
at com.sun.xml.ws.api.security.trust.client.IssuedTokenManager.getIssuedToken(IssuedTokenManager.java:79)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.invokeSCPlugin(SecurityClientTube.java:464)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processClientRequestPacket(SecurityClientTube.java:267)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processRequest(SecurityClientTube.java:240)
... 11 more

Looking at the com.sun.xml.ws.security.secconv.WSSCClientContract
class, a null value for the Created time is not expected. But looking
at the WS-Trust (e.g. 1.3) specification, the
/wst:RequestSecurityToken/wst:Lifetime/wst:Created is optional. I am
not sure for /wst:RequestSecurityTokenResponse as this not explicitly
stated, unless I am not mistaken.

So is this a bug in Metro? or do (Metro dev team) you think the
Created element should be mandatory in a Lifetime element and why?

Maybe there is some security issue I am missing here.

Thank you for your enlightenment.

KR,
Cyril

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@metro.dev.java.net
For additional commands, e-mail: users-help@metro.dev.java.net

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
jdg6688
Offline
Joined: 2005-11-02

You may file a bug.

Cyril DANGERVILLE

Filed as Issue 1420.

On Wed, Apr 28, 2010 at 10:52 PM, wrote:
> You may file a bug.
> [Message sent by forum member 'jdg6688']
>
> http://forums.java.net/jive/thread.jspa?messageID=399478
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@metro.dev.java.net
> For additional commands, e-mail: users-help@metro.dev.java.net
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@metro.dev.java.net
For additional commands, e-mail: users-help@metro.dev.java.net