glassfishrobot
commented
15 years ago Reported by kohsuke@java.net
Closed glassfishrobot closed 12 years ago
glassfishrobot
commented
15 years ago Reported by kohsuke@java.net
glassfishrobot
commented
12 years ago snajper said: This I see fixed in current version of the code.
glassfishrobot
commented
15 years ago Was assigned to snajper
glassfishrobot
commented
7 years ago This issue was imported from java.net JIRA METRO-8
glassfishrobot
commented
12 years ago Marked as fixed on Friday, December 9th 2011, 2:05:57 am
AsymmetricBindingProcessor.process method reads:
public void process()throws PolicyException{ Token st = getSignatureToken(); Token et = getEncryptionToken(); if(st != null)
{ primarySP = new SignaturePolicy(); .... }
if(et != null)
{ primaryEP = new EncryptionPolicy(); .... }
.... addPrimaryTargets();
and the addPrimaryTargets method reads:
protected void addPrimaryTargets()throws PolicyException{ SignaturePolicy.FeatureBinding spFB = (SignaturePolicy.FeatureBinding)primarySP.getFeatureBinding(); EncryptionPolicy.FeatureBinding epFB = (EncryptionPolicy.FeatureBinding)primaryEP.getFeatureBinding();
So this code results in NPE in addPrimaryTargets() if either 'st' or 'et' are null in the process method.
Therefore this code is inconsistent — if a signature token and an encryption token has to be always present, then such an error check should be performed earlier (in the constructor) and a graceful error message should be reported to the user, pointing to the wrong WSDL.
If either of those can be indeed null, then the addPrimaryTargets() method shouldn't choke with NPE.
Environment
Operating System: All Platform: All
Affected Versions
[current]