[jira] [Updated] (FEDIZ-137) IDP Login Cancel does not work
[ https://issues.apache.org/jira/browse/FEDIZ-137?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh updated FEDIZ-137: -- Fix Version/s: (was: 1.3.1) 1.3.2 > IDP Login Cancel does not work > -- > > Key: FEDIZ-137 > URL: https://issues.apache.org/jira/browse/FEDIZ-137 > Project: CXF-Fediz > Issue Type: Bug > Components: IDP >Reporter: Sergey Beryozkin > Fix For: 1.3.2 > > > 'Cancel' does not seem to work. > When a user goes to a realm selection page: and presses 'Cancel' there, the > form does not react, though something changes in the server output, and then > the 2nd Cancel results in a user being asked to enter the name and password. > If the user selects a realm, and when asked to to enter the name and > password: > - if Cancel is pressed immediately in the name/password dialog then the user > sees 401 reported by Tomcat itself, with the browser staying at > "https://localhost:8443/fediz-idp/federation/up"; > - If a user enters a wrong name/password first and then on a second try > presses Cancel - 401 is returned by this time from Spring Security: > "HTTP Status 401 - No AuthenticationProvider found for > org.springframework.security.authentication.UsernamePasswordAuthenticationToken" > > In all the cases the user is 'locked' on the IDP endpoint with no way to > return. > The user should be optionally redirected back to the RP which is where the > interaction with the user can be controlled better if needed in cases of > Cancel given that Cancel is a message from the user that the user wishes to > leave the login process hence 401 is not appropriate. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (FEDIZ-136) Better handling of the partner IDP unavailability
[ https://issues.apache.org/jira/browse/FEDIZ-136?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh updated FEDIZ-136: -- Fix Version/s: (was: 1.3.1) 1.3.2 > Better handling of the partner IDP unavailability > - > > Key: FEDIZ-136 > URL: https://issues.apache.org/jira/browse/FEDIZ-136 > Project: CXF-Fediz > Issue Type: Improvement > Components: IDP >Reporter: Sergey Beryozkin >Priority: Minor > Fix For: 1.3.2 > > > If the partner IDP is not available then the user sees a Failed to Connect > browser exception - instead a user should see a form saying the given partner > IDP is not available with a link to the main realm/IDP selection form - or > perhaps return an auth error... -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CXF-6991) WS-RM - Request context properties are lost when sending subsequent protocol message
[
https://issues.apache.org/jira/browse/CXF-6991?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15413188#comment-15413188
]
Freeman Fang commented on CXF-6991:
---
Hi Tomohisa,
To make the testContextProperty work, you just need add one line.
{code}
client.getEndpoint().getEndpointInfo().getProperties().putAll(requestContext);
{code}
so that the requestContext would be copyed into the SoapMessage created by the
RMClient later on. I don't think this is a bug in CXF, just the way how you can
use the CXF api to manipulate the requestContext, could you please change
camel-cxf producer accordingly?
Cheers
Freeman
> WS-RM - Request context properties are lost when sending subsequent protocol
> message
>
>
> Key: CXF-6991
> URL: https://issues.apache.org/jira/browse/CXF-6991
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
>Affects Versions: 2.7.18, 3.1.7
>Reporter: Tomohisa Igarashi
>Assignee: Freeman Fang
> Attachments: cxf-ws-rm-context-property.tgz
>
>
> We hit "No SAML CallbackHandler available" error when it's sending
> TerminateSequence.
> {code}
> 20:44:32,416 SEVERE [org.apache.cxf.ws.rm.Proxy] (default-workqueue-1) Failed
> to send RM protocol message
> {http://schemas.xmlsoap.org/ws/2005/02/rm}TerminateSequence.:
> org.apache.cxf.interceptor.Fault: No SAML CallbackHandler available
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:198)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:98)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:176)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:90)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:572)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:481)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:393)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.ws.rm.Proxy.invoke(Proxy.java:295)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.ws.rm.Proxy.terminate(Proxy.java:101)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.SourceSequence.setAcknowledged(SourceSequence.java:159)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.RMInInterceptor.processAcknowledgments(RMInInterceptor.java:191)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.RMInInterceptor.handle(RMInInterceptor.java:163)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.AbstractRMInterceptor.handleMessage(AbstractRMInterceptor.java:83)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:831)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1642)
> [cxf-rt-transports-http-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream$1.run(HTTPConduit.java:1133)
> [cxf-rt-transports-http-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.workqueue.AutomaticWorkQueueImpl$3.run(AutomaticWorkQueueImpl.java:428)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> [rt.jar:1.8.0_101]
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> [rt.jar:1.8.0_101]
> at
> org.apache.cxf.workqueue.AutomaticWorkQueueImpl$AWQThreadFactory$1.run(AutomaticWorkQueueImpl.java:353)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at jav
[jira] [Commented] (CXF-6991) WS-RM - Request context properties are lost when sending subsequent protocol message
[
https://issues.apache.org/jira/browse/CXF-6991?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15413217#comment-15413217
]
Tomohisa Igarashi commented on CXF-6991:
Thanks for the reply [~ffang] - hmm it sounds inconsistent as the request
context properties are effective for CreateSequence and actual application
messages. Is there any reason why it shouldn't preserve request context
properties for the background protocol message exchange? should endpoint
properties not be passed in as a request context property at all?
> WS-RM - Request context properties are lost when sending subsequent protocol
> message
>
>
> Key: CXF-6991
> URL: https://issues.apache.org/jira/browse/CXF-6991
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
>Affects Versions: 2.7.18, 3.1.7
>Reporter: Tomohisa Igarashi
>Assignee: Freeman Fang
> Attachments: cxf-ws-rm-context-property.tgz
>
>
> We hit "No SAML CallbackHandler available" error when it's sending
> TerminateSequence.
> {code}
> 20:44:32,416 SEVERE [org.apache.cxf.ws.rm.Proxy] (default-workqueue-1) Failed
> to send RM protocol message
> {http://schemas.xmlsoap.org/ws/2005/02/rm}TerminateSequence.:
> org.apache.cxf.interceptor.Fault: No SAML CallbackHandler available
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:198)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:98)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:176)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:90)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:572)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:481)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:393)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.ws.rm.Proxy.invoke(Proxy.java:295)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.ws.rm.Proxy.terminate(Proxy.java:101)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.SourceSequence.setAcknowledged(SourceSequence.java:159)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.RMInInterceptor.processAcknowledgments(RMInInterceptor.java:191)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.RMInInterceptor.handle(RMInInterceptor.java:163)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.AbstractRMInterceptor.handleMessage(AbstractRMInterceptor.java:83)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:831)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1642)
> [cxf-rt-transports-http-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream$1.run(HTTPConduit.java:1133)
> [cxf-rt-transports-http-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.workqueue.AutomaticWorkQueueImpl$3.run(AutomaticWorkQueueImpl.java:428)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> [rt.jar:1.8.0_101]
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> [rt.jar:1.8.0_101]
> at
> org.apache.cxf.workqueue.AutomaticWorkQueueImpl$AWQThreadFactory$1.run(AutomaticWorkQueueImpl.java:353)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_101]
> Caused by: org.apache.cxf.ws
[jira] [Created] (CXF-7003) Allow STS Tokens to have an optional ID
Colm O hEigeartaigh created CXF-7003: Summary: Allow STS Tokens to have an optional ID Key: CXF-7003 URL: https://issues.apache.org/jira/browse/CXF-7003 Project: CXF Issue Type: Bug Affects Versions: 3.1.7 Reporter: Colm O hEigeartaigh Assignee: Colm O hEigeartaigh Fix For: 3.2.0, 3.1.8 Right now, the AbstractSTSClient throws an exception if it can't find an Id in a token retrieved from an STS. However, there are some use-cases, for example if the token is encrypted and we just want to include it in the service request, where an ID isn't required. This task is to allow STS tokens to have an optional Id. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CXF-6991) WS-RM - Request context properties are lost when sending subsequent protocol message
[
https://issues.apache.org/jira/browse/CXF-6991?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15413287#comment-15413287
]
Freeman Fang commented on CXF-6991:
---
Hi Tomohisa,
Because we need add the properties to the endpoint but not for a specific
invocation with a specific client, and the correct way to add the properties
to the endpoint is like
{code}
client.getEndpoint().getEndpointInfo().getProperties().putAll(properties);
{code}
Actually the testContextProperty should be like, this is equivalent as the
spring properties configuration IMO.
{code}
@Test
public void testContextProperty() throws Exception {
ClassPathXmlApplicationContext context =
new
ClassPathXmlApplicationContext("org/apache/cxf/systest/ws/rm/sec/client-policy.xml");
Greeter greeter =
(Greeter)context.getBean("GreeterCombinedClientNoProperty");
Client client = ClientProxy.getClient(greeter);
QName operationQName = new
QName("http://cxf.apache.org/greeter_control";, "greetMe");
BindingOperationInfo boi =
client.getEndpoint().getBinding().getBindingInfo().getOperation(operationQName);
Map properties = new HashMap();
properties.put("ws-security.username", "Alice");
properties.put("ws-security.callback-handler",
"org.apache.cxf.systest.ws.rm.sec.UTPasswordCallback");
properties.put("ws-security.encryption.properties", "bob.properties");
properties.put("ws-security.encryption.username", "bob");
properties.put("ws-security.signature.properties", "alice.properties");
properties.put("ws-security.signature.username", "alice");
client.getEndpoint().getEndpointInfo().getProperties().putAll(properties);
GreetMe param = new GreetMe();
param.setRequestType("testContextProperty");
Object[] answer = client.invoke(boi, new Object[]{param});
Assert.assertEquals("TESTCONTEXTPROPERTY", answer[0].toString());
System.out.println("Waiting 5 secs...");
Thread.sleep(5000);
}
{code}
Freeman
> WS-RM - Request context properties are lost when sending subsequent protocol
> message
>
>
> Key: CXF-6991
> URL: https://issues.apache.org/jira/browse/CXF-6991
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
>Affects Versions: 2.7.18, 3.1.7
>Reporter: Tomohisa Igarashi
>Assignee: Freeman Fang
> Attachments: cxf-ws-rm-context-property.tgz
>
>
> We hit "No SAML CallbackHandler available" error when it's sending
> TerminateSequence.
> {code}
> 20:44:32,416 SEVERE [org.apache.cxf.ws.rm.Proxy] (default-workqueue-1) Failed
> to send RM protocol message
> {http://schemas.xmlsoap.org/ws/2005/02/rm}TerminateSequence.:
> org.apache.cxf.interceptor.Fault: No SAML CallbackHandler available
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:198)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:98)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:176)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:90)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:572)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:481)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:393)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.ws.rm.Proxy.invoke(Proxy.java:295)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.ws.rm.Proxy.terminate(Proxy.java:101)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.SourceSequence.setAcknowledged(SourceSequence.java:159)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.RMInInterceptor.processAcknowledgments(RMInInterceptor.java:191)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.RMInIntercept
[jira] [Comment Edited] (CXF-6991) WS-RM - Request context properties are lost when sending subsequent protocol message
[
https://issues.apache.org/jira/browse/CXF-6991?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15413287#comment-15413287
]
Freeman Fang edited comment on CXF-6991 at 8/9/16 9:36 AM:
---
Hi Tomohisa,
Because we need add the properties to the endpoint but not for a specific
invocation with a specific client, and the correct way to add the properties
to the endpoint is like
{code}
client.getEndpoint().getEndpointInfo().getProperties().putAll(properties);
{code}
Actually the testContextProperty should be like this, no explicit
invocationContext needed at all, this is equivalent as the spring properties
configuration IMO.
{code}
@Test
public void testContextProperty() throws Exception {
ClassPathXmlApplicationContext context =
new
ClassPathXmlApplicationContext("org/apache/cxf/systest/ws/rm/sec/client-policy.xml");
Greeter greeter =
(Greeter)context.getBean("GreeterCombinedClientNoProperty");
Client client = ClientProxy.getClient(greeter);
QName operationQName = new
QName("http://cxf.apache.org/greeter_control";, "greetMe");
BindingOperationInfo boi =
client.getEndpoint().getBinding().getBindingInfo().getOperation(operationQName);
Map properties = new HashMap();
properties.put("ws-security.username", "Alice");
properties.put("ws-security.callback-handler",
"org.apache.cxf.systest.ws.rm.sec.UTPasswordCallback");
properties.put("ws-security.encryption.properties", "bob.properties");
properties.put("ws-security.encryption.username", "bob");
properties.put("ws-security.signature.properties", "alice.properties");
properties.put("ws-security.signature.username", "alice");
client.getEndpoint().getEndpointInfo().getProperties().putAll(properties);
GreetMe param = new GreetMe();
param.setRequestType("testContextProperty");
Object[] answer = client.invoke(boi, new Object[]{param});
Assert.assertEquals("TESTCONTEXTPROPERTY", answer[0].toString());
System.out.println("Waiting 5 secs...");
Thread.sleep(5000);
}
{code}
Freeman
was (Author: ffang):
Hi Tomohisa,
Because we need add the properties to the endpoint but not for a specific
invocation with a specific client, and the correct way to add the properties
to the endpoint is like
{code}
client.getEndpoint().getEndpointInfo().getProperties().putAll(properties);
{code}
Actually the testContextProperty should be like, this is equivalent as the
spring properties configuration IMO.
{code}
@Test
public void testContextProperty() throws Exception {
ClassPathXmlApplicationContext context =
new
ClassPathXmlApplicationContext("org/apache/cxf/systest/ws/rm/sec/client-policy.xml");
Greeter greeter =
(Greeter)context.getBean("GreeterCombinedClientNoProperty");
Client client = ClientProxy.getClient(greeter);
QName operationQName = new
QName("http://cxf.apache.org/greeter_control";, "greetMe");
BindingOperationInfo boi =
client.getEndpoint().getBinding().getBindingInfo().getOperation(operationQName);
Map properties = new HashMap();
properties.put("ws-security.username", "Alice");
properties.put("ws-security.callback-handler",
"org.apache.cxf.systest.ws.rm.sec.UTPasswordCallback");
properties.put("ws-security.encryption.properties", "bob.properties");
properties.put("ws-security.encryption.username", "bob");
properties.put("ws-security.signature.properties", "alice.properties");
properties.put("ws-security.signature.username", "alice");
client.getEndpoint().getEndpointInfo().getProperties().putAll(properties);
GreetMe param = new GreetMe();
param.setRequestType("testContextProperty");
Object[] answer = client.invoke(boi, new Object[]{param});
Assert.assertEquals("TESTCONTEXTPROPERTY", answer[0].toString());
System.out.println("Waiting 5 secs...");
Thread.sleep(5000);
}
{code}
Freeman
> WS-RM - Request context properties are lost when sending subsequent protocol
> message
>
>
> Key: CXF-6991
> URL: https://issues.apache.org/jira/browse/CXF-6991
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
>Affects Versions: 2.7.18, 3.1.7
>Reporter: Tomohisa Igarashi
>Assignee: Freeman Fang
> Attachments: cxf-ws-rm-context-property.tgz
>
>
> We hit "No SAML CallbackHandler available" error when it's sending
> TerminateSequence.
> {code}
> 20:44:32,416 SEVERE [org.apache.cxf.ws.rm.Proxy] (default-workqueue-1) Failed
> to send RM protocol message
> {http://schemas.xmlsoap.org/ws/2005/02/rm}TerminateSequence.:
> org.apach
[jira] [Commented] (CXF-6991) WS-RM - Request context properties are lost when sending subsequent protocol message
[
https://issues.apache.org/jira/browse/CXF-6991?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15413293#comment-15413293
]
Tomohisa Igarashi commented on CXF-6991:
I think it works if the credentials are constant, but what if, say we want to
change the ws-security.username per invocation basis?
> WS-RM - Request context properties are lost when sending subsequent protocol
> message
>
>
> Key: CXF-6991
> URL: https://issues.apache.org/jira/browse/CXF-6991
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
>Affects Versions: 2.7.18, 3.1.7
>Reporter: Tomohisa Igarashi
>Assignee: Freeman Fang
> Attachments: cxf-ws-rm-context-property.tgz
>
>
> We hit "No SAML CallbackHandler available" error when it's sending
> TerminateSequence.
> {code}
> 20:44:32,416 SEVERE [org.apache.cxf.ws.rm.Proxy] (default-workqueue-1) Failed
> to send RM protocol message
> {http://schemas.xmlsoap.org/ws/2005/02/rm}TerminateSequence.:
> org.apache.cxf.interceptor.Fault: No SAML CallbackHandler available
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:198)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:98)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:176)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:90)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:572)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:481)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:393)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.ws.rm.Proxy.invoke(Proxy.java:295)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.ws.rm.Proxy.terminate(Proxy.java:101)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.SourceSequence.setAcknowledged(SourceSequence.java:159)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.RMInInterceptor.processAcknowledgments(RMInInterceptor.java:191)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.RMInInterceptor.handle(RMInInterceptor.java:163)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.AbstractRMInterceptor.handleMessage(AbstractRMInterceptor.java:83)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:831)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1642)
> [cxf-rt-transports-http-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream$1.run(HTTPConduit.java:1133)
> [cxf-rt-transports-http-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.workqueue.AutomaticWorkQueueImpl$3.run(AutomaticWorkQueueImpl.java:428)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> [rt.jar:1.8.0_101]
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> [rt.jar:1.8.0_101]
> at
> org.apache.cxf.workqueue.AutomaticWorkQueueImpl$AWQThreadFactory$1.run(AutomaticWorkQueueImpl.java:353)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_101]
> Caused by: org.apache.cxf.ws.policy.PolicyException: No SAML CallbackHandler
> available
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:315)
> [cxf-rt-ws-security-2.7.18.red
[jira] [Resolved] (CXF-7003) Allow STS Tokens to have an optional ID
[ https://issues.apache.org/jira/browse/CXF-7003?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved CXF-7003. -- Resolution: Fixed > Allow STS Tokens to have an optional ID > --- > > Key: CXF-7003 > URL: https://issues.apache.org/jira/browse/CXF-7003 > Project: CXF > Issue Type: Bug >Affects Versions: 3.1.7 >Reporter: Colm O hEigeartaigh >Assignee: Colm O hEigeartaigh > Fix For: 3.2.0, 3.1.8 > > > Right now, the AbstractSTSClient throws an exception if it can't find an Id > in a token retrieved from an STS. However, there are some use-cases, for > example if the token is encrypted and we just want to include it in the > service request, where an ID isn't required. This task is to allow STS tokens > to have an optional Id. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CXF-6991) WS-RM - Request context properties are lost when sending subsequent protocol message
[
https://issues.apache.org/jira/browse/CXF-6991?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15413322#comment-15413322
]
Tomohisa Igarashi commented on CXF-6991:
This document explicitly describes the security properties can be set via
RequestContext at the bottom.
http://cxf.apache.org/docs/ws-securitypolicy.html
I guess in this case ( i.e. using BindingProvider.getRequestContext()) we can't
access Client/Endpoint directly. Does this work differently than my test case?
> WS-RM - Request context properties are lost when sending subsequent protocol
> message
>
>
> Key: CXF-6991
> URL: https://issues.apache.org/jira/browse/CXF-6991
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
>Affects Versions: 2.7.18, 3.1.7
>Reporter: Tomohisa Igarashi
>Assignee: Freeman Fang
> Attachments: cxf-ws-rm-context-property.tgz
>
>
> We hit "No SAML CallbackHandler available" error when it's sending
> TerminateSequence.
> {code}
> 20:44:32,416 SEVERE [org.apache.cxf.ws.rm.Proxy] (default-workqueue-1) Failed
> to send RM protocol message
> {http://schemas.xmlsoap.org/ws/2005/02/rm}TerminateSequence.:
> org.apache.cxf.interceptor.Fault: No SAML CallbackHandler available
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:198)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:98)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:176)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:90)
> [cxf-rt-ws-security-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:572)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:481)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:393)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.ws.rm.Proxy.invoke(Proxy.java:295)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.ws.rm.Proxy.terminate(Proxy.java:101)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.SourceSequence.setAcknowledged(SourceSequence.java:159)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.RMInInterceptor.processAcknowledgments(RMInInterceptor.java:191)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.RMInInterceptor.handle(RMInInterceptor.java:163)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.ws.rm.AbstractRMInterceptor.handleMessage(AbstractRMInterceptor.java:83)
> [cxf-rt-ws-rm-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:831)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1642)
> [cxf-rt-transports-http-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream$1.run(HTTPConduit.java:1133)
> [cxf-rt-transports-http-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> org.apache.cxf.workqueue.AutomaticWorkQueueImpl$3.run(AutomaticWorkQueueImpl.java:428)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> [rt.jar:1.8.0_101]
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> [rt.jar:1.8.0_101]
> at
> org.apache.cxf.workqueue.AutomaticWorkQueueImpl$AWQThreadFactory$1.run(AutomaticWorkQueueImpl.java:353)
> [cxf-api-2.7.18.redhat-1.jar:2.7.18.redhat-1]
> at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_101]
> Caused by: org.apache.cxf.ws.policy.PolicyException: No SAML CallbackHandler
[jira] [Resolved] (DOSGI-248) Update to CXF 3.1.7
[ https://issues.apache.org/jira/browse/DOSGI-248?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Christian Schneider resolved DOSGI-248. --- Resolution: Fixed > Update to CXF 3.1.7 > --- > > Key: DOSGI-248 > URL: https://issues.apache.org/jira/browse/DOSGI-248 > Project: CXF Distributed OSGi > Issue Type: Improvement >Reporter: Christian Schneider >Assignee: Christian Schneider > Fix For: 2.0.0 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CXF-6989) Content Disposition does not handle "=" in filename
[ https://issues.apache.org/jira/browse/CXF-6989?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15413434#comment-15413434 ] ASF GitHub Bot commented on CXF-6989: - Github user sberyozkin commented on the issue: https://github.com/apache/cxf/pull/151 Well at the moment the CXF code splits by "=". This can be rewritten to check for the first "=" instead and it will be faster and will work for quoted and unquoted file names like filename="a.txt" or filename=a.txt or filename="a=b.txt". Introducing an extra dependency to process this parsing case seems avoidable, thanks > Content Disposition does not handle "=" in filename > --- > > Key: CXF-6989 > URL: https://issues.apache.org/jira/browse/CXF-6989 > Project: CXF > Issue Type: Bug > Components: Core >Reporter: Kevin Osborn > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CXF-6994) RMCaptureInInterceptor running on GET requests
[ https://issues.apache.org/jira/browse/CXF-6994?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15413666#comment-15413666 ] ASF GitHub Bot commented on CXF-6994: - Github user asfgit closed the pull request at: https://github.com/apache/cxf/pull/152 > RMCaptureInInterceptor running on GET requests > -- > > Key: CXF-6994 > URL: https://issues.apache.org/jira/browse/CXF-6994 > Project: CXF > Issue Type: Bug > Components: WS-* Components >Affects Versions: 3.1.7 >Reporter: Alessio Soldano > Fix For: 3.1.8 > > > The changes at > https://github.com/apache/cxf/commit/0dd29509e42fc412ec0cf214e66885d26da9850e > are causing a regression in case of (wsdl) get requests being processed. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Assigned] (CXF-6994) RMCaptureInInterceptor running on GET requests
[ https://issues.apache.org/jira/browse/CXF-6994?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Akitoshi Yoshida reassigned CXF-6994: - Assignee: Akitoshi Yoshida > RMCaptureInInterceptor running on GET requests > -- > > Key: CXF-6994 > URL: https://issues.apache.org/jira/browse/CXF-6994 > Project: CXF > Issue Type: Bug > Components: WS-* Components >Affects Versions: 3.1.7 >Reporter: Alessio Soldano >Assignee: Akitoshi Yoshida > Fix For: 3.1.8 > > > The changes at > https://github.com/apache/cxf/commit/0dd29509e42fc412ec0cf214e66885d26da9850e > are causing a regression in case of (wsdl) get requests being processed. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Resolved] (CXF-6994) RMCaptureInInterceptor running on GET requests
[ https://issues.apache.org/jira/browse/CXF-6994?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Akitoshi Yoshida resolved CXF-6994. --- Resolution: Fixed Fix Version/s: 3.2.0 PR merged. thanks. > RMCaptureInInterceptor running on GET requests > -- > > Key: CXF-6994 > URL: https://issues.apache.org/jira/browse/CXF-6994 > Project: CXF > Issue Type: Bug > Components: WS-* Components >Affects Versions: 3.1.7 >Reporter: Alessio Soldano >Assignee: Akitoshi Yoshida > Fix For: 3.2.0, 3.1.8 > > > The changes at > https://github.com/apache/cxf/commit/0dd29509e42fc412ec0cf214e66885d26da9850e > are causing a regression in case of (wsdl) get requests being processed. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CXF-6989) Content Disposition does not handle "=" in filename
[ https://issues.apache.org/jira/browse/CXF-6989?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15413842#comment-15413842 ] ASF GitHub Bot commented on CXF-6989: - Github user osbornk closed the pull request at: https://github.com/apache/cxf/pull/151 > Content Disposition does not handle "=" in filename > --- > > Key: CXF-6989 > URL: https://issues.apache.org/jira/browse/CXF-6989 > Project: CXF > Issue Type: Bug > Components: Core >Reporter: Kevin Osborn > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Closed] (CXF-6989) Content Disposition does not handle "=" in filename
[ https://issues.apache.org/jira/browse/CXF-6989?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Osborn closed CXF-6989. - Resolution: Won't Fix > Content Disposition does not handle "=" in filename > --- > > Key: CXF-6989 > URL: https://issues.apache.org/jira/browse/CXF-6989 > Project: CXF > Issue Type: Bug > Components: Core >Reporter: Kevin Osborn > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CXF-6989) Content Disposition does not handle "=" in filename
[ https://issues.apache.org/jira/browse/CXF-6989?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15414255#comment-15414255 ] Sergey Beryozkin commented on CXF-6989: --- I'll have a look myself later on, no worries. I guess you should've only closed your pull request if you disagree. Cheers > Content Disposition does not handle "=" in filename > --- > > Key: CXF-6989 > URL: https://issues.apache.org/jira/browse/CXF-6989 > Project: CXF > Issue Type: Bug > Components: Core >Reporter: Kevin Osborn > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CXF-6989) Content Disposition does not handle "=" in filename
[ https://issues.apache.org/jira/browse/CXF-6989?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15414402#comment-15414402 ] Kevin Osborn commented on CXF-6989: --- It wasn't just the dependency issue. I fully understand your concern there a and your solution would work fine. But I started to find all sorts of edge cases in the data we are consuming. We are a Scala shop, so with its pattern matching, it was much easier to implement many of those cases in Scala along with various other utilities. I still use the Rfc5987Util, which is a great little tool. > Content Disposition does not handle "=" in filename > --- > > Key: CXF-6989 > URL: https://issues.apache.org/jira/browse/CXF-6989 > Project: CXF > Issue Type: Bug > Components: Core >Reporter: Kevin Osborn > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Created] (CXF-7004) Custom DateTime property is not serialized to JSON properly
Behrang Saeedzadeh created CXF-7004:
---
Summary: Custom DateTime property is not serialized to JSON
properly
Key: CXF-7004
URL: https://issues.apache.org/jira/browse/CXF-7004
Project: CXF
Issue Type: Bug
Components: JAX-RS Security
Affects Versions: 3.1.7
Reporter: Behrang Saeedzadeh
The following code:
{code}
import au.com.sportsbet.pii.utils.CryptoUtils;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.file.Paths;
import java.security.interfaces.RSAPrivateKey;
import java.time.LocalDateTime;
public class TestCase {
public static void main(String[] args) throws IOException {
final RSAPrivateKey privateKey =
CryptoUtils.loadRsaPrivateKey(Paths.get("a-private-key.der"));
final JsonWebKey piiJWK = JwkUtils.fromRSAPrivateKey(privateKey,
"RSA-OAEP-256");
piiJWK.setKeyId("test");
piiJWK.setKeyProperty("created-at", LocalDateTime.now());
final JsonWebKeys webKeys = new JsonWebKeys(piiJWK);
JwkUtils.jwkSetToJson(webKeys, new FileOutputStream("test.jwk.json"));
}
}
{code}
Produces the following malformed JSON:
{code}
{
"keys": [
{
"kty": "RSA",
"alg": "RSA-OAEP-256",
"n": "...",
"d": "...",
"p": "...",
"q": "...",
"dp": "...",
"dq": "...",
"qi": "...",
"kid": "test",
"created-at": 2016
-0
8
-10
T11: 0
1: 51.036
}
]
}
{code}
Basically the `LocalDateTime` is not converted to `String` before getting
serialized to JSON.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Updated] (CXF-7004) Custom DateTime property is not serialized to JSON properly
[
https://issues.apache.org/jira/browse/CXF-7004?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Behrang Saeedzadeh updated CXF-7004:
Description:
The following code:
{code}
import au.com.sportsbet.pii.utils.CryptoUtils;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.file.Paths;
import java.security.interfaces.RSAPrivateKey;
import java.time.LocalDateTime;
public class TestCase {
public static void main(String[] args) throws IOException {
final RSAPrivateKey privateKey =
CryptoUtils.loadRsaPrivateKey(Paths.get("a-private-key.der"));
final JsonWebKey jwk = JwkUtils.fromRSAPrivateKey(privateKey,
"RSA-OAEP-256");
jwk.setKeyId("test");
jwk.setKeyProperty("created-at", LocalDateTime.now());
final JsonWebKeys webKeys = new JsonWebKeys(jwk);
JwkUtils.jwkSetToJson(webKeys, new FileOutputStream("test.jwk.json"));
}
}
{code}
Produces the following malformed JSON:
{code}
{
"keys": [
{
"kty": "RSA",
"alg": "RSA-OAEP-256",
"n": "...",
"d": "...",
"p": "...",
"q": "...",
"dp": "...",
"dq": "...",
"qi": "...",
"kid": "test",
"created-at": 2016
-0
8
-10
T11: 0
1: 51.036
}
]
}
{code}
Basically the `LocalDateTime` is not converted to `String` before getting
serialized to JSON.
was:
The following code:
{code}
import au.com.sportsbet.pii.utils.CryptoUtils;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.file.Paths;
import java.security.interfaces.RSAPrivateKey;
import java.time.LocalDateTime;
public class TestCase {
public static void main(String[] args) throws IOException {
final RSAPrivateKey privateKey =
CryptoUtils.loadRsaPrivateKey(Paths.get("a-private-key.der"));
final JsonWebKey piiJWK = JwkUtils.fromRSAPrivateKey(privateKey,
"RSA-OAEP-256");
piiJWK.setKeyId("test");
piiJWK.setKeyProperty("created-at", LocalDateTime.now());
final JsonWebKeys webKeys = new JsonWebKeys(piiJWK);
JwkUtils.jwkSetToJson(webKeys, new FileOutputStream("test.jwk.json"));
}
}
{code}
Produces the following malformed JSON:
{code}
{
"keys": [
{
"kty": "RSA",
"alg": "RSA-OAEP-256",
"n": "...",
"d": "...",
"p": "...",
"q": "...",
"dp": "...",
"dq": "...",
"qi": "...",
"kid": "test",
"created-at": 2016
-0
8
-10
T11: 0
1: 51.036
}
]
}
{code}
Basically the `LocalDateTime` is not converted to `String` before getting
serialized to JSON.
> Custom DateTime property is not serialized to JSON properly
> ---
>
> Key: CXF-7004
> URL: https://issues.apache.org/jira/browse/CXF-7004
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS Security
>Affects Versions: 3.1.7
>Reporter: Behrang Saeedzadeh
>
> The following code:
> {code}
> import au.com.sportsbet.pii.utils.CryptoUtils;
> import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
> import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
> import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
> import java.io.FileOutputStream;
> import java.io.IOException;
> import java.nio.file.Paths;
> import java.security.interfaces.RSAPrivateKey;
> import java.time.LocalDateTime;
> public class TestCase {
> public static void main(String[] args) throws IOException {
> final RSAPrivateKey privateKey =
> CryptoUtils.loadRsaPrivateKey(Paths.get("a-private-key.der"));
> final JsonWebKey jwk = JwkUtils.fromRSAPrivateKey(privateKey,
> "RSA-OAEP-256");
> jwk.setKeyId("test");
> jwk.setKeyProperty("created-at", LocalDateTime.now());
> final JsonWebKeys webKeys = new JsonWebKeys(jwk);
> JwkUtils.jwkSetToJson(webKeys, new FileOutputStream("test.jwk.json"));
> }
> }
> {code}
> Produces the following malformed JSON:
> {code}
> {
> "keys": [
> {
> "kty": "RSA",
> "alg": "RSA-OAEP-256",
> "n": "...",
> "d": "...",
> "p": "...",
> "q": "...",
> "dp": "...",
> "dq": "...",
> "qi": "...",
> "kid": "test",
> "created-at": 2016
> -0
> 8
> -10
> T11: 0
> 1: 51.036
> }
> ]
> }
> {code}
> Basically the `LocalDateTime` is not converted to `String` before getting
> serialized to JSON.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Created] (CXF-7005) NullPointerException when using JwkUtils.toRSAPrivateKey
Behrang Saeedzadeh created CXF-7005:
---
Summary: NullPointerException when using JwkUtils.toRSAPrivateKey
Key: CXF-7005
URL: https://issues.apache.org/jira/browse/CXF-7005
Project: CXF
Issue Type: Bug
Components: JAX-RS Security
Affects Versions: 3.1.7
Reporter: Behrang Saeedzadeh
When an RSA private key is converted to a JWK and stored in a JSON Web Keys
file using the following code:
{code}
import au.com.sportsbet.pii.utils.CryptoUtils;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.file.Paths;
import java.security.interfaces.RSAPrivateKey;
import java.time.LocalDateTime;
public class JwkCreator {
public static void main(String[] args) throws IOException {
final RSAPrivateKey privateKey =
CryptoUtils.loadRsaPrivateKey(Paths.get("private-key.der"));
final JsonWebKey jwk = JwkUtils.fromRSAPrivateKey(privateKey,
"RSA-OAEP-256");
jwk.setKeyId("test");
final JsonWebKeys webKeys = new JsonWebKeys(jwk);
JwkUtils.jwkSetToJson(webKeys, new FileOutputStream("jwk.json"));
}
}
{code}
The generated file does not have a {{RSA_PUBLIC_EXP}} (i.e. the `e`) property:
{code}
{
"keys": [
{
"kty": "RSA",
"alg": "RSA-OAEP-256",
"n": "...",
"d": "...",
"p": "...",
"q": "...",
"dp": "...",
"dq": "...",
"qi": "...",
"kid": "test"
}
]
}
{code}
Consequently, when trying to use {{JwkUtils.toRSAPrivateKey}} to convert the
JWK to a private key, a NullPointerException is thrown due to the following
statement in {{JwkUtils.java}}:
{code}
return CryptoUtils.getRSAPrivateKey(encodedModulus,
encodedPublicExponent,
encodedPrivateExponent,
encodedPrimeP,
encodedPrimeQ,
encodedPrimeExpP,
encodedPrimeExpQ,
encodedCrtCoefficient);
{code}
which in turn calls {{CryptoUtils.decodeSequence(encodedPublicExponent)}} on a
{{null}} value.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Updated] (CXF-7005) NullPointerException when using JwkUtils.toRSAPrivateKey
[
https://issues.apache.org/jira/browse/CXF-7005?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Behrang Saeedzadeh updated CXF-7005:
Description:
When an RSA private key is converted to a JWK and stored in a JSON Web Keys
file using the following code:
{code}
import test.CryptoUtils; // loads an RSA private key from file
import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.file.Paths;
import java.security.interfaces.RSAPrivateKey;
import java.time.LocalDateTime;
public class JwkCreator {
public static void main(String[] args) throws IOException {
final RSAPrivateKey privateKey =
CryptoUtils.loadRsaPrivateKey(Paths.get("private-key.der"));
final JsonWebKey jwk = JwkUtils.fromRSAPrivateKey(privateKey,
"RSA-OAEP-256");
jwk.setKeyId("test");
final JsonWebKeys webKeys = new JsonWebKeys(jwk);
JwkUtils.jwkSetToJson(webKeys, new FileOutputStream("jwk.json"));
}
}
{code}
The generated file does not have a {{RSA_PUBLIC_EXP}} (i.e. the `e`) property:
{code}
{
"keys": [
{
"kty": "RSA",
"alg": "RSA-OAEP-256",
"n": "...",
"d": "...",
"p": "...",
"q": "...",
"dp": "...",
"dq": "...",
"qi": "...",
"kid": "test"
}
]
}
{code}
Consequently, when trying to use {{JwkUtils.toRSAPrivateKey}} to convert the
JWK to a private key, a NullPointerException is thrown due to the following
statement in {{JwkUtils.java}}:
{code}
return CryptoUtils.getRSAPrivateKey(encodedModulus,
encodedPublicExponent,
encodedPrivateExponent,
encodedPrimeP,
encodedPrimeQ,
encodedPrimeExpP,
encodedPrimeExpQ,
encodedCrtCoefficient);
{code}
which in turn calls {{CryptoUtils.decodeSequence(encodedPublicExponent)}} on a
{{null}} value.
was:
When an RSA private key is converted to a JWK and stored in a JSON Web Keys
file using the following code:
{code}
import au.com.sportsbet.pii.utils.CryptoUtils;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.file.Paths;
import java.security.interfaces.RSAPrivateKey;
import java.time.LocalDateTime;
public class JwkCreator {
public static void main(String[] args) throws IOException {
final RSAPrivateKey privateKey =
CryptoUtils.loadRsaPrivateKey(Paths.get("private-key.der"));
final JsonWebKey jwk = JwkUtils.fromRSAPrivateKey(privateKey,
"RSA-OAEP-256");
jwk.setKeyId("test");
final JsonWebKeys webKeys = new JsonWebKeys(jwk);
JwkUtils.jwkSetToJson(webKeys, new FileOutputStream("jwk.json"));
}
}
{code}
The generated file does not have a {{RSA_PUBLIC_EXP}} (i.e. the `e`) property:
{code}
{
"keys": [
{
"kty": "RSA",
"alg": "RSA-OAEP-256",
"n": "...",
"d": "...",
"p": "...",
"q": "...",
"dp": "...",
"dq": "...",
"qi": "...",
"kid": "test"
}
]
}
{code}
Consequently, when trying to use {{JwkUtils.toRSAPrivateKey}} to convert the
JWK to a private key, a NullPointerException is thrown due to the following
statement in {{JwkUtils.java}}:
{code}
return CryptoUtils.getRSAPrivateKey(encodedModulus,
encodedPublicExponent,
encodedPrivateExponent,
encodedPrimeP,
encodedPrimeQ,
encodedPrimeExpP,
encodedPrimeExpQ,
encodedCrtCoefficient);
{code}
which in turn calls {{CryptoUtils.decodeSequence(encodedPublicExponent)}} on a
{{null}} value.
> NullPointerException when using JwkUtils.toRSAPrivateKey
>
>
> Key: CXF-7005
> URL: https://issues.apache.org/jira/browse/CXF-7005
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS Security
>Affects Versions: 3.1.7
>Reporter: Behrang Saeedzadeh
>
> When an RSA private key is converted to a JWK and stored in a JSON We
[jira] [Updated] (CXF-7004) Custom DateTime property is not serialized to JSON properly
[
https://issues.apache.org/jira/browse/CXF-7004?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Behrang Saeedzadeh updated CXF-7004:
Description:
The following code:
{code}
import test.CryptoUtils; // loads an RSA private key from file
import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.file.Paths;
import java.security.interfaces.RSAPrivateKey;
import java.time.LocalDateTime;
public class TestCase {
public static void main(String[] args) throws IOException {
final RSAPrivateKey privateKey =
CryptoUtils.loadRsaPrivateKey(Paths.get("a-private-key.der"));
final JsonWebKey jwk = JwkUtils.fromRSAPrivateKey(privateKey,
"RSA-OAEP-256");
jwk.setKeyId("test");
jwk.setKeyProperty("created-at", LocalDateTime.now());
final JsonWebKeys webKeys = new JsonWebKeys(jwk);
JwkUtils.jwkSetToJson(webKeys, new FileOutputStream("test.jwk.json"));
}
}
{code}
Produces the following malformed JSON:
{code}
{
"keys": [
{
"kty": "RSA",
"alg": "RSA-OAEP-256",
"n": "...",
"d": "...",
"p": "...",
"q": "...",
"dp": "...",
"dq": "...",
"qi": "...",
"kid": "test",
"created-at": 2016
-0
8
-10
T11: 0
1: 51.036
}
]
}
{code}
Basically the `LocalDateTime` is not converted to `String` before getting
serialized to JSON.
was:
The following code:
{code}
import au.com.sportsbet.pii.utils.CryptoUtils;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.file.Paths;
import java.security.interfaces.RSAPrivateKey;
import java.time.LocalDateTime;
public class TestCase {
public static void main(String[] args) throws IOException {
final RSAPrivateKey privateKey =
CryptoUtils.loadRsaPrivateKey(Paths.get("a-private-key.der"));
final JsonWebKey jwk = JwkUtils.fromRSAPrivateKey(privateKey,
"RSA-OAEP-256");
jwk.setKeyId("test");
jwk.setKeyProperty("created-at", LocalDateTime.now());
final JsonWebKeys webKeys = new JsonWebKeys(jwk);
JwkUtils.jwkSetToJson(webKeys, new FileOutputStream("test.jwk.json"));
}
}
{code}
Produces the following malformed JSON:
{code}
{
"keys": [
{
"kty": "RSA",
"alg": "RSA-OAEP-256",
"n": "...",
"d": "...",
"p": "...",
"q": "...",
"dp": "...",
"dq": "...",
"qi": "...",
"kid": "test",
"created-at": 2016
-0
8
-10
T11: 0
1: 51.036
}
]
}
{code}
Basically the `LocalDateTime` is not converted to `String` before getting
serialized to JSON.
> Custom DateTime property is not serialized to JSON properly
> ---
>
> Key: CXF-7004
> URL: https://issues.apache.org/jira/browse/CXF-7004
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS Security
>Affects Versions: 3.1.7
>Reporter: Behrang Saeedzadeh
>
> The following code:
> {code}
> import test.CryptoUtils; // loads an RSA private key from file
> import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
> import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
> import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
> import java.io.FileOutputStream;
> import java.io.IOException;
> import java.nio.file.Paths;
> import java.security.interfaces.RSAPrivateKey;
> import java.time.LocalDateTime;
> public class TestCase {
> public static void main(String[] args) throws IOException {
> final RSAPrivateKey privateKey =
> CryptoUtils.loadRsaPrivateKey(Paths.get("a-private-key.der"));
> final JsonWebKey jwk = JwkUtils.fromRSAPrivateKey(privateKey,
> "RSA-OAEP-256");
> jwk.setKeyId("test");
> jwk.setKeyProperty("created-at", LocalDateTime.now());
> final JsonWebKeys webKeys = new JsonWebKeys(jwk);
> JwkUtils.jwkSetToJson(webKeys, new FileOutputStream("test.jwk.json"));
> }
> }
> {code}
> Produces the following malformed JSON:
> {code}
> {
> "keys": [
> {
> "kty": "RSA",
> "alg": "RSA-OAEP-256",
> "n": "...",
> "d": "...",
> "p": "...",
> "q": "...",
> "dp": "...",
> "dq": "...",
> "qi": "...",
> "kid": "test",
> "created-at": 2016
> -0
> 8
> -10
> T11: 0
> 1: 51.036
> }
> ]
> }
> {code}
> Basically the `LocalDateTime` is not converted to `String` before getting
> serialized to JSON.
--
This message was sent by Atlassian JIRA
(
