Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-10967

"DOMException: NOT_FOUND_ERR: An attempt is made to reference a node in a context where it does not exist." when KeyInfo has an Id attribute

    Details

    • Affects:
      Release Notes, Compatibility/Configuration
    • Release Notes Text:
      Hide
      <para>When processing the XML signature in the WS-Security header of an incoming SOAP request, Xerces would throw an error when the Apache XML Security library tried to set the <code>Id</code> attribute on the <code>KeyInfo</code> element. This would happen if the incoming <code>KeyInfo</code> element had an <code>Id</code> attribute in the default namespace. This issue was fixed by modifying the <code>setIdAttributeNode</code> method to get the namespace URI of the <code>Id</code> attribute before setting it.</para>
      Show
      <para>When processing the XML signature in the WS-Security header of an incoming SOAP request, Xerces would throw an error when the Apache XML Security library tried to set the <code>Id</code> attribute on the <code>KeyInfo</code> element. This would happen if the incoming <code>KeyInfo</code> element had an <code>Id</code> attribute in the default namespace. This issue was fixed by modifying the <code>setIdAttributeNode</code> method to get the namespace URI of the <code>Id</code> attribute before setting it.</para>
    • Release Notes Docs Status:
      Documented as Resolved Issue
    • Docs QE Status:
      NEW

      Description

      When processing the XML signature in the WS-Security header of an incoming SOAP request, Xerces throws an error when the Apache XML Security library tries to set the ID attribute on the KeyInfo element. This only happens if the incoming KeyInfo element has an Id attribute in the default namespace (not WSSE).

      19:31:01,402 ERROR [HandlerChainExecutor] Exception during handler processing
      org.w3c.dom.DOMException: NOT_FOUND_ERR: An attempt is made to reference a node in a context where it does not exist.
              at org.apache.xerces.dom.ElementImpl.setIdAttributeNode(ElementImpl.java:935)
              at org.jboss.ws.core.soap.SOAPElementImpl.setIdAttributeNode(SOAPElementImpl.java:844)
              at org.apache.xml.security.keys.KeyInfo.<init>(KeyInfo.java:141)
              at org.apache.xml.security.signature.XMLSignature.<init>(XMLSignature.java:379)
              at org.apache.xml.security.signature.XMLSignature.<init>(XMLSignature.java:326)
              at org.jboss.ws.extensions.security.element.Signature.<init>(Signature.java:57)
              at org.jboss.ws.extensions.security.element.SecurityHeader.<init>(SecurityHeader.java:85)
              at org.jboss.ws.extensions.security.SecurityDecoder.decode(SecurityDecoder.java:192)
              at org.jboss.ws.extensions.security.WSSecurityDispatcher.decodeHeader(WSSecurityDispatcher.java:131)
              at org.jboss.ws.extensions.security.WSSecurityDispatcher.decodeMessage(WSSecurityDispatcher.java:100)
              at org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurityHandler.java:90)
              at org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHandlerServer.java:41)
              at org.jboss.wsf.common.handler.GenericHandler.handleMessage(GenericHandler.java:53)
              at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:305)
              at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:142)
              at org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDelegateJAXWS.java:97)
              at org.jboss.ws.core.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointInvoker.java:129)
              at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:176)
              at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:470)
              at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:294)
              at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:203)
              at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:129)
              at org.jboss.wsf.common.servlet.AbstractEndpointServlet.service(AbstractEndpointServlet.java:85)
              at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
              at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
              at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235)
              at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
              at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:183)
              at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:95)
              at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
              at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
              at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
              at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
              at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
              at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
              at org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.internalProcess(ActiveRequestResponseCacheValve.java:74)
              at org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.invoke(ActiveRequestResponseCacheValve.java:47)
              at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
              at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
              at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:599)
              at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:451)
              at java.lang.Thread.run(Thread.java:724)
      
      

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  asoldano Alessio Soldano
                  Reporter:
                  klape Kyle Lape
                  Writer:
                  Tyler Kelly
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: