mace-opensaml-users - NullPointerException in SAMLAssertion
Subject: OpenSAML user discussion
List archive
- From: W Strater <>
- To:
- Subject: NullPointerException in SAMLAssertion
- Date: Sun, 26 Feb 2006 12:19:15 -0800 (PST)
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type; b=OeRMj2exTSp/rvAEosf9akJ+Cj4lC72hwAx5/jYywec4ur8YqFOEuJCXmRdwc98hvm/FYoZhHGN2GBF/x9+//N6mx/nCeG29Eeg33cnKGLaaFhTvGpQhlgzV6gD5NlzKBGGHUM/bt6GFztf4WbEpV7hhF288xdU+xaVtzLWhXXo= ;
I am getting a NullPointerException in SAMLAssertion when I try to
use WSS4J to sign a SOAPMessage with an SAMLAuthenticationStatement in
the SOAPHeader.
These are the top of the stack trace generated from the JUnit tests.
1) testSAML(test.WSS4JTest)java.lang.NullPointerException
at org.opensaml.SAMLAssertion.toDOM(SAMLAssertion.java:612)
at org.opensaml.SAMLObject.toDOM(SAMLObject.java:290)
at org.apache.ws.security.message.WSSignEnvelope.build(WSSignEnvelope.java:877)
2) testSAMLSignedSenderVouches(test.WSS4JTest)java.lang.NullPointerException
at org.opensaml.SAMLAssertion.toDOM(SAMLAssertion.java:612)
at org.opensaml.SAMLObject.toDOM(SAMLObject.java:290)
at org.apache.ws.security.message.WSSignEnvelope.build(WSSignEnvelope.java:877)
Test 1 is my own code. Test 2 was copied from WSS4J test code, test\wssec\TestWSSecurityST2.java. Both are triggered during the WSSignEnvelope.build call because I logged the SAMLAssertion before doing the sign. If I log the assertion, I get the null pointer exception because root is null so assertion is null and it is not dirty. If I do not log the assertion, I do not get the exception.
I am using opensaml-java-1.1b.tar.gz, wss4j-bin-1.1.0.zip and xml-security-bin-1_3_0.zip all downloaded as of 2/25/6. I added debug="true" to the build.xml for opensaml to get line numbers. I am using Sun JDK 1.4.2 with the jars in lib\extended. I am using Bouncy Castle 1.3.1 as my last provider.
Here is the code I use to create the assertion for my test.
SAMLNameIdentifier name = new SAMLNameIdentifier();
name.setName("cn=Bob,o=SomeDomain.com");
name.setNameQualifier("SomeDomain.com");
name.setFormat("");
SAMLSubject subject = new SAMLSubject();
subject.setNameIdentifier(name);
subject.addConfirmationMethod(SAMLSubject.CONF_SENDER_VOUCHES);
SAMLAuthenticationStatement authn = new SAMLAuthenticationStatement();
authn.setAuthInstant(new Date());
authn.setAuthMethod(SAMLAuthenticationStatement.AuthenticationMethod_Password);
authn.setSubject(subject);
SAMLAssertion assertion = new SAMLAssertion();
assertion.setId("ID_123456");
assertion.setIssueInstant(new Date());
assertion.setIssuer("SomeDomain.com");
assertion.setMinorVersion(1);
assertion.setNotOnOrAfter(new Date(System.currentTimeMillis() + 300000l));
assertion.addStatement(authn);
// This is what sets up the situation for the null pointer exception.
// If I comment out this line, I won't get the exception.
System.out.println(assertion);
assertion.checkValidity();
Here is the code I use to sign the assertion for my test.
WSSignEnvelope signer = new WSSignEnvelope();
signer.setUserInfo("someAlias", "somePassword");
signer.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
signer.build(envelope.getBody().getOwnerDocument(), getCrypto(), assertion,
getCrypto(), "someAlias", "somePassword");
System.out.println(envelope);
validate(message);
Wes.
These are the top of the stack trace generated from the JUnit tests.
1) testSAML(test.WSS4JTest)java.lang.NullPointerException
at org.opensaml.SAMLAssertion.toDOM(SAMLAssertion.java:612)
at org.opensaml.SAMLObject.toDOM(SAMLObject.java:290)
at org.apache.ws.security.message.WSSignEnvelope.build(WSSignEnvelope.java:877)
2) testSAMLSignedSenderVouches(test.WSS4JTest)java.lang.NullPointerException
at org.opensaml.SAMLAssertion.toDOM(SAMLAssertion.java:612)
at org.opensaml.SAMLObject.toDOM(SAMLObject.java:290)
at org.apache.ws.security.message.WSSignEnvelope.build(WSSignEnvelope.java:877)
Test 1 is my own code. Test 2 was copied from WSS4J test code, test\wssec\TestWSSecurityST2.java. Both are triggered during the WSSignEnvelope.build call because I logged the SAMLAssertion before doing the sign. If I log the assertion, I get the null pointer exception because root is null so assertion is null and it is not dirty. If I do not log the assertion, I do not get the exception.
I am using opensaml-java-1.1b.tar.gz, wss4j-bin-1.1.0.zip and xml-security-bin-1_3_0.zip all downloaded as of 2/25/6. I added debug="true" to the build.xml for opensaml to get line numbers. I am using Sun JDK 1.4.2 with the jars in lib\extended. I am using Bouncy Castle 1.3.1 as my last provider.
Here is the code I use to create the assertion for my test.
SAMLNameIdentifier name = new SAMLNameIdentifier();
name.setName("cn=Bob,o=SomeDomain.com");
name.setNameQualifier("SomeDomain.com");
name.setFormat("");
SAMLSubject subject = new SAMLSubject();
subject.setNameIdentifier(name);
subject.addConfirmationMethod(SAMLSubject.CONF_SENDER_VOUCHES);
SAMLAuthenticationStatement authn = new SAMLAuthenticationStatement();
authn.setAuthInstant(new Date());
authn.setAuthMethod(SAMLAuthenticationStatement.AuthenticationMethod_Password);
authn.setSubject(subject);
SAMLAssertion assertion = new SAMLAssertion();
assertion.setId("ID_123456");
assertion.setIssueInstant(new Date());
assertion.setIssuer("SomeDomain.com");
assertion.setMinorVersion(1);
assertion.setNotOnOrAfter(new Date(System.currentTimeMillis() + 300000l));
assertion.addStatement(authn);
// This is what sets up the situation for the null pointer exception.
// If I comment out this line, I won't get the exception.
System.out.println(assertion);
assertion.checkValidity();
Here is the code I use to sign the assertion for my test.
WSSignEnvelope signer = new WSSignEnvelope();
signer.setUserInfo("someAlias", "somePassword");
signer.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
signer.build(envelope.getBody().getOwnerDocument(), getCrypto(), assertion,
getCrypto(), "someAlias", "somePassword");
System.out.println(envelope);
validate(message);
Wes.
- NullPointerException in SAMLAssertion, W Strater, 02/26/2006
- RE: NullPointerException in SAMLAssertion, Scott Cantor, 02/26/2006
- Re: NullPointerException in SAMLAssertion, W Strater, 02/26/2006
- RE: NullPointerException in SAMLAssertion, Scott Cantor, 02/26/2006
- Re: NullPointerException in SAMLAssertion, W Strater, 02/27/2006
- RE: NullPointerException in SAMLAssertion, Scott Cantor, 02/26/2006
- Re: NullPointerException in SAMLAssertion, W Strater, 02/26/2006
- RE: NullPointerException in SAMLAssertion, Scott Cantor, 02/26/2006
Archive powered by MHonArc 2.6.16.