Uploaded image for project: 'ZZZ-WSO2 ESB'
  1. ZZZ-WSO2 ESB
  2. ESBJAVA-1670

Service invocation of a proxy service engaging security policy failed after another secure proxy service is invoked.

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: High
    • Resolution: Fixed
    • Affects Version/s: 4.5.1
    • Fix Version/s: 4.6.0
    • Labels:
      None
    • Severity:
      Major
    • Estimated Complexity:
      Moderate
    • Test cases added:
      Yes

      Description

      After invoking secure proxy service, proxy service which engage a policy invocation is not possible.

      Steps
      1) Create a proxy service engaging a security policy(Scenario 4)
      <endpoint>
      <address
      uri="http://localhost:9007/services/SecureStockQuoteServiceScenario4">
      <enableAddressing/>
      <enableSec policy="conf:/securityEngaging/scenario4-policy.xml"/>
      </address>
      </endpoint>
      2) Deploy a service which is secured by above policy file.

      3).Invoke a service. It will working fine.

      4) Create a another proxy service and secure the proxy using policy scenario 3

      5) Invoke the proxy service, It also working fine.

      6) Then try to invoke first proxy service.
      service invocation not possible. once server is restarted , service invocation is possible again.

      Server log:

      [2012-10-23 17:47:09,610] ERROR - AxisEngine General security error (WSSecurityEngine: Callback supplied no password for: ctiG7ZEpDa7RhWUhnZ/jKv9myFc=); nested exception is:
      java.lang.NullPointerException
      org.apache.axis2.AxisFault: General security error (WSSecurityEngine: Callback supplied no password for: ctiG7ZEpDa7RhWUhnZ/jKv9myFc=); nested exception is:
      java.lang.NullPointerException
      at org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:180)
      at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:95)
      at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
      at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
      at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
      at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:168)
      at org.apache.synapse.transport.nhttp.ClientWorker.run(ClientWorker.java:275)
      at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
      at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
      at java.lang.Thread.run(Thread.java:662)
      Caused by: org.apache.ws.security.WSSecurityException: General security error (WSSecurityEngine: Callback supplied no password for: ctiG7ZEpDa7RhWUhnZ/jKv9myFc=); nested exception is:
      java.lang.NullPointerException
      at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:421)
      at org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:120)
      at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:332)
      at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:249)
      at org.apache.rampart.RampartEngine.process(RampartEngine.java:169)
      at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)
      ... 9 more
      Caused by: java.lang.NullPointerException
      at org.apache.rampart.TokenCallbackHandler.handle(TokenCallbackHandler.java:86)
      at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:419)
      ... 14 more
      [2012-10-23 17:47:09,621] WARN - ClientWorker Fault processing response message through Axis2: General security error (WSSecurityEngine: Callback supplied no password for: ctiG7ZEpDa7RhWUhnZ/jKv9myFc=); nested exception is:
      java.lang.NullPointerException
      [2012-10-23 17:47:09,623] WARN - EndpointContext Endpoint : endpoint_ca411b6150cb26e5443f0b83b603d69f35c7d9d140ec61c9 will be marked SUSPENDED as it failed
      [2012-10-23 17:47:09,623] WARN - EndpointContext Suspending endpoint : endpoint_ca411b6150cb26e5443f0b83b603d69f35c7d9d140ec61c9 - current suspend duration is : 30000ms - Next retry after : Tue Oct 23 17:47:39 IST 2012

        Attachments

          Activity

            People

            • Assignee:
              kasun@wso2.com Kasun Indrasiri
              Reporter:
              nuwanw@wso2.com Nuwan Wimalasekara
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: