[ZIPSYNC-1] test Created: 15/Feb/11  Updated: 15/Feb/11

Status: Open
Project: zipsync
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major
Reporter: Christian Schlichtherle Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

ignore






[ZILONIS-7] Add some commands to the Shell Created: 11/Mar/05  Updated: 11/Mar/05

Status: Open
Project: zilonis
Component/s: Parser
Affects Version/s: current
Fix Version/s: milestone 1

Type: New Feature Priority: Major
Reporter: elevy Assignee: elevy
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 7

 Description   

(rules) should print the rules in the current scope
(ppdefrule friends-rule) should print out the rule named friends-rule
(exit) should exit from zilonis
(clear) Removes all rules and facts from memory. Equivalent to shutting down
and restarting Zilonis (only the current scope).
(reset) Removes facts information from the current scope, and resets the agenda
need to think about this and:
(run) Starts executing a Zilonis program (but not rules) ... think about the
implementation of this....



 Comments   
Comment by elevy [ 11/Mar/05 ]

in org.zilonis.network.Rete the addTriplet method probably does not need to
call rhsTime. The (run) can be the one who calls that method after all the
triplets have been added???

have to think about it.

also we need the (assert) command should print the fact id.





[ZILONIS-6] After adding a new production, needs to call RHSTime Created: 10/Mar/05  Updated: 10/Mar/05

Status: Open
Project: zilonis
Component/s: WM
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: elevy Assignee: elevy
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 6

 Description   

After adding the production and updating-node-with-matches-from-above need to
call the rhsTime method in the Rete class to execute the assertion or
retractions generated by the new rule.






[ZILONIS-5] Improve Scheme integration Created: 01/Mar/05  Updated: 09/Mar/05

Status: Open
Project: zilonis
Component/s: WM
Affects Version/s: current
Fix Version/s: milestone 1

Type: Improvement Priority: Major
Reporter: elevy Assignee: elevy
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 5

 Description   

Improve implementation of the integration with SISC



 Comments   
Comment by elevy [ 09/Mar/05 ]

This is not a defect, it's an improvement





[ZILONIS-4] Permit inheritance of WMEs between child-parent Scopes Created: 01/Mar/05  Updated: 01/Mar/05

Status: Open
Project: zilonis
Component/s: WM
Affects Version/s: current
Fix Version/s: milestone 1

Type: New Feature Priority: Major
Reporter: elevy Assignee: elevy
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 4

 Description   

Add WMEs to parent scopes before they have any child.
Restrict the addition of WMEs after a Scope has a child.






[ZILONIS-3] Implement GC of Scopes Created: 01/Mar/05  Updated: 09/Mar/05  Resolved: 09/Mar/05

Status: Resolved
Project: zilonis
Component/s: WM
Affects Version/s: current
Fix Version/s: milestone 1

Type: New Feature Priority: Major
Reporter: elevy Assignee: elevy
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 3

 Description   

Once a Scope is not longer in use, we need to remove all the WME that were
added into it.



 Comments   
Comment by elevy [ 09/Mar/05 ]

Added the support for the GC of WME when the scope is terminated.





[ZILONIS-2] Support printout statements Created: 01/Mar/05  Updated: 01/Mar/05

Status: Open
Project: zilonis
Component/s: RHS
Affects Version/s: current
Fix Version/s: milestone 1

Type: New Feature Priority: Major
Reporter: elevy Assignee: elevy
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 2

 Description   

Implement the printout functionallity



 Comments   
Comment by elevy [ 01/Mar/05 ]

It was mistakenly setup as a defect. It was updated to a new feature





[ZILONIS-1] Support simple triplets in defrule and deffact Created: 01/Mar/05  Updated: 12/Mar/05  Resolved: 12/Mar/05

Status: Resolved
Project: zilonis
Component/s: Parser
Affects Version/s: current
Fix Version/s: milestone 1

Type: New Feature Priority: Major
Reporter: elevy Assignee: elevy
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 1

 Description   

Include the support for simple Triplets in the defrule and deffact constructs.

For example:

(defrule simpleTripletExample (?x isA ?y)(?y isA ?z)=>(assert (?x isA ?z)))

(deffacts (Man isA Mortal)(Aquiles isA Man))



 Comments   
Comment by elevy [ 12/Mar/05 ]

the parser now supports flat structures.

needs review of the actions which is goign to be done when the actions are
reviewed and refactored.





[ZIESEMER-3] Release under LGPL license Created: 08/Sep/10  Updated: 18/Sep/10  Resolved: 18/Sep/10

Status: Resolved
Project: ziesemer
Component/s: MarkUtils-PacProxySelector Other/Unknown
Affects Version/s: 2009.05.25
Fix Version/s: not determined

Type: Improvement Priority: Major
Reporter: robin900 Assignee: Mark A. Ziesemer
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 2

 Description   

Thanks for considering a release under a license bsides GPLv3, Mark. As you
proposed in your email, LGPL would work just great for my needs.



 Comments   
Comment by robin900 [ 13/Sep/10 ]

Here's the reasoning behind the request to release pacProxySelector under the
LGPL v3 license and not the GPLv3 license:

I have authored an Eclipse-based application for internal use at my company. I
wish to include a proxy auto-configuration feature in the application, using the
pacProxySelector code. Although there are currently no plans to distribute the
application outside of the organization, it is possible that we may in future
give the application to certain customers for them to use against our company's
Web services tier.

My company wishes to avoid the burden (which is largely bureaucratic) of
maintaining an accessible source repository for these customers to download the
entire application codebase, as the GPLv3 license would require. Instead, we'd
prefer to use pacProxySelector as a .jar, link it in the application, and abide
by the conditions of LGPL v3: we would not alter the pacProxySelector code; we
would credit the original author; we would include the license documents with
the released object code; we would display copyright notice for original author
at runtime where our own copyright notice is displayed; and we would arrange the
released object code to link to pacProxySelector at runtime so that end users
may substitute a modified version of pacProxySelector at runtime using standard
Java linking practices.

Comment by Mark A. Ziesemer [ 13/Sep/10 ]

Accepted. Will work on getting a new release out shortly.

Comment by Mark A. Ziesemer [ 18/Sep/10 ]

Fixed in com.ziesemer.utils.pacProxySelector-2010.09.18.zip .





[ZIESEMER-2] Infinite loop in XmlEncoding.determineFromDeclaration(...) Created: 12/Jun/09  Updated: 12/Jun/09  Resolved: 12/Jun/09

Status: Resolved
Project: ziesemer
Component/s: MarkUtils-Xml XmlEncoding
Affects Version/s: 2009.05.20
Fix Version/s: not determined

Type: Bug Priority: Critical
Reporter: Mark A. Ziesemer Assignee: Mark A. Ziesemer
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 1

 Description   

while loop in XmlEncoding.determineFromDeclaration(...) mistakenly checks for >=
0 in read from InputStream. An infinite loop will result if there are still
bytes left available to read in the InputStream and the read buffer is full.
Check should be > 0, not >= 0.

Fixed in 2009.06.11.



 Comments   
Comment by Mark A. Ziesemer [ 12/Jun/09 ]

Fixed in 2009.06.11.





[ZFS-5] Reading userquota returns null Created: 05/May/11  Updated: 09/Mar/12

Status: Open
Project: zfs
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major
Reporter: galinette Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

Setting userquota works but getting userquota always returns null.

LibZFS zfs = new LibZFS();
ZFSFileSystem userfs = zfs.create("mypool/home", ZFSFileSystem.class);
userfs.setProperty( "userquota@murphy", "1g");
System.out.println( "userquota for murphy:" + userfs.getUserProperty( "userquota@murphy" ) );

The userquota has been really set while verifying with "zfs get userquota@murphy mypool/home" returns the right value;



 Comments   
Comment by galinette [ 05/May/11 ]

Im using libzfs 0.5.

Comment by galinette [ 09/Mar/12 ]

The support for userquota has been added in libzfs 0.7 (https://bitbucket.org/tludewig/libzfs/)





[ZFS-4] Rename package used Created: 09/Feb/11  Updated: 09/Feb/11

Status: Open
Project: zfs
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Major
Reporter: nhoj_p Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

What are peoples views on changing from org.jvnet.solaris.libzfs to

1) net.java.projects.zfs
2) net.java.zfs
3) something else

The reason I propose this is because the project's url doesn't match the package that we use. I find it very helpful when the groupId, artifactId, project url and package used all give the same impression of where the source code came from.






[ZFS-3] JVM crash while using ZFS lib Created: 16/Jun/09  Updated: 16/Jun/09

Status: Open
Project: zfs
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: foal Assignee: zfs-issues
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 3

 Description   

#

  1. An unexpected error has been detected by HotSpot Virtual Machine:
    #
  2. SIGSEGV (0xb) at pc=0x56c4981b, pid=2157, tid=81
    #
  3. Java VM: Java HotSpot(TM) Client VM (1.5.0_18-b02 mixed mode)
  4. Problematic frame:
  5. C [libzfs.so.2+0x1981b]
    #

--------------- T H R E A D ---------------

Current thread (0x08e93828): JavaThread "Hudson cron thread"
[_thread_in_native, id=81]

siginfo:si_signo=11, si_errno=0, si_code=1, si_addr=0x00000018

Registers:
EAX=0x5d8d40b0, EBX=0x56ca7000, ECX=0x00000000, EDX=0x00000004
ESP=0x5d8d3044, EBP=0x5d8d4088, ESI=0x00000000, EDI=0x5d8d4070
EIP=0x56c4981b, EFLAGS=0x00010206

Top of Stack: (sp=0x5d8d3044)
0x5d8d3044: 5d8d4190 00000000 56ca7000 00000000
0x5d8d3054: 00000000 00000000 00000000 00000000
0x5d8d3064: 00000000 00000000 00000000 00000000
0x5d8d3074: 00000000 00000000 00000000 00000000
0x5d8d3084: 00000000 00000000 00000000 00000000
0x5d8d3094: 00000000 00000000 00000000 00000000
0x5d8d30a4: 00000000 00000000 00000000 00000000
0x5d8d30b4: 00000000 00000000 00000000 00000000

Instructions: (pc=0x56c4981b)
0x56c4980b: fd ff 8d 7c 24 0c b9 08 04 00 00 f3 a5 8b 75 08
0x56c4981b: 8b 46 18 0b 46 1c 75 3f 6a 00 8d 83 07 27 fa ff

Stack: [0x5d895000,0x5d8d5000), sp=0x5d8d3044, free space=248k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C [libzfs.so.2+0x1981b]
C [libzfs.so.2+0x19e9a] zfs_iter_root+0x1b
C [libjnidispatch.so+0x1019b] ffi_call_SYSV+0x17
C [libjnidispatch.so+0xfe98] ffi_call+0x8f
C [libjnidispatch.so+0x41d1]
C [libjnidispatch.so+0x4946] Java_com_sun_jna_Function_invokeInt+0x32
j com.sun.jna.Function.invokeInt(I[Ljava/lang/Object;)I+0
j
com.sun.jna.Function.invoke([Ljava/lang/Object;Ljava/lang/Class;)Ljava/lang/Obje
ct;+309
j
com.sun.jna.Function.invoke(Ljava/lang/Class;[Ljava/lang/Object;Ljava/util/Map
Ljava/lang/Object;+194
j
com.sun.jna.Library$Handler.invoke(Ljava/lang/Object;Ljava/lang/reflect/Method;[
Ljava/lang/Object;)Ljava/lang/Object;+344
j
$Proxy32.zfs_iter_root(Lorg/jvnet/solaris/libzfs/jna/libzfs_handle_t;Lorg/jvnet/
solaris/libzfs/jna/libzfs$zfs_iter_f;Lcom/sun/jna/Pointer;)I+24
j org.jvnet.solaris.libzfs.LibZFS.roots()Ljava/util/List;+25
j hudson.os.solaris.ZFSInstaller.shouldBeActive()Z+24
j hudson.os.solaris.ZFSInstaller.<init>()V+6
j hudson.os.solaris.ZFSInstaller.init()Lhudson/model/AdministrativeMonitor;+102
v ~StubRoutines::call_stub
V [libjvm.so+0xa8d97]
V [libjvm.so+0xa8c04]
V [libjvm.so+0xa8be8]
V [libjvm.so+0xc5c58]
V [libjvm.so+0x14e546]
V [libjvm.so+0x14e141]
C [libjava.so+0xcb81] Java_sun_reflect_NativeMethodAccessorImpl_invoke0+0x21
j
sun.reflect.NativeMethodAccessorImpl.invoke0(Ljava/lang/reflect/Method;Ljava/lan
g/Object;[Ljava/lang/Object;)Ljava/lang/Object;+0
j
sun.reflect.NativeMethodAccessorImpl.invoke(Ljava/lang/Object;[Ljava/lang/Object
;)Ljava/lang/Object;+87
J
sun.reflect.DelegatingMethodAccessorImpl.invoke(Ljava/lang/Object;[Ljava/lang/Ob
ject;)Ljava/lang/Object;
J
java.lang.reflect.Method.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang
/Object;
j net.java.sezpoz.IndexItem.instance()Ljava/lang/Object;+50
j
hudson.ExtensionFinder$Sezpoz.findExtensions(Ljava/lang/Class;Lhudson/model/Huds
on;)Ljava/util/Collection;+141
j hudson.ExtensionList.load()Ljava/util/List;+47
j hudson.ExtensionList.ensureLoaded()Ljava/util/List;+38
j hudson.ExtensionList.iterator()Ljava/util/Iterator;+1
j hudson.ExtensionList.get(Ljava/lang/Class;)Ljava/lang/Object;+1
j hudson.triggers.SCMTrigger$DescriptorImpl.clogCheck()V+6
j hudson.triggers.SCMTrigger.run()V+111
j hudson.triggers.Trigger.checkTriggers(Ljava/util/Calendar;)V+243
j hudson.triggers.Trigger$Cron.doRun()V+63
j hudson.triggers.SafeTimerTask.run()V+12
j java.util.TimerThread.mainLoop()V+221
j java.util.TimerThread.run()V+1
v ~StubRoutines::call_stub
V [libjvm.so+0xa8d97]
V [libjvm.so+0xa8c04]
V [libjvm.so+0xa8be8]
V [libjvm.so+0xb664e]
V [libjvm.so+0xb657d]
V [libjvm.so+0xb64f0]
V [libjvm.so+0xb63f1]
V [libjvm.so+0xb6395]
V [libjvm.so+0x2d0552]
C [libc.so.1+0xa6e92]
C [libc.so.1+0xa7180]

Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j com.sun.jna.Function.invokeInt(I[Ljava/lang/Object;)I+0
j
com.sun.jna.Function.invoke([Ljava/lang/Object;Ljava/lang/Class;)Ljava/lang/Obje
ct;+309
j
com.sun.jna.Function.invoke(Ljava/lang/Class;[Ljava/lang/Object;Ljava/util/Map
Ljava/lang/Object;+194
j
com.sun.jna.Library$Handler.invoke(Ljava/lang/Object;Ljava/lang/reflect/Method;[
Ljava/lang/Object;)Ljava/lang/Object;+344
j
$Proxy32.zfs_iter_root(Lorg/jvnet/solaris/libzfs/jna/libzfs_handle_t;Lorg/jvnet/
solaris/libzfs/jna/libzfs$zfs_iter_f;Lcom/sun/jna/Pointer;)I+24
j org.jvnet.solaris.libzfs.LibZFS.roots()Ljava/util/List;+25
j hudson.os.solaris.ZFSInstaller.shouldBeActive()Z+24
j hudson.os.solaris.ZFSInstaller.<init>()V+6
j hudson.os.solaris.ZFSInstaller.init()Lhudson/model/AdministrativeMonitor;+102
v ~StubRoutines::call_stub
j
sun.reflect.NativeMethodAccessorImpl.invoke0(Ljava/lang/reflect/Method;Ljava/lan
g/Object;[Ljava/lang/Object;)Ljava/lang/Object;+0
j
sun.reflect.NativeMethodAccessorImpl.invoke(Ljava/lang/Object;[Ljava/lang/Object
;)Ljava/lang/Object;+87
J
sun.reflect.DelegatingMethodAccessorImpl.invoke(Ljava/lang/Object;[Ljava/lang/Ob
ject;)Ljava/lang/Object;
J
java.lang.reflect.Method.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang
/Object;
j net.java.sezpoz.IndexItem.instance()Ljava/lang/Object;+50
j
hudson.ExtensionFinder$Sezpoz.findExtensions(Ljava/lang/Class;Lhudson/model/Huds
on;)Ljava/util/Collection;+141
j hudson.ExtensionList.load()Ljava/util/List;+47
j hudson.ExtensionList.ensureLoaded()Ljava/util/List;+38
j hudson.ExtensionList.iterator()Ljava/util/Iterator;+1
j hudson.ExtensionList.get(Ljava/lang/Class;)Ljava/lang/Object;+1
j hudson.triggers.SCMTrigger$DescriptorImpl.clogCheck()V+6
j hudson.triggers.SCMTrigger.run()V+111
j hudson.triggers.Trigger.checkTriggers(Ljava/util/Calendar;)V+243
j hudson.triggers.Trigger$Cron.doRun()V+63
j hudson.triggers.SafeTimerTask.run()V+12
j java.util.TimerThread.mainLoop()V+221
j java.util.TimerThread.run()V+1
v ~StubRoutines::call_stub

--------------- P R O C E S S ---------------

Java Threads: ( => current thread )
0x099c3868 JavaThread "Timer-99" [_thread_blocked, id=313]
0x0a157018 JavaThread "pool-6-thread-1" [_thread_blocked, id=312]
0x0948e1c0 JavaThread "Executor #1 for master" [_thread_blocked, id=309]
0x09ccfdc0 JavaThread "Executor #0 for master" [_thread_blocked, id=308]
0x09427ea8 JavaThread "Hudson UDP 33848 monitoring thread" [_thread_in_native,
id=307]
0x09579978 JavaThread "TCP slave agent listener port=0" [_thread_in_native,
id=306]
0x0807a690 JavaThread "DestroyJavaVM" [_thread_blocked, id=1]
0x09cdda58 JavaThread "httpSSLWorkerThread-8080-4" daemon [_thread_blocked,
id=296]
0x094801e0 JavaThread "httpSSLWorkerThread-8080-3" daemon [_thread_in_native,
id=295]
0x09932df0 JavaThread "Timer-87" [_thread_blocked, id=294]
0x09563160 JavaThread "httpSSLWorkerThread-8080-2" daemon [_thread_blocked,
id=293]
0x08f2c000 JavaThread "Timer-86" daemon [_thread_blocked, id=292]
0x091ba740 JavaThread "registration" daemon [_thread_blocked, id=291]
0x08bfacb0 JavaThread
"ContainerBackgroundProcessor[StandardEngine[com.sun.appserv]]" daemon
[_thread_blocked, id=289]
0x09722dc0 JavaThread "Thread-136" daemon [_thread_blocked, id=281]
0x09e03a10 JavaThread "DefaultQuartzScheduler_QuartzSchedulerThread"
[_thread_blocked, id=279]
0x09ce1d78 JavaThread "DefaultQuartzScheduler_Worker-9" [_thread_blocked,
id=278]
0x094512b8 JavaThread "DefaultQuartzScheduler_Worker-8" [_thread_blocked,
id=277]
0x08db4a10 JavaThread "DefaultQuartzScheduler_Worker-7" [_thread_blocked,
id=276]
0x095602e0 JavaThread "DefaultQuartzScheduler_Worker-6" [_thread_blocked,
id=275]
0x089e7a00 JavaThread "DefaultQuartzScheduler_Worker-5" [_thread_blocked,
id=274]
0x0a071a48 JavaThread "DefaultQuartzScheduler_Worker-4" [_thread_blocked,
id=273]
0x0a1638e8 JavaThread "DefaultQuartzScheduler_Worker-3" [_thread_blocked,
id=272]
0x09380fe8 JavaThread "DefaultQuartzScheduler_Worker-2" [_thread_blocked,
id=271]
0x09376360 JavaThread "DefaultQuartzScheduler_Worker-1" [_thread_blocked,
id=270]
0x09532070 JavaThread "DefaultQuartzScheduler_Worker-0" [_thread_blocked,
id=269]
0x0a0ac820 JavaThread "Store default Spool Thread" daemon [_thread_blocked,
id=267]
0x09e22690 JavaThread "IndexMerger" daemon [_thread_blocked, id=265]
0x093652a8 JavaThread "ObservationManager" daemon [_thread_blocked, id=264]
0x0a156a90 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=262]
0x09111f68 JavaThread "IndexMerger" daemon [_thread_blocked, id=261]
0x0a0bd9f0 JavaThread "ObservationManager" daemon [_thread_blocked, id=260]
0x096070c0 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=259]
0x0937ca40 JavaThread "IndexMerger" daemon [_thread_blocked, id=258]
0x0a164000 JavaThread "ObservationManager" daemon [_thread_blocked, id=257]
0x09565498 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=256]
0x08905a40 JavaThread "owfe::expool.sched" daemon [_thread_blocked, id=255]
0x0939e930 JavaThread "IndexMerger" daemon [_thread_blocked, id=252]
0x09604458 JavaThread "ObservationManager" daemon [_thread_blocked, id=251]
0x09999188 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=250]
0x08d92200 JavaThread "IndexMerger" daemon [_thread_blocked, id=249]
0x09f90b30 JavaThread "ObservationManager" daemon [_thread_blocked, id=248]
0x094fb688 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=247]
0x09dff7a8 JavaThread "IndexMerger" daemon [_thread_blocked, id=246]
0x08dc60d8 JavaThread "ObservationManager" daemon [_thread_blocked, id=245]
0x089051c0 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=244]
0x09dbfb68 JavaThread "IndexMerger" daemon [_thread_blocked, id=243]
0x097c39d0 JavaThread "ObservationManager" daemon [_thread_blocked, id=242]
0x093bf580 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=240]
0x097e0f80 JavaThread "IndexMerger" daemon [_thread_blocked, id=239]
0x08c1bd60 JavaThread "ObservationManager" daemon [_thread_blocked, id=238]
0x09368ce8 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=237]
0x0970a990 JavaThread "IndexMerger" daemon [_thread_blocked, id=236]
0x0897c000 JavaThread "ObservationManager" daemon [_thread_blocked, id=235]
0x09df7868 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=234]
0x09783ed8 JavaThread "IndexMerger" daemon [_thread_blocked, id=233]
0x0939e7a0 JavaThread "ObservationManager" daemon [_thread_blocked, id=232]
0x09939870 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=230]
0x0982d8c0 JavaThread "Timer-72" daemon [_thread_blocked, id=229]
0x098a8708 JavaThread "IndexMerger" daemon [_thread_blocked, id=228]
0x0905f358 JavaThread "ObservationManager" daemon [_thread_blocked, id=226]
0x0a14c138 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=224]
0x08906a38 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=223]
0x08f394d8 JavaThread "Dispatcher-Thread-110" daemon [_thread_blocked, id=221]
0x08e4b738 JavaThread "Dispatcher-Thread-109" daemon [_thread_blocked, id=220]
0x08dc6f90 JavaThread "Dispatcher-Thread-108" daemon [_thread_blocked, id=219]
0x0939c110 JavaThread
"ContainerBackgroundProcessor[StandardEngine[com.sun.appserv].StandardHost[test]
.StandardContext[]]" daemon [_thread_blocked, id=214]
0x08e42198 JavaThread
"ContainerBackgroundProcessor[StandardEngine[com.sun.appserv].StandardHost[test]
.StandardContext[/__wstx-services]]" daemon [_thread_blocked, id=213]
0x0a07acc0 JavaThread
"ContainerBackgroundProcessor[StandardEngine[com.sun.appserv].StandardHost[serve
r].StandardContext[/__wstx-services]]" daemon [_thread_blocked, id=208]
0x09e0e270 JavaThread
"ContainerBackgroundProcessor[StandardEngine[com.sun.appserv].StandardHost[serve
r].StandardContext[]]" daemon [_thread_blocked, id=207]
0x0a16e3c8 JavaThread
"ContainerBackgroundProcessor[StandardEngine[com.sun.appserv].StandardHost[serve
r].StandardContext[/__JWSappclients]]" daemon [_thread_blocked, id=206]
0x09f19dd0 JavaThread "pool-8-thread-2" [_thread_blocked, id=197]
0x090c7558 JavaThread "Thread-87" daemon [_thread_blocked, id=188]
0x09388e58 JavaThread "DefaultQuartzScheduler_QuartzSchedulerThread"
[_thread_blocked, id=186]
0x09819ac0 JavaThread "DefaultQuartzScheduler_Worker-9" [_thread_blocked,
id=185]
0x09830aa0 JavaThread "DefaultQuartzScheduler_Worker-8" [_thread_blocked,
id=184]
0x09807730 JavaThread "DefaultQuartzScheduler_Worker-7" [_thread_blocked,
id=183]
0x09514838 JavaThread "DefaultQuartzScheduler_Worker-6" [_thread_blocked,
id=182]
0x0982d230 JavaThread "DefaultQuartzScheduler_Worker-5" [_thread_blocked,
id=181]
0x09807460 JavaThread "DefaultQuartzScheduler_Worker-4" [_thread_blocked,
id=180]
0x098c7a38 JavaThread "DefaultQuartzScheduler_Worker-3" [_thread_blocked,
id=179]
0x09940dc0 JavaThread "DefaultQuartzScheduler_Worker-2" [_thread_blocked,
id=178]
0x089ecee8 JavaThread "DefaultQuartzScheduler_Worker-1" [_thread_blocked,
id=177]
0x09a6c0d8 JavaThread "DefaultQuartzScheduler_Worker-0" [_thread_blocked,
id=176]
0x0994cc18 JavaThread "Store default Spool Thread" daemon [_thread_blocked,
id=174]
0x09867c18 JavaThread "IndexMerger" daemon [_thread_blocked, id=168]
0x097dc4c0 JavaThread "ObservationManager" daemon [_thread_blocked, id=167]
0x0999d798 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=166]
0x08e52de0 JavaThread "IndexMerger" daemon [_thread_blocked, id=165]
0x088ec1f0 JavaThread "ObservationManager" daemon [_thread_blocked, id=164]
0x09845208 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=162]
0x097f21d8 JavaThread "IndexMerger" daemon [_thread_blocked, id=161]
0x099e66c8 JavaThread "ObservationManager" daemon [_thread_blocked, id=160]
0x097e1e88 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=158]
0x096af058 JavaThread "IndexMerger" daemon [_thread_blocked, id=157]
0x098af6a8 JavaThread "ObservationManager" daemon [_thread_blocked, id=156]
0x0906e048 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=155]
0x0946a3e8 JavaThread "IndexMerger" daemon [_thread_blocked, id=154]
0x09199910 JavaThread "ObservationManager" daemon [_thread_blocked, id=153]
0x08f45de8 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=151]
0x09840ef0 JavaThread "IndexMerger" daemon [_thread_blocked, id=147]
0x094693b0 JavaThread "ObservationManager" daemon [_thread_blocked, id=146]
0x09838e00 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=145]
0x09966628 JavaThread "IndexMerger" daemon [_thread_blocked, id=144]
0x099704b8 JavaThread "ObservationManager" daemon [_thread_blocked, id=143]
0x09647288 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=141]
0x08f3ae88 JavaThread "IndexMerger" daemon [_thread_blocked, id=140]
0x099f3390 JavaThread "ObservationManager" daemon [_thread_blocked, id=139]
0x09286d58 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=137]
0x095156d8 JavaThread "IndexMerger" daemon [_thread_blocked, id=136]
0x09647500 JavaThread "ObservationManager" daemon [_thread_blocked, id=135]
0x089ccd70 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=133]
0x0993ba40 JavaThread "IndexMerger" daemon [_thread_blocked, id=132]
0x093e7f30 JavaThread "ObservationManager" daemon [_thread_blocked, id=131]
0x098fbc10 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=130]
0x09a72930 JavaThread "IndexMerger" daemon [_thread_blocked, id=129]
0x0957ca30 JavaThread "ObservationManager" daemon [_thread_blocked, id=128]
0x09549950 JavaThread "Timer-34" daemon [_thread_blocked, id=126]
0x09954c10 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=125]
0x09728ad0 JavaThread "IndexMerger" daemon [_thread_blocked, id=124]
0x099a59b8 JavaThread "ObservationManager" daemon [_thread_blocked, id=123]
0x095c46f8 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=121]
0x0957d548 JavaThread "Timer-31" daemon [_thread_blocked, id=119]
0x09928e10 JavaThread "IndexMerger" daemon [_thread_blocked, id=118]
0x09547ff0 JavaThread "Roller Weblogger Task Scheduler" [_thread_blocked,
id=116]
0x09492a88 JavaThread "ObservationManager" daemon [_thread_blocked, id=114]
0x0954a4f0 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=112]
0x095b09c0 JavaThread "JiraQuartzScheduler_QuartzSchedulerThread"
[_thread_blocked, id=109]
0x0958cae8 JavaThread "JiraQuartzScheduler_Worker-3" [_thread_blocked, id=108]
0x09418ba8 JavaThread "JiraQuartzScheduler_Worker-2" [_thread_blocked, id=107]
0x095b8da0 JavaThread "JiraQuartzScheduler_Worker-1" [_thread_blocked, id=106]
0x095b0d88 JavaThread "JiraQuartzScheduler_Worker-0" [_thread_blocked, id=105]
0x08f94848 JavaThread "derby.rawStoreDaemon" daemon [_thread_blocked, id=101]
0x0990e5e0 JavaThread "Timer-22" daemon [_thread_blocked, id=100]
0x096003f8 JavaThread "derby.antiGC" daemon [_thread_blocked, id=98]
0x09c372d8 JavaThread "pool-5-thread-4" daemon [_thread_blocked, id=95]
0x09285f00 JavaThread "pool-5-thread-3" daemon [_thread_blocked, id=94]
0x09c11800 JavaThread "pool-5-thread-2" daemon [_thread_blocked, id=93]
0x0939fc50 JavaThread "pool-5-thread-1" daemon [_thread_blocked, id=92]
0x08110bb0 JavaThread "Thread-39" [_thread_blocked, id=91]
0x0938b6e8 JavaThread "Dispatcher-Thread-38" daemon [_thread_blocked, id=90]
0x09c0cc50 JavaThread "Dispatcher-Thread-37" daemon [_thread_blocked, id=89]
0x09d32028 JavaThread "Dispatcher-Thread-36" daemon [_thread_blocked, id=88]
0x08e811f0 JavaThread
"ContainerBackgroundProcessor[StandardEngine[com.sun.appserv].StandardHost[serve
r].StandardContext[/jira]]" daemon [_thread_blocked, id=86]
0x0917ee88 JavaThread "Timer-15" daemon [_thread_blocked, id=83]
=>0x08e93828 JavaThread "Hudson cron thread" [_thread_in_native, id=81]
0x08ef9f68 JavaThread "Store userCache Expiry Thread" daemon [_thread_blocked,
id=80]
0x08bfa708 JavaThread "Store userCache Spool Thread" daemon [_thread_blocked,
id=79]
0x08e572d0 JavaThread "Java2D Disposer" daemon [_thread_blocked, id=77]
0x090fd170 JavaThread
"ContainerBackgroundProcessor[StandardEngine[com.sun.appserv].StandardHost[site]
.StandardContext[/roller]]" daemon [_thread_blocked, id=74]
0x08ec3108 JavaThread
"ContainerBackgroundProcessor[StandardEngine[com.sun.appserv].StandardHost[serve
r].StandardContext[/hudson]]" daemon [_thread_blocked, id=73]
0x08ee8e58 JavaThread
"ContainerBackgroundProcessor[StandardEngine[com.sun.appserv].StandardHost[__asa
dmin].StandardContext[]]" daemon [_thread_blocked, id=72]
0x08edbf98 JavaThread
"ContainerBackgroundProcessor[StandardEngine[com.sun.appserv].StandardHost[test]
.StandardContext[/magnoliaAuthor]]" daemon [_thread_blocked, id=70]
0x081d3e60 JavaThread
"ContainerBackgroundProcessor[StandardEngine[com.sun.appserv].StandardHost[__asa
dmin].StandardContext[/web1]]" daemon [_thread_blocked, id=69]
0x08952860 JavaThread
"ContainerBackgroundProcessor[StandardEngine[com.sun.appserv].StandardHost[site]
.StandardContext[/__wstx-services]]" daemon [_thread_blocked, id=68]
0x08a04900 JavaThread
"ContainerBackgroundProcessor[StandardEngine[com.sun.appserv].StandardHost[site]
.StandardContext[]]" daemon [_thread_blocked, id=67]
0x08c29de8 JavaThread
"ContainerBackgroundProcessor[StandardEngine[com.sun.appserv].StandardHost[serve
r].StandardContext[/hg]]" daemon [_thread_blocked, id=66]
0x08be9b88 JavaThread "pool-1-thread-6" [_thread_blocked, id=61]
0x08befca0 JavaThread "pool-1-thread-5" [_thread_blocked, id=60]
0x08bfbd10 JavaThread "httpWorkerThread-4848-1" daemon [_thread_blocked,
id=59]
0x08bcd5d8 JavaThread "httpWorkerThread-4848-0" daemon [_thread_blocked,
id=58]
0x08bb9438 JavaThread "SelectorThread-4848" [_thread_in_native, id=57]
0x08c263b0 JavaThread "httpSSLWorkerThread-8181-1" daemon [_thread_blocked,
id=56]
0x08c2b6e8 JavaThread "httpSSLWorkerThread-8181-0" daemon [_thread_blocked,
id=55]
0x08320590 JavaThread "SelectorThread-8181" [_thread_in_native, id=54]
0x08bce760 JavaThread "httpSSLWorkerThread-8080-1" daemon [_thread_blocked,
id=53]
0x08bac3d8 JavaThread "httpSSLWorkerThread-8080-0" daemon [_thread_blocked,
id=52]
0x08bf5b60 JavaThread "SelectorThread-8080" [_thread_in_native, id=51]
0x08a07ea8 JavaThread "RMI RenewClean-[192.168.123.60:51788]" daemon
[_thread_blocked, id=38]
0x08319e38 JavaThread "RMI TCP Accept-0" daemon [_thread_in_native, id=36]
0x089c2f88 JavaThread "RMI TCP Accept-8686" daemon [_thread_in_native, id=35]
0x08aa5550 JavaThread "Thread-14" [_thread_blocked, id=32]
0x08a2ec68 JavaThread "Thread-13" [_thread_blocked, id=31]
0x088b8a80 JavaThread "Timer-4" daemon [_thread_blocked, id=30]
0x08b14d50 JavaThread "Timer-3" [_thread_blocked, id=29]
0x088d0290 JavaThread "Timer-2" [_thread_blocked, id=28]
0x088bf7c0 JavaThread "Thread-9" [_thread_blocked, id=27]
0x086fbd60 JavaThread "RMI RenewClean-
[192.168.123.60:51776,com.sun.enterprise.admin.server.core.channel.LocalRMIClien
tSocketFactory@e22632]" daemon [_thread_blocked, id=24]
0x08886da8 JavaThread "Timer-1" [_thread_blocked, id=23]
0x08552310 JavaThread "RMI LeaseChecker" daemon [_thread_blocked, id=22]
0x0853a070 JavaThread "Thread-6" [_thread_in_native, id=20]
0x08538648 JavaThread "Thread-5" [_thread_in_native, id=19]
0x08537530 JavaThread "Thread-4" [_thread_in_native, id=18]
0x087d6788 JavaThread "Thread-3" [_thread_in_native, id=17]
0x088127a8 JavaThread "GC Daemon" daemon [_thread_blocked, id=16]
0x0854fdd8 JavaThread "RMI Reaper" [_thread_blocked, id=15]
0x087bc260 JavaThread "Timer-0" daemon [_thread_blocked, id=14]
0x087f5f90 JavaThread "RMI TCP Accept-0" daemon [_thread_in_native, id=13]
0x08733bf0 JavaThread "pool-1-thread-2" [_thread_blocked, id=12]
0x08731418 JavaThread "pool-1-thread-1" [_thread_blocked, id=11]
0x0815c538 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=9]
0x0815b450 JavaThread "CompilerThread0" daemon [_thread_blocked, id=8]
0x0815a348 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=7]
0x08159358 JavaThread "JDWP Event Helper Thread" daemon [_thread_blocked,
id=6]
0x08151bb8 JavaThread "JDWP Transport Listener: dt_socket" daemon
[_thread_in_native, id=5]
0x08143c90 JavaThread "Finalizer" daemon [_thread_blocked, id=4]
0x08142ff8 JavaThread "Reference Handler" daemon [_thread_blocked, id=3]

Other Threads:
0x08140780 VMThread [id=2]
0x081775e8 WatcherThread [id=10]

VM state:not at safepoint (normal execution)

VM Mutex/Monitor currently owned by a thread: None

Heap
def new generation total 96512K, used 76985K [0x69200000, 0x6f310000,
0x93ca0000)
eden space 93632K, 79% used [0x69200000, 0x6da5e5b0, 0x6ed70000)
from space 2880K, 100% used [0x6ed70000, 0x6f040000, 0x6f040000)
to space 2880K, 0% used [0x6f040000, 0x6f040000, 0x6f310000)
tenured generation total 198292K, used 122758K [0x93ca0000, 0x9fe45000,
0xe9200000)
the space 198292K, 61% used [0x93ca0000, 0x9b481b68, 0x9b481c00, 0x9fe45000)
compacting perm gen total 96256K, used 96227K [0xe9200000, 0xef000000,
0xf9200000)
the space 96256K, 99% used [0xe9200000, 0xeeff8d38, 0xeeff8e00, 0xef000000)
No shared spaces configured.

Dynamic libraries:
0x08050000 /usr/jdk/instances/jdk1.5.0/bin/java
0xfefb0000 /lib/libthread.so.1
0xfef80000 /lib/libdl.so.1
0xfee50000 /lib/libc.so.1
0xfea00000 /usr/jdk/instances/jdk1.5.0/jre/lib/i386/client/libjvm.so
0xfee30000 /lib/libsocket.so.1
0xfefa0000 /usr/lib/libsched.so.1
0xfee00000 /usr/lib/libCrun.so.1
0xfe9e0000 /lib/libm.so.1
0xfe940000 /lib/libnsl.so.1
0xfe8e0000 /lib/libm.so.2
0xfe8b0000 /lib/libscf.so.1
0xfe890000 /lib/libdoor.so.1
0xfe870000 /lib/libuutil.so.1
0xfe850000 /lib/libgen.so.1
0xfe830000 /lib/libmd.so.1
0xfe810000 /lib/libmp.so.2
0xfe7f0000
/usr/jdk/instances/jdk1.5.0/jre/lib/i386/native_threads/libhpi.so
0xfe7a0000 /usr/jdk/instances/jdk1.5.0/jre/lib/i386/libjdwp.so
0xfe760000 /usr/jdk/instances/jdk1.5.0/jre/lib/i386/libverify.so
0xfe730000 /usr/jdk/instances/jdk1.5.0/jre/lib/i386/libjava.so
0xfe700000 /usr/jdk/instances/jdk1.5.0/jre/lib/i386/libzip.so
0x68400000 /usr/lib/locale/en_US.UTF-8/en_US.UTF-8.so.3
0xfbef0000 /usr/lib/locale/en_US.UTF-8/methods_en_US.UTF-8.so.3
0xfbf10000 /usr/jdk/instances/jdk1.5.0/jre/lib/i386/libdt_socket.so
0x68260000 /usr/jdk/instances/jdk1.5.0/jre/lib/i386/libnet.so
0x64a40000 /usr/jdk/instances/jdk1.5.0/jre/lib/i386/libmanagement.so
0x64a20000 /usr/jdk/instances/jdk1.5.0/jre/lib/i386/libj2pkcs11.so
0x64500000 /usr/lib/libpkcs11.so
0x644e0000 /usr/lib/libcryptoutil.so.1
0x64490000 /usr/lib/security/pkcs11_softtoken_extra.so
0x64470000 /usr/jdk/instances/jdk1.5.0/jre/lib/i386/libnio.so
0x63ea0000 /lib/librt.so.1
0x63e80000 /lib/libaio.so.1
0x63c20000 /usr/jdk/instances/jdk1.5.0/jre/lib/i386/librmi.so
0x63bb0000 /opt/SUNWappserver/lib/libjvminfoutil.so
0x63b90000 /lib/libkstat.so.1
0x639f0000 /usr/lib/libCstd.so.1
0x5f770000 /usr/lib/libsendfile.so.1
0x5f660000 /usr/jdk/instances/jdk1.5.0/jre/lib/i386/libawt.so
0x5f5a0000 /usr/jdk/instances/jdk1.5.0/jre/lib/i386/libmlib_image.so
0x5f540000 /usr/jdk/instances/jdk1.5.0/jre/lib/i386/headless/libmawt.so
0x5f330000 /usr/jdk/instances/jdk1.5.0/jre/lib/i386/libfontmanager.so
0x56cb0000 /opt/SUNWappserver/domains/domain1/generated/jsp/j2ee-
modules/hudson/loader/com/sun/jna/sunos-x86/libjnidispatch.so
0x56c30000 /lib/libzfs.so
0x56c00000 /lib/libdevinfo.so.1
0x5d5e0000 /lib/libdevid.so.1
0x578a0000 /lib/libnvpair.so.1
0x56be0000 /lib/libavl.so.1
0x56bc0000 /lib/libefi.so.1
0x56b90000 /lib/libsec.so.1
0x56b70000 /lib/libuuid.so.1
0x56af0000 /usr/lib//libshare.so.1
0x569c0000 /usr/lib/libxml2.so.2
0x56b20000 /lib/libpthread.so.1
0x569a0000 /usr/lib/libz.so.1

VM Arguments:
jvm_args: -Dcom.sun.aas.instanceRoot=/opt/SUNWappserver/domains/domain1 -
DHUDSON_HOME=/var/zfs/backip/hudson -DPLEXUS_NEXUS_WORK=/var/zfs/backip/nexus -
Dcom.sun.aas.ClassPathPrefix= -
Dcom.sun.aas.ClassPathSuffix=/usr/postgres/8.2/jdbc/postgresql.jar:/usr/sfw/jdbc
/mysql-connector-java-3.1.14-bin.jar -Dcom.sun.aas.ServerClassPath= -
Dcom.sun.aas.classloader.appserverChainJars.ee= -
Dcom.sun.aas.classloader.appserverChainJars=admin-cli.jar,admin-cli-ee.jar,j2ee-
svc.jar Dcom.sun.aas.classloader.excludesList=admin-cli.jar,appserv
upgrade.jar,sun-appserv-ant.jar -
Dcom.sun.aas.classloader.optionalOverrideableChain.ee= -
Dcom.sun.aas.classloader.optionalOverrideableChain=webservices-
rt.jar,webservices-tools.jar -Dcom.sun.aas.classloader.serverClassPath.ee=Does
not
exist/lib/hadbjdbc4.jar,/opt/SUNWappserver/lib/SUNWjdmk/5.1/lib/jdmkrt.jar,Does
not exist/lib/dbstate.jar,Does not exist/lib/hadbm.jar,Does not
exist/lib/hadbmgt.jar,/opt/SUNWmfwk/lib/mfwk_instrum_tk.jar -
Dcom.sun.aas.classloader.serverClassPath=/opt/SUNWappserver/lib/install/applicat
ions/jmsra/imqjmsra.jar,/opt/SUNWappserver/imq/lib/jaxm-
api.jar,/opt/SUNWappserver/imq/lib/fscontext.jar,/opt/SUNWappserver/imq/lib/imqb
roker.jar,/opt/SUNWappserver/imq/lib/imqjmx.jar,/opt/SUNWappserver/lib/ant/lib/a
nt.jar,/opt/SUNWappserver/lib/SUNWjdmk/5.1/lib/jdmkrt.jar -
Dcom.sun.aas.classloader.sharedChainJars.ee=appserv-se.jar,appserv-ee.jar,jesmf-
plugin.jar,Does not exist/lib/dbstate.jar,Does not
exist/lib/hadbjdbc4.jar,jgroups-all.jar,/opt/SUNWmfwk/lib/mfwk_instrum_tk.jar -
Dcom.sun.aas.classloader.sharedChainJars=javaee.jar,/usr/jdk/instances/jdk1.5.0/
lib/tools.jar,install/applications/jmsra/imqjmsra.jar,com-sun-commons-
launcher.jar,com-sun-commons-logging.jar,/opt/SUNWappserver/imq/lib/jaxm-
api.jar,/opt/SUNWappserver/imq/lib/fscontext.jar,/opt/SUNWappserver/imq/lib/imqb
roker.jar,/opt/SUNWappserver/imq/lib/imqjmx.jar,/opt/SUNWappserver/imq/lib/imqxm
.jar,webservices-rt.jar,webservices-tools.jar,mail.jar,appserv-jstl.jar,jmxremot
java_command: com.sun.enterprise.server.PELaunch start
Launcher Type: SUN_STANDARD

Environment Variables:
PATH=/usr/sbin:/usr/bin
LD_LIBRARY_PATH=/usr/jdk/instances/jdk1.5.0/jre/lib/i386/client:/usr/jdk/instanc
es/jdk1.5.0/jre/lib/i386:/usr/jdk/instances/jdk1.5.0/jre/../lib/i386:/opt/SUNWap
pserver/lib:/opt/SUNWappserver/lib:/opt/SUNWappserver/lib:

Signal Handlers:
SIGSEGV: [libjvm.so+0x331be0], sa_mask[0]=0xffbffeff, sa_flags=0x00000004
SIGBUS: [libjvm.so+0x331be0], sa_mask[0]=0xffbffeff, sa_flags=0x00000004
SIGFPE: [libjvm.so+0x16db60], sa_mask[0]=0xffbffeff, sa_flags=0x0000000c
SIGPIPE: [libjvm.so+0x16db60], sa_mask[0]=0xffbffeff, sa_flags=0x0000000c
SIGILL: [libjvm.so+0x16db60], sa_mask[0]=0xffbffeff, sa_flags=0x0000000c
SIGUSR1: SIG_DFL, sa_mask[0]=0x00000000, sa_flags=0x00000000
SIGUSR2: SIG_DFL, sa_mask[0]=0x00000000, sa_flags=0x00000000
SIGHUP: [libjvm.so+0x2d1330], sa_mask[0]=0xffbffeff, sa_flags=0x00000004
SIGINT: [libjvm.so+0x2d1330], sa_mask[0]=0xffbffeff, sa_flags=0x00000004
SIGQUIT: [libjvm.so+0x2d1330], sa_mask[0]=0xffbffeff, sa_flags=0x00000004
SIGTERM: [libjvm.so+0x2d1330], sa_mask[0]=0xffbffeff, sa_flags=0x00000004

--------------- S Y S T E M ---------------

OS: Solaris 10 5/08 s10x_u5wos_10 X86
Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
Use is subject to license terms.
Assembled 24 March 2008

uname:SunOS 5.10 Generic_139556-08 i86pc (T2 libthread)
rlimit: STACK 10240k, CORE infinity, NOFILE 65536, AS infinity
load average:5.23 4.73 4.22

CPU:total 2 (cores per cpu 2, threads per core 1) family 15 model 4 stepping 4,
cmov, cx8, fxsr, mmx, sse, sse2, sse3

Memory: 4k page, physical 3397712k(450004k free)

vm_info: Java HotSpot(TM) Client VM (1.5.0_18-b02) for solaris-x86, built on Feb
25 2009 03:17:22 by unknown with unknown Workshop:0x550






[ZFS-2] issue:how to create volume? Created: 14/May/09  Updated: 14/May/09

Status: Open
Project: zfs
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: dftbj Assignee: zfs-issues
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 2

 Description   

how to create volume ?






[ZFS-1] zfs_prop_get() implementation. Created: 08/Aug/08  Updated: 02/Jan/09

Status: Open
Project: zfs
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Improvement Priority: Major
Reporter: jd22761 Assignee: zfs-issues
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: Sun


Issuezilla Id: 1

 Description   

I'd like to get the system property method zfs_prop_get() working ... I've tried
a few things, but no luck, not familiar enough with jna ... Can you take a look
at this implementing this method in your library ? here's what I've tried:

in libzfs.java, I changed the definition to:
int zfs_prop_get(zfs_handle_t handle, int prop, Pointer _4, int cbSize,
/zprop_source_t */ IntByReference _5, char[] _6, NativeLong _7, boolean _8);

And have been experimenting with permutations of the following to retrieve a
user property:

in main():
/* arg is the zfs filesystem name */
for (String arg: args ) {
LibZFS zfs = new LibZFS();
ZFSObject fs = zfs.open(arg);
zfs_handle_t handle = LIBZFS.zfs_open(zfs.getHandle(), arg,
zfs_type_t.DATASET);

System.out.println("Request system prop");
Memory propbuf = new Memory(libzfs.ZFS_MAXPROPLEN);
String propstr = null;
char[] buf = null;
IntByReference ibr = null;
for (int i=0; i < 20; i++) {
int ret = LIBZFS.zfs_prop_get(handle, i, propbuf,
libzfs.ZFS_MAXPROPLEN, ibr, buf, new NativeLong(0), true);
if ( ret != 0 )

{ propstr = "-"; }

else

{ propstr = String.valueOf(propbuf.getCharArray(0,libzfs.ZFS_MAXPROPLEN)); }

System.out.println(i+" = "+propstr);

Do you have any suggestions ?

Thanks,
Jay



 Comments   
Comment by nhoj_p [ 02/Jan/09 ]

Jay,

Can you see if the unit test output at the bottom display the type of
information that you where after?

I've update the unit test 'testGetZfsProperties' which produced this output.

John

Code Snippet:

// Create list of all properties
List<zfs_prop_t> props = new ArrayList<zfs_prop_t>();
for (zfs_prop_t prop : EnumSet.allOf(zfs_prop_t.class))

{ props.add(prop); }

LibZFS zfs = new LibZFS();

// Iterate over all root zfs pools and display their zfs properties
for (ZFSPool pool : zfs.roots()) {
System.out.println("pool :" + pool.getName());
Hashtable<zfs_prop_t, String> zfsPoolProps = pool.getZfsProperty(props);
for (zfs_prop_t prop : zfsPoolProps.keySet())

{ System.out.println("zfs_prop_t " + prop + "(" + prop.ordinal() + ") = " + zfsPoolProps.get(prop)); }

}

// Open specific zfs pool and display its zfs properties
ZFSObject o = zfs.open("rpool/kohsuke");
System.out.println("pool :" + o.getName());
Hashtable<zfs_prop_t, String> zfsPoolProps = o.getZfsProperty(props);
for (zfs_prop_t prop : zfsPoolProps.keySet())

{ System.out.println("zfs_prop_t " + prop + "(" + prop.ordinal() + ") = " + zfsPoolProps.get(prop)); }

Outputs:

pool :rpool
zfs_prop_t ZFS_PROP_SNAPDIR(23) = hidden
zfs_prop_t ZFS_PROP_REFERENCED(4) = 77312
zfs_prop_t ZFS_PROP_XATTR(31) = on
zfs_prop_t ZFS_PROP_SHARESMB(40) = off
zfs_prop_t ZFS_PROP_DEVICES(18) = on
zfs_prop_t ZFS_PROP_REFRESERVATION(42) = 0
zfs_prop_t ZFS_PROP_UTF8ONLY(35) = off
zfs_prop_t ZFS_PROP_ISCSIOPTIONS(30) = -
zfs_prop_t ZFS_PROP_ORIGIN(7) = -
zfs_prop_t ZFS_PROP_COMPRESSRATIO(5) = 1.00x
zfs_prop_t ZFS_PROP_SETUID(20) = on
zfs_prop_t ZFS_PROP_ACLINHERIT(25) = restricted
zfs_prop_t ZFS_PROP_VSCAN(38) = off
zfs_prop_t ZFS_PROP_CASE(37) = sensitive
zfs_prop_t ZFS_PROP_CANMOUNT(28) = on
zfs_prop_t ZFS_PROP_NAME(27) = rpool
zfs_prop_t ZFS_PROP_COPIES(33) = 1
zfs_prop_t ZFS_PROP_SHARENFS(14) = off
zfs_prop_t ZFS_PROP_CHECKSUM(15) = on
zfs_prop_t ZFS_PROP_USED(2) = 9396951040
zfs_prop_t ZFS_PROP_RECORDSIZE(12) = 131072
zfs_prop_t ZFS_PROP_AVAILABLE(3) = 22576228352
zfs_prop_t ZFS_PROP_ATIME(17) = on
zfs_prop_t ZFS_PROP_ZONED(22) = off
zfs_prop_t ZFS_PROP_TYPE(0) = filesystem
zfs_prop_t ZFS_PROP_NORMALIZE(36) = none
zfs_prop_t ZFS_PROP_QUOTA(8) = 0
zfs_prop_t ZFS_PROP_MOUNTPOINT(13) = /rpool
zfs_prop_t ZFS_PROP_VOLSIZE(10) = -
zfs_prop_t ZFS_PROP_VOLBLOCKSIZE(11) = -
zfs_prop_t ZFS_PROP_MOUNTED(6) = yes
zfs_prop_t ZFS_PROP_CREATION(1) = 1230371419
zfs_prop_t ZFS_PROP_SHAREISCSI(29) = off
zfs_prop_t ZFS_PROP_CREATETXG(26) = 1
zfs_prop_t ZFS_PROP_COMPRESSION(16) = off
zfs_prop_t ZFS_PROP_REFQUOTA(41) = 0
zfs_prop_t ZFS_PROP_NUMCLONES(32) = -
zfs_prop_t ZFS_PROP_VERSION(34) = 3
zfs_prop_t ZFS_PROP_ACLMODE(24) = groupmask
zfs_prop_t ZFS_PROP_EXEC(19) = on
zfs_prop_t ZFS_NUM_PROPS(43) = 17907303855270970026
zfs_prop_t ZFS_PROP_NBMAND(39) = off
zfs_prop_t ZFS_PROP_READONLY(21) = off
zfs_prop_t ZFS_PROP_RESERVATION(9) = 0
pool :rpool/kohsuke
zfs_prop_t ZFS_PROP_SNAPDIR(23) = hidden
zfs_prop_t ZFS_PROP_REFERENCED(4) = 18432
zfs_prop_t ZFS_PROP_XATTR(31) = on
zfs_prop_t ZFS_PROP_SHARESMB(40) = off
zfs_prop_t ZFS_PROP_DEVICES(18) = on
zfs_prop_t ZFS_PROP_REFRESERVATION(42) = 0
zfs_prop_t ZFS_PROP_UTF8ONLY(35) = off
zfs_prop_t ZFS_PROP_ISCSIOPTIONS(30) = -
zfs_prop_t ZFS_PROP_ORIGIN(7) = -
zfs_prop_t ZFS_PROP_COMPRESSRATIO(5) = 1.00x
zfs_prop_t ZFS_PROP_SETUID(20) = on





[ZEE-1] remove cyclic dependencies Created: 12/Jul/10  Updated: 31/Jul/10  Resolved: 31/Jul/10

Status: Resolved
Project: zee
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Task Priority: Major
Reporter: infinitelocrian Assignee: zee-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 1

 Description   

remove cyclic dependencies



 Comments   
Comment by infinitelocrian [ 31/Jul/10 ]

there are now no cyclic dependencies in this project according to jdepend.





[YGGDRASIL-16] Rules of declaring values are not clear Created: 21/Jul/09  Updated: 21/Jul/09

Status: Open
Project: yggdrasil
Component/s: YggdrasilSPOT
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Critical
Reporter: giovannirimon Assignee: arshan
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 16

 Description   

When I try to declare a public value (say number_of_sensor_values) it has to be
declared as static or being initialized when declared (static int
number_of_sensor_values = 10. If I modify this value inside the constructor or
the initialize() function or even inside the writeSample() function, I do not
get the modified value inside the readSample() function. I am not sure what is
going on at the backend.

Here is the code that I have:

import com.sun.spotx.yggdrasil.nodeevent.*;
import com.sun.spotx.drivers.hydrolab.DS5X;
import com.sun.spotx.drivers.hydrolab.DS5XSensor;
import java.io.IOException;
import com.sun.spotx.yggdrasil.sensorframework.*;

/**

  • a SPOT that gathers data from hydrolab set of sensors and sends it to the
  • base station to be processed.
  • @author Giovani Abuaitah <giovannirimon@gmail.com>
    */
    public class EDemoSensors extends Sensor {

private DS5X water_sensor; // DS5X water sensor to read the values from
private DS5XSensor[] sensor_values; // The sensor values obtained from the
// DS5X water sensor every sample

public static int number_of_values = 10;

public EDemoSensors()

{ super("HydrolabSensors"); setDescription("a SPOT to read a bunch of values from the Hydrolab"); setSetupTime(0); // define the types of sensor readings the Hydrolab senses addSensorValue("Time", "HHMMSS", 0, 1000000, .1, 0); addSensorValue("Temp", "C", 0, 500, 1, 0); addSensorValue("pH", "Units", 0, 100, .01, 0); addSensorValue("SpCond", "mS/cm", 0, 100, .01, 0); addSensorValue("Sal", "ppt", 0, 100, .01, 0); addSensorValue("Dep25", "meters", 0, 100, .01, 0); addSensorValue("Clean", "Rev", 0, 100, .1, 0); addSensorValue("LDO%", "Sat", 0, 100, .1, 0); addSensorValue("LDO", "mg/l", 0, 100, .01, 0); addSensorValue("IBatt", "Volts", 0, 100, .1, 0); //number_of_values = 10; // register the sensor SensorFramework.getInstance().registerSensor(this); }

public void initialize() {
if (onDevice) {
try {
water_sensor = new DS5X(); // connect to the DS5X over the serial
sensor_values = water_sensor.getValues(); // read the values off
of the DS5X
//number_of_values = sensor_values.length;
for (int i = 0; i < sensor_values.length; i++)

{ System.out.println("Sensor Value: " + sensor_values[i].getName() + " " + sensor_values[i].getUnit() + " " + sensor_values[i].getValue()); }

} catch (IOException ex)

{ ex.printStackTrace(); }

}
}

/**

  • override the super populate to add data that this packet is interested
  • in, how ever call that one first to make sure its stuff is in there too
  • @throws java.io.IOException
    */
    public void writeSample(Sample sample) throws IOException
    Unknown macro: { sensor_values = water_sensor.getValues(); for (int i = 0; i < sensor_values.length; i++) { sample.writeDouble(sensor_values[i].getValue()); System.out.println("Sensor Value: " + sensor_values[i].getName() + " " + sensor_values[i].getUnit() + " " + sensor_values[i].getValue()); } System.out.println("populating edemo packet }

public void readSample(Sample sample) throws IOException {
for (int i = 0; i < number_of_values; i++)

{ sample.readDouble(); }

}
}

Here is the error stack that is reported:
java.lang.IllegalArgumentException: No such sensor value: 0
at java.lang.Throwable.<init>(bci=16)
at java.lang.Throwable.<init>(bci=5)
at java.lang.Exception.<init>(bci=6)
at java.lang.RuntimeException.<init>(bci=6)
at java.lang.IllegalArgumentException.<init>(bci=6)
at com.sun.spotx.yggdrasil.sensorframework.Sensor.checkNumVal(Sensor.java:481)
at com.sun.spotx.yggdrasil.sensorframework.Sensor.setValueName(Sensor.java:370)
at
com.sun.spotx.yggdrasil.sensorframework.Sensor.addSensorValue(Sensor.java:285)
at org.cocobolo.sensors.EDemoSensors.<init>(EDemoSensors.java:53)
at org.cocobolo.StartApplication.startApp(StartApplication.java:68)
in virtual method #10 of javax.microedition.midlet.MIDlet(bci=17)
at javax.microedition.midlet.MIDletTunnelImpl.callStartApp(bci=4)
at com.sun.squawk.imp.MIDletMainWrapper.main(bci=378)
in virtual method #95 of com.sun.squawk.Klass(bci=32)
at com.sun.squawk.Isolate.run(bci=414)
at java.lang.Thread.run(bci=17)
in virtual method #47 of com.sun.squawk.VMThread(bci=42)
in static method #3 of com.sun.squawk.VM(bci=6)






[YGGDRASIL-15] Subversion repository Checkout fails on Mac Created: 01/Jul/09  Updated: 01/Jul/09  Resolved: 01/Jul/09

Status: Resolved
Project: yggdrasil
Component/s: SensorNetwork
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Blocker
Reporter: giovannirimon Assignee: vipul_gupta
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: Macintosh


Issuezilla Id: 15

 Description   

When I tried to checkout the Sensor Network svn repository using NetBeans6.7 I get the following error:

In directory '/Users/ga235815/NetBeansProjects/Sensor.Network/SensorNetwork-web/trunk/SNMain-
new/web/images'
Can't move source to dest
Can't move '/Users/ga235815/NetBeansProjects/Sensor.Network/SensorNetwork-web/trunk/SNMain-
new/web/images/.svn/tmp/prop-base/eSpot-shadow.png.svn-base' to
'/Users/ga235815/NetBeansProjects/Sensor.Network/SensorNetwork-web/trunk/SNMain-
new/web/images/.svn/prop-base/eSpot-shadow.png.svn-base': No such file or directory

however, when I try to cleanup I still get another error regarding this file: "eSPOT-shadow.png" saying
it is not under version control.

svn: In directory 'SensorNetwork-web/trunk/SNMain-new/web/images'
svn: Error processing command 'modify-wcprop' in 'SensorNetwork-web/trunk/SNMain-
new/web/images'
svn: 'SensorNetwork-web/trunk/SNMain-new/web/images/eSPOT-shadow.png' is not under version
control

One thing worths mentioning here is that trying this over Linux "Fedora 11" did not reproduce the
same errors. It worked just fine.

-Giovani



 Comments   
Comment by arshan [ 01/Jul/09 ]

changed to P1 as its holding up the whole team

Comment by vipul_gupta [ 01/Jul/09 ]

I need someone with better SVN expertise to help here. Even though SNMain-new is no longer needed (it
is superceded by SNMainv2), I'm unable to delete it. For now, use the following workaround:

% cd <path-to-SensorNetwork-web>/trunk
% svn co SNMainv2

vipul

Comment by vipul_gupta [ 01/Jul/09 ]

Ok. I have finally managed to remove SNMain-new and I don't see the problem any more when I checkout
SensorNetwork on my MAC.





[YGGDRASIL-14] BaseStation runs out of heap space and stops accepting any more samples. Created: 20/May/09  Updated: 20/May/09

Status: Open
Project: yggdrasil
Component/s: YggdrasilHost
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Blocker
Reporter: shahriyar Assignee: arshan
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 14

 Description   

Below is as much information as I could get out of the console. Thanks, Shah.

[java] [DEBUG] Found Sensor : SENSORDATA_SPOTROUTING_B0C66952
[java] [DEBUG] toPAML(), Read int: 367085803
[java] [DEBUG] toPAML(), Read utf: 1D89:2860:2
[java] [DEBUG] toPAML(), Returning to caller
[java] [NONE] Received Sample at: Tue May 19 15:55:24 EDT 2009
[java] [DEBUG] Sample.toPAML(): <?xml version="1.0" encoding="UTF-8"?>
[java] <paml xmlns="http://yggdrasil.dev.java.net/xsd/001"
[java] xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
[java] xsi:schemaLocation="http://yggdrasil.dev.java.net/xsd/001
[java] http://yggdrasil.dev.java.net/xsd/001/001.xsd">
[java] <environment>
[java] <data id="-1329174190">
[java] <sampleTime>1242758402634</sampleTime>
[java] <sensorAddr>0014.4F01.0000.2252</sensorAddr>
[java] <value>367085803</value>
[java] <value>1D89:2860:2</value>
[java] </data>
[java] </environment>
[java] </paml>
[java]
[java] [DEBUG] Opened HttpURLConnection
[java] [DEBUG] initConnection() successfully connected
[java] [DEBUG] initConnection() successful
[java] [NONE] Sent data at Tue May 19 15:55:24 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.2773 @ Tue May 19 15:5
5:24 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.2807 @ Tue May 19 15:5
5:24 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1E95 @ Tue May 19 15:5
5:24 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.22BC @ Tue May 19 15:5
5:24 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.2252 @ Tue May 19 15:5
5:24 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.266F @ Tue May 19 15:5
5:25 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.266F @ Tue May 19 15:5
5:25 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1E95 @ Tue May 19 15:5
5:25 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.22BC @ Tue May 19 15:5
5:25 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1E95 @ Tue May 19 15:5
5:25 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1E95 @ Tue May 19 15:5
5:25 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1E95 @ Tue May 19 15:5
5:25 EDT 2009
[java] [DEBUG] Success sending data
[java] [DEBUG] Got UNKNOWN EVENT : 32 : from : 0014.4F01.0000.1E95
[java] [DEBUG] Got UNKNOWN EVENT : 32 : from : 0014.4F01.0000.2F74
[java] [DEBUG] Got UNKNOWN EVENT : 32 : from : 0014.4F01.0000.1B97
[java] [DEBUG] Got UNKNOWN EVENT : 32 : from : 0014.4F01.0000.2252
[java] [DEBUG] Got UNKNOWN EVENT : 32 : from : 0014.4F01.0000.22BC
[java] [DEBUG] Got UNKNOWN EVENT : 32 : from : 0014.4F01.0000.1E95
[java] [DEBUG] Got UNKNOWN EVENT : 32 : from : 0014.4F01.0000.1B97
[java] [DEBUG] Got DATA EVENT from : 0014.4F01.0000.2828
[java] [DEBUG] DATA Event is from a different node
[java] [DEBUG] Found Sensor : SENSORDATA_RADIOSENSOR_72F7CEEB
[java] [DEBUG] toPAML(), Read long: 5716365247782549
[java] [DEBUG] toPAML(), Read int: 243
[java] [DEBUG] toPAML(), Read int: -11
[java] [DEBUG] toPAML(), Read int: 2255
[java] [DEBUG] toPAML(), Read long: 1242757802977
[java] [DEBUG] toPAML(), Read long: 1242758403639
[java] [DEBUG] toPAML(), Returning to caller
[java] [NONE] Received Sample at: Tue May 19 15:55:25 EDT 2009
[java] [DEBUG] Sample.toPAML(): <?xml version="1.0" encoding="UTF-8"?>
[java] <paml xmlns="http://yggdrasil.dev.java.net/xsd/001"
[java] xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
[java] xsi:schemaLocation="http://yggdrasil.dev.java.net/xsd/001
[java] http://yggdrasil.dev.java.net/xsd/001/001.xsd">
[java] <environment>
[java] <data id="1928842987">
[java] <sampleTime>1242758403639</sampleTime>
[java] <sensorAddr>0014.4F01.0000.2828</sensorAddr>
[java] <value>5716365247782549</value>
[java] <value>243</value>
[java] <value>-11</value>
[java] <value>2255</value>
[java] <value>1242757802977</value>
[java] <value>1242758403639</value>
[java] </data>
[java] </environment>
[java] </paml>
[java]
[java] [DEBUG] Opened HttpURLConnection
[java] [DEBUG] initConnection() successfully connected
[java] [DEBUG] initConnection() successful
[java] [NONE] Sent data at Tue May 19 15:55:25 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.2828 @ Tue May 19 15:5
5:25 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1E95 @ Tue May 19 15:5
5:25 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1B97 @ Tue May 19 15:5
5:25 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.266F @ Tue May 19 15:5
5:25 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1D89 @ Tue May 19 15:5
5:26 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.22BC @ Tue May 19 15:5
5:26 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1D89 @ Tue May 19 15:5
5:26 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.2828 @ Tue May 19 15:5
5:26 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.2807 @ Tue May 19 15:5
5:26 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.2828 @ Tue May 19 15:5
5:26 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1E95 @ Tue May 19 15:5
5:26 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.2828 @ Tue May 19 15:5
5:26 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1B97 @ Tue May 19 15:5
5:26 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.266F @ Tue May 19 15:5
5:26 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.22BC @ Tue May 19 15:5
5:26 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.266F @ Tue May 19 15:5
5:26 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1E32 @ Tue May 19 15:5
5:26 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1E32 @ Tue May 19 15:5
5:26 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.2828 @ Tue May 19 15:5
5:26 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1E95 @ Tue May 19 15:5
5:26 EDT 2009
[java] [DEBUG] Success sending data
[java] [DEBUG] Got DATA EVENT from : 0014.4F01.0000.2F74
[java] [DEBUG] DATA Event is from a different node
[java] [DEBUG] Found Sensor : SENSORDATA_SPOTROUTING_B0C66952
[java] [DEBUG] toPAML(), Read int: 532143081
[java] [DEBUG] toPAML(), Read utf: 266F:266F:1
[java] [DEBUG] toPAML(), Returning to caller
[java] [NONE] Received Sample at: Tue May 19 15:55:27 EDT 2009
[java] [DEBUG] Sample.toPAML(): <?xml version="1.0" encoding="UTF-8"?>
[java] <paml xmlns="http://yggdrasil.dev.java.net/xsd/001"
[java] xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
[java] xsi:schemaLocation="http://yggdrasil.dev.java.net/xsd/001
[java] http://yggdrasil.dev.java.net/xsd/001/001.xsd">
[java] <environment>
[java] <data id="-1329174190">
[java] <sampleTime>1242758405449</sampleTime>
[java] <sensorAddr>0014.4F01.0000.2F74</sensorAddr>
[java] <value>532143081</value>
[java] <value>266F:266F:1</value>
[java] </data>
[java] </environment>
[java] </paml>
[java]
[java] [DEBUG] Opened HttpURLConnection
[java] [DEBUG] initConnection() successfully connected
[java] [DEBUG] initConnection() successful
[java] [NONE] Sent data at Tue May 19 15:55:27 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1E32 @ Tue May 19 15:5
5:27 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1E95 @ Tue May 19 15:5
5:27 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.2252 @ Tue May 19 15:5
5:27 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.266F @ Tue May 19 15:5
5:27 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.266F @ Tue May 19 15:5
5:27 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.266F @ Tue May 19 15:5
5:27 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.2828 @ Tue May 19 15:5
5:27 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.2252 @ Tue May 19 15:5
5:28 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1E95 @ Tue May 19 15:5
5:28 EDT 2009
[java] [DEBUG] Success sending data
[java] [DEBUG] Got DATA EVENT from : 0014.4F01.0000.1E32
[java] [DEBUG] DATA Event is from a different node
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1E95 @ Tue May 19 15:5
5:28 EDT 2009
[java] [DEBUG] Found Sensor : SENSORDATA_SPOTROUTING_B0C66952
[java] [DEBUG] toPAML(), Read int: 634486288
[java] [DEBUG] toPAML(), Read utf: 1E06:1EFB:15
[java] [DEBUG] toPAML(), Returning to caller
[java] [NONE] Received Sample at: Tue May 19 15:55:28 EDT 2009
[java] [DEBUG] Sample.toPAML(): <?xml version="1.0" encoding="UTF-8"?>
[java] <paml xmlns="http://yggdrasil.dev.java.net/xsd/001"
[java] xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
[java] xsi:schemaLocation="http://yggdrasil.dev.java.net/xsd/001
[java] http://yggdrasil.dev.java.net/xsd/001/001.xsd">
[java] <environment>
[java] <data id="-1329174190">
[java] <sampleTime>1242758401291</sampleTime>
[java] <sensorAddr>0014.4F01.0000.1E32</sensorAddr>
[java] <value>634486288</value>
[java] <value>1E06:1EFB:15</value>
[java] </data>
[java] </environment>
[java] </paml>
[java]
[java] [DEBUG] Opened HttpURLConnection
[java] [DEBUG] initConnection() successfully connected
[java] [DEBUG] initConnection() successful
[java] [NONE] Sent data at Tue May 19 15:55:28 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.2773 @ Tue May 19 15:5
5:28 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.1E95 @ Tue May 19 15:5
5:28 EDT 2009
[java] [DEBUG] got a packet from SPOT 0014.4F01.0000.2773 @ Tue May 19 15:5
5:28 EDT 2009
[java] [DEBUG] CLOSING PACKET SERVER CONNECTION
[java] [radiogram]Removing: Server on port 4
[java] [DEBUG] Success sending data
[java] Exception in thread "Thread-3" java.lang.OutOfMemoryError: Java heap
space
[java] at sun.util.resources.TimeZoneNames.getContents(TimeZoneNames.ja
va:175)
[java] at sun.util.resources.OpenListResourceBundle.loadLookup(OpenList
ResourceBundle.java:109)
[java] at sun.util.resources.OpenListResourceBundle.loadLookupTablesIfN
ecessary(OpenListResourceBundle.java:97)
[java] at sun.util.resources.OpenListResourceBundle.handleGetObject(Ope
nListResourceBundle.java:58)
[java] at sun.util.resources.TimeZoneNamesBundle.handleGetObject(TimeZo
neNamesBundle.java:59)
[java] at java.util.ResourceBundle.getObject(ResourceBundle.java:378)
[java] at java.util.ResourceBundle.getObject(ResourceBundle.java:381)
[java] at java.util.ResourceBundle.getStringArray(ResourceBundle.java:3
61)
[java] at sun.util.TimeZoneNameUtility.retrieveDisplayNames(TimeZoneNam
eUtility.java:100)
[java] at sun.util.TimeZoneNameUtility.retrieveDisplayNames(TimeZoneNam
eUtility.java:81)
[java] at java.util.TimeZone.getDisplayNames(TimeZone.java:399)
[java] [DEBUG] Got UNKNOWN EVENT : 32 : from : 0014.4F01.0000.1E95
[java] [DEBUG] Got UNKNOWN EVENT : 32 : from : 0014.4F01.0000.1B97
[java] [DEBUG] Got DATA EVENT from : 0014.4F01.0000.2252
[java] at java.util.TimeZone.getDisplayName(TimeZone.java:350)
[java] at java.util.Date.toString(Date.java:1025)
[java] at java.lang.String.valueOf(String.java:2827)
[java] at java.lang.StringBuffer.append(StringBuffer.java:219)
[java] at com.sun.spotx.yggdrasil.sensorframework.services.EventServer.
handlePacket(EventServer.java:152)
[java] at com.sun.spotx.yggdrasil.sensorframework.services.RadiogramPac
ketServer$ReceiveThread.run(RadiogramPacketServer.java:88)
[java] [DEBUG] DATA Event is from a different node
[java] [DEBUG] Found Sensor : SENSORDATA_SPOTROUTING_B0C66952
[java] [DEBUG] toPAML(), Read int: 367085803
[java] [DEBUG] toPAML(), Read utf: 22BC:22BC:1
[java] [DEBUG] toPAML(), Returning to caller
[java] Exception in thread "Thread-5" java.lang.OutOfMemoryError: Java heap
space
[java] at java.util.LinkedHashMap.createEntry(LinkedHashMap.java:424)
[java] at java.util.LinkedHashMap.addEntry(LinkedHashMap.java:406)
[java] at java.util.HashMap.put(HashMap.java:385)
[java] at sun.util.resources.OpenListResourceBundle.loadLookup(OpenList
ResourceBundle.java:118)
[java] at sun.util.resources.OpenListResourceBundle.loadLookupTablesIfN
ecessary(OpenListResourceBundle.java:97)
[java] at sun.util.resources.OpenListResourceBundle.handleGetObject(Ope
nListResourceBundle.java:58)
[java] at sun.util.resources.TimeZoneNamesBundle.handleGetObject(TimeZo
neNamesBundle.java:59)
[java] at java.util.ResourceBundle.getObject(ResourceBundle.java:378)
[java] at java.util.ResourceBundle.getObject(ResourceBundle.java:381)
[java] at java.util.ResourceBundle.getStringArray(ResourceBundle.java:3
61)
[java] at sun.util.TimeZoneNameUtility.retrieveDisplayNames(TimeZoneNam
eUtility.java:100)
[java] at sun.util.TimeZoneNameUtility.retrieveDisplayNames(TimeZoneNam
eUtility.java:81)
[java] at java.util.TimeZone.getDisplayNames(TimeZone.java:399)
[java] at java.util.TimeZone.getDisplayName(TimeZone.java:350)
[java] at java.util.Date.toString(Date.java:1025)
[java] at com.sun.spotx.yggdrasil.host.database.SensorWebHandler.handle
NodeEvent(SensorWebHandler.java:231)
[java] at com.sun.spotx.yggdrasil.sensorframework.Switchboard.handleNod
eEvent(Switchboard.java:333)
[java] at com.sun.spotx.yggdrasil.sensorframework.services.EventServer.
handleNodeEvent(EventServer.java:118)
[java] at com.sun.spotx.yggdrasil.sensorframework.services.EventServer$
1.run(EventServer.java:132)
[java] [DEBUG] SLEEP (50125/5344002)
[java] [DEBUG] assigning task RadioInterval
[java] Exception in thread "Thread-1" java.lang.OutOfMemoryError: Java heap
space
[java] at java.io.DataInputStream.<init>(DataInputStream.java:42)
[java] at com.sun.spot.peripheral.radio.ProxyMACCommandExecutor.run(Pro
xyMACCommandExecutor.java:57)
[java] Exception in thread "TaskWorker2" java.lang.OutOfMemoryError: Java h
eap space
[java] [DEBUG] SLEEP (59875/5403877)
[java] [DEBUG] assigning task request_cleaner
[java] Exception in thread "TaskWorker1" java.lang.OutOfMemoryError: Java h
eap space
[java] Exception in thread "Timer-2" java.lang.OutOfMemoryError: Java heap
space
[java] Exception in thread "Timer-1239" java.lang.OutOfMemoryError: Java he
ap space



 Comments   
Comment by arshan [ 20/May/09 ]

changed to P1 as if the host is failing in field the collection will fail





[YGGDRASIL-13] Improve application output Created: 15/May/09  Updated: 15/May/09

Status: Open
Project: yggdrasil
Component/s: YggdrasilHost
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: vipul_gupta Assignee: arshan
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: Macintosh


Issuezilla Id: 13

 Description   

I was running the Yggdrasil demo bundled with the beta version of the Red SDK in my office and
noticed lots of printouts like:

[java] ---------
[java] event arrived : Fri May 15 11:46:27 PDT 2009
[java] event time : Fri May 15 09:36:31 PDT 2009
[java] event type : 32
[java] ---------
[java] event arrived : Fri May 15 11:46:28 PDT 2009
[java] event time : Fri May 15 09:44:06 PDT 2009
[java] event type : 32
[java] ---------
[java] event arrived : Fri May 15 11:46:30 PDT 2009
[java] event time : Thu May 14 13:08:36 PDT 2009
[java] event type : 32
[java] ---------

There are a couple of issues here:
1. The message as is doesn't convey any meaningful information to the user. Converting the event type
to a more meaningful string will help.
2. The output could be made to convey the same information in much less space. Here's one possible
example:

2009-05-15 11:46:27 Received event type 32 (timestamp: 2009-05-15 09:36:31)



 Comments   
Comment by vipul_gupta [ 15/May/09 ]

Similarly, when the sample data comes in, it is currently printed as:

[java] ---------
[java] event arrived : Fri May 15 11:46:03 PDT 2009
[java] event time : Fri May 15 11:45:40 PDT 2009
[java] event type : 5
[java] Sample received from: 0014.4F01.0000.020B
[java]
[java] Name: eDemoSensors
[java] Description: a sensor to read a bunch of values from the eDemoBoard
[java] Value Name: temperature
[java] 27.0
[java]
[java] Value Name: light
[java] 188.0
[java]
[java] Value Name: acceleration
[java] 0.9610880944249427
[java]
[java] ---------
[java] event arrived : Fri May 15 11:46:03 PDT 2009
[java] event time : Fri May 15 11:45:20 PDT 2009
[java] event type : 5
[java] Sample received from: 0014.4F01.0000.020B
[java]
[java] Name: eDemoSensors
[java] Description: a sensor to read a bunch of values from the eDemoBoard
[java] Value Name: temperature
[java] 27.0
[java]
[java] Value Name: light
[java] 186.0
[java]
[java] Value Name: acceleration
[java] 0.9715647798014488
[java]
[java] ---------

This can be made more compact and it would really be nice if the system sent samples in timestamp
order (especially when there isn't any reordering due to loss/retransmission), e.g.

2009-05-15 11:46:03 Received data sample event from 0014.4F01.0000.020B
eDemoSensors (a sensor to read a bunch of values from eDemoBoard)
temperature: 27.0, light: 188.0, acceleration: 0.96108





[YGGDRASIL-12] Need x/y axis for the plots on the pop-ups from SPOTnet Created: 05/Mar/09  Updated: 10/Mar/09  Resolved: 10/Mar/09

Status: Resolved
Project: yggdrasil
Component/s: SensorNetwork-web-war
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Critical
Reporter: pvudupi Assignee: vipul_gupta
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 12

 Description   

Have to show x an y axis on the plots to give a sense of scale and for completion of the plots.



 Comments   
Comment by vipul_gupta [ 10/Mar/09 ]

Fixed. Expect even better labels when we move to using gnuplot.





[YGGDRASIL-11] Fix the Google API Key issue with spotnet Created: 05/Mar/09  Updated: 10/Mar/09  Resolved: 10/Mar/09

Status: Resolved
Project: yggdrasil
Component/s: SensorNetwork-web-war
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Critical
Reporter: pvudupi Assignee: vipul_gupta
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 11

 Description   

The Google API Key mismatch causes annoying pop-ups for users of spotnet.



 Comments   
Comment by vipul_gupta [ 10/Mar/09 ]

Removed unnecessary calls to load Google maps on pages other than index.jsp.





[YGGDRASIL-10] Create a separate development branch for SensorNetwork Created: 02/Mar/09  Updated: 02/Mar/09

Status: Open
Project: yggdrasil
Component/s: SensorNetwork
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Critical
Reporter: pvudupi Assignee: pvudupi
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 10

 Description   

Separate the stable branch from development branch






[YGGDRASIL-9] Allow flexible MySQL table and column names Created: 02/Mar/09  Updated: 02/Mar/09  Resolved: 02/Mar/09

Status: Resolved
Project: yggdrasil
Component/s: SensorNetwork-objectmodel-ejb
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Critical
Reporter: pvudupi Assignee: pvudupi
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: Macintosh


Issuezilla Id: 9

 Description   

If a Sensor App writer decides to use white spaces, special characters, etc. in the sensor names and/or the
column names the back end should accommodate the names without dropping packets.



 Comments   
Comment by pvudupi [ 02/Mar/09 ]

Replaced use of non-word characters with "_"





[YGGDRASIL-8] Use of LONG must be changed to something else. Created: 24/Feb/09  Updated: 02/Mar/09  Resolved: 02/Mar/09

Status: Resolved
Project: yggdrasil
Component/s: SensorNetwork-objectmodel-ejb
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Critical
Reporter: pvudupi Assignee: pvudupi
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 8

 Description   

MySQL interprets LONG as MEDIUMTEXT. For a value whose signature is LONG in java
use BIGINT



 Comments   
Comment by pvudupi [ 02/Mar/09 ]

Usage of LONG replaced with BIGINT





[YGGDRASIL-7] sensorwebhandler hanging connection Created: 12/Jan/09  Updated: 02/Mar/09  Resolved: 02/Mar/09

Status: Resolved
Project: yggdrasil
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: arshan Assignee: pvudupi
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: Macintosh


Issuezilla Id: 7

 Description   

need a timeout mechanism if the server side hangs



 Comments   
Comment by pvudupi [ 02/Mar/09 ]

Fixed leakage of memory and connection resources





[YGGDRASIL-6] local event handling on Gateway Created: 12/Jan/09  Updated: 12/Jan/09

Status: Open
Project: yggdrasil
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Critical
Reporter: arshan Assignee: arshan
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: Macintosh


Issuezilla Id: 6

 Description   

the commute gateway is trying to use the eventhandling locally to make a
connection to sensornetworkhandler; not able to because everything is shoved
into the outboundQ before being handled.

Look into moving the outboundQ to be handled by the main event loop






[YGGDRASIL-5] loading sensor metadata from the java file Created: 08/Nov/08  Updated: 08/Nov/08

Status: Open
Project: yggdrasil
Component/s: www
Affects Version/s: current
Fix Version/s: not determined

Type: Improvement Priority: Major
Reporter: arshan Assignee: arshan
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: Macintosh


Issuezilla Id: 5

 Description   

if we've got the java code that is going to be running the sensor handy, we
should be able to load the metadata from it directly rather then having to force
the radio exchange on a SPOT



 Comments   
Comment by arshan [ 08/Nov/08 ]

modified from defect to enhancement





[YGGDRASIL-4] add persistent sensor registration to HostApps Created: 08/Nov/08  Updated: 08/Nov/08

Status: Open
Project: yggdrasil
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Improvement Priority: Major
Reporter: arshan Assignee: arshan
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: Macintosh


Issuezilla Id: 4

 Description   

add capability to persist the stat of the registered sensors locally in host
apps so that a stop/start cycle doesnt lose all the info.

NOTE: this is different from the ability to get the metadata back out of the
backend database again






[YGGDRASIL-3] add example for asynchandler Created: 09/Sep/08  Updated: 09/Sep/08

Status: Open
Project: yggdrasil
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Improvement Priority: Major
Reporter: arshan Assignee: arshan
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: Macintosh


Issuezilla Id: 3

 Description   

Add a project in the examples directory to show using async tasks with the
SPOTConfig class






[YGGDRASIL-2] organize milestones Created: 25/Jun/08  Updated: 25/Jun/08

Status: Open
Project: yggdrasil
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Improvement Priority: Major
Reporter: arshan Assignee: arshan
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 2

 Description   

sort out a way to organize and track milestones and progress towards them



 Comments   
Comment by arshan [ 25/Jun/08 ]
      • Issue 1 has been marked as a duplicate of this issue. ***




[YGGDRASIL-1] organize milestones Created: 25/Jun/08  Updated: 25/Jun/08  Resolved: 25/Jun/08

Status: Resolved
Project: yggdrasil
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Improvement Priority: Major
Reporter: arshan Assignee: arshan
Resolution: Duplicate Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 1

 Description   

sort out a way to organize and track milestones and progress towards them



 Comments   
Comment by arshan [ 25/Jun/08 ]

looks like issue got submitted twice

      • This issue has been marked as a duplicate of 2 ***




[YANFS-1] Migrate build system to ant from make Created: 02/May/08  Updated: 02/May/08

Status: Open
Project: yanfs
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Improvement Priority: Major
Reporter: ravn Assignee: yanfs-issues
Resolution: Unresolved Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 1

 Description   

The current build system of yanfs is based on Makefiles. Ant has risen to be
the defacto build system of Java since webNFS was written, and is what most
developers would look for in a fresh source download.

It would therefore make sense to convert the build system to use build.xml files
and perhaps even use Ivy or Maven to download dependencies.






[YAMA-14] Single Module and Modular Archetype Created: 23/Apr/14  Updated: 09/Jul/14  Resolved: 09/Jul/14

Status: Resolved
Project: yama
Component/s: None
Affects Version/s: 2.x
Fix Version/s: 2.x

Type: New Feature Priority: Major
Reporter: dianw Assignee: dianw
Resolution: Duplicate Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

Add modular archetype



 Comments   
Comment by dianw [ 09/Jul/14 ]

Duplicate to YAMA-8





[YAMA-13] Profile Picture and File Upload Created: 23/Apr/14  Updated: 09/Jul/14  Resolved: 09/Jul/14

Status: Resolved
Project: yama
Component/s: None
Affects Version/s: 2.x
Fix Version/s: 2.x

Type: New Feature Priority: Major
Reporter: dianw Assignee: dianw
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

Profile picture and File Upload example






[YAMA-12] Simple Registration and Captcha Created: 23/Apr/14  Updated: 09/Jul/14  Resolved: 09/Jul/14

Status: Resolved
Project: yama
Component/s: None
Affects Version/s: 2.x
Fix Version/s: 2.x

Type: New Feature Priority: Major
Reporter: dianw Assignee: Unassigned
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

Add simple registration form and captcha validation






[YAMA-11] Cleanup Master Repository Created: 23/Apr/14  Updated: 09/Jul/14  Resolved: 24/Apr/14

Status: Resolved
Project: yama
Component/s: None
Affects Version/s: 2.x
Fix Version/s: 2.x

Type: Task Priority: Major
Reporter: dianw Assignee: dianw
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

Cleanup master repository
Undo changes to revision 31
Remove unnecessary file






[YAMA-10] Merge SpringMVC version into master repository Created: 22/Jan/13  Updated: 26/Feb/13

Status: In Progress
Project: yama
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major
Reporter: dianw Assignee: dianw
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

Merge the SpringMVC version into main repository, then drop the old one.






[YAMA-9] Upgrade S2's RestPlugin to 1.0.2 Created: 22/Jan/13  Updated: 09/Jul/14  Resolved: 09/Jul/14

Status: Resolved
Project: yama
Component/s: None
Affects Version/s: None
Fix Version/s: 2.x

Type: Task Priority: Major
Reporter: dianw Assignee: dianw
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Tags: inca, struts

 Description   

Upgrade S2's Inca Rest Plugin to 1.0.2



 Comments   
Comment by dianw [ 09/Jul/14 ]

Upgraded to Inca 1.0.3





[YAMA-8] Add basic and multi module archetype Created: 22/Jan/13  Updated: 09/Jul/14

Status: In Progress
Project: yama
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major
Reporter: dianw Assignee: dianw
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

Add basic archetype for single module web project, and multi module for modular web project






[YAMA-7] Startup Architype Created: 23/Aug/12  Updated: 23/Aug/12  Due: 27/Aug/12

Status: Open
Project: yama
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major
Reporter: fthamura Assignee: dianw
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

we need a startup archetype, to help anyone create dotcom in a minute

1. registration
2. create user
3. login
4. main page



 Comments   
Comment by fthamura [ 23/Aug/12 ]

Spesifikasi Yama

Registrasi User

Public Registration
user.registration.public=true
user.registration.recapcha=true
user.registration.facebook=true
user.registration.twitter=true
user.registration.oauth=true
user.registration.openid=true

System Admin Register User
user.registration.byadmin=true

Virtual Hoste Public Registration
user.registration.virtualhost=true

  • Setiap user dapat registrasi disubdomain, dan user.registration.public harus true terlebih dahulu




Spring Social Integration (YAMA-1)

[YAMA-6] Balad Social Module Created: 18/Jul/12  Updated: 18/Jul/12

Status: Open
Project: yama
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Sub-task Priority: Critical
Reporter: fthamura Assignee: dianw
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

the future of the social plugins will become balad project, dedicated to make API to work with all social related media.






[YAMA-5] Replace REST and Convention Plugin with Inca S2Rest Plugin Created: 06/Jul/12  Updated: 15/Aug/12  Due: 10/Jul/12  Resolved: 10/Jul/12

Status: Closed
Project: yama
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major
Reporter: dianw Assignee: dianw
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

Yama currently using rest plugin and convention for its rest support. Next release we will replace those plugins with Inca S2Rest Plugin[1].

[1] http://java.net/projects/s2restplugins/






[YAMA-4] Create yama-parent artifact Created: 22/Feb/12  Updated: 24/Apr/12  Resolved: 24/Apr/12

Status: Closed
Project: yama
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major
Reporter: dianw Assignee: dianw
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

Create parent artifact to accomodate the global properties such as versions of dependencies and plugin management.






[YAMA-3] Mavenizing Yama Created: 29/Mar/11  Updated: 24/Apr/12  Due: 02/Apr/11  Resolved: 24/Apr/12

Status: Closed
Project: yama
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major
Reporter: fthamura Assignee: dianw
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Status Whiteboard:

 Description   

Maveninzing Yama...






[YAMA-2] joget injection Created: 03/Mar/11  Updated: 16/Apr/14  Resolved: 16/Apr/14

Status: Closed
Project: yama
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major
Reporter: fthamura Assignee: vickyfaizal
Resolution: Won't Fix Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Status Whiteboard:

 Description   

inject joget as workflow REST server.






[YAMA-1] Spring Social Integration Created: 01/Mar/11  Updated: 09/Jul/14  Resolved: 09/Jul/14

Status: Resolved
Project: yama
Component/s: None
Affects Version/s: 2.x
Fix Version/s: 2.x

Type: Bug Priority: Major
Reporter: fthamura Assignee: dianw
Resolution: Fixed Votes: 0
Labels: None
Σ Remaining Estimate: Not Specified Remaining Estimate: Not Specified
Σ Time Spent: Not Specified Time Spent: Not Specified
Σ Original Estimate: Not Specified Original Estimate: Not Specified

Sub-Tasks:
Key
Summary
Type
Status
Assignee
YAMA-6 Balad Social Module Sub-task Open dianw  

 Description   

We want to add spring social in the next yama version






[XWSS-58] Exception thrown in DefaultSecurityEnvironmentImpl.validateSAMLAssertion() is swallowed in HarnessUtil Created: 08/Dec/14  Updated: 08/Dec/14

Status: Open
Project: xwss
Component/s: None
Affects Version/s: current
Fix Version/s: None

Type: Bug Priority: Major
Reporter: louis68 Assignee: super_glassfish
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

As discussed in this thread, any validation runtime exception thrown by the callback handlers are swallowed in HarnessUtil. This means invalid SAML assertions are still getting accepted by the security framework and passed on to the web services that are meant to be secured by the framework.

To reiterate the stacktrace captured:

java.lang.RuntimeException: Failed validating SAML assertion
      at com.ocetal.webservices.server.security.SecurityEnvironmentHandler.handle(SecurityEnvironmentHandler.java:237)
      at com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl.validateSAMLAssertion(DefaultSecurityEnvironmentImpl.java:1547)
      at com.sun.xml.wss.impl.filter.ImportSamlAssertionFilter.process(ImportSamlAssertionFilter.java:225)
      at com.sun.xml.wss.impl.filter.AuthenticationTokenFilter.processSamlToken(AuthenticationTokenFilter.java:119)
      at com.sun.xml.wss.impl.HarnessUtil.processWSSPolicy(HarnessUtil.java:122)
      at com.sun.xml.wss.impl.HarnessUtil.processDeep(HarnessUtil.java:278)
      at com.sun.xml.wss.impl.SecurityRecipient.processMessagePolicy(SecurityRecipient.java:1034)
      at com.sun.xml.wss.impl.SecurityRecipient.processMessagePolicy(SecurityRecipient.java:822)
      at com.sun.xml.wss.impl.SecurityRecipient.validateMessage(SecurityRecipient.java:261)
      at com.sun.xml.wss.impl.misc.XWSSProcessor2_0Impl.verifyInboundMessage(XWSSProcessor2_0Impl.java:156)
      at com.orchestral.foundation.webservices.server.impl.SecureSecurityContext.verifyInboundMessage(SecureSecurityContext.java:57)
      at com.orchestral.foundation.webservices.server.impl.WSServlet.parseSoapMessage(WSServlet.java:359)
      at com.orchestral.foundation.webservices.server.impl.WSServlet.processMessage(WSServlet.java:215)
      at com.orchestral.foundation.webservices.server.impl.WSServlet.doPost(WSServlet.java:180)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
      at com.orchestral.core.web.impl.ErrorLoggingFilter.doFilter(ErrorLoggingFilter.java:62)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
      at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
      at com.orchestral.core.web.impl.session.SessionTracker.invoke(SessionTracker.java:289)
      at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)
      at com.orchestral.core.web.impl.MonitorValve.invoke(MonitorValve.java:55)
      at com.orchestral.core.web.impl.ErrorReportValve.invoke(ErrorReportValve.java:62)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
      at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1023)
      at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
      at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1686)
      at java.util.concurrent.ThreadPoolExecutor.runWorker(UnknownSource)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(UnknownSource)
      at java.lang.Thread.run(Unknown Source)
11 Nov 2014 20:18:16,008 | 30393061    [WARN ] {http-nio-8080-exec-8} (javax.enterprise.resource.xml.webservices.security) Validation failed for SAML Assertion 





[XWSS-57] oracle vendor url prevents initialization of KeyIdentifierSPI Created: 25/Sep/14  Updated: 25/Sep/14

Status: Open
Project: xwss
Component/s: None
Affects Version/s: current
Fix Version/s: None

Type: Bug Priority: Major
Reporter: MaxFichtelmann Assignee: super_glassfish
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

oracle java (7/8)



 Description   

Hi,

in KeyIdentifierSPI.java the possible vendors are "http://java.sun.com/" and "http://www.ibm.com/".

According to https://blogs.oracle.com/kto/entry/jdk7_pending_java_vendor_property the java.vendor.url system property was updated to "http://java.oracle.com/" in 2010. For this reason, accessing the com.sun.xml.wss.core.reference.KeyIdentifierSPI class results in an UnsupportedOperationException using a recent oracle VM.

I have attached a patch that addresses this issue.

It would be great if you could look into it, since I currently have to modify the java.vendor.url property for instantiating the class which is making me quite uncomfortable really.



 Comments   
Comment by MaxFichtelmann [ 25/Sep/14 ]

patch:

Index: src/com/sun/xml/wss/core/reference/KeyIdentifierSPI.java
===================================================================
--- src/com/sun/xml/wss/core/reference/KeyIdentifierSPI.java	(revision 1181)
+++ src/com/sun/xml/wss/core/reference/KeyIdentifierSPI.java	(working copy)
@@ -42,8 +42,9 @@
     
     public static final String vmVendor = System.getProperty("java.vendor.url");
     public static final String sunVmVendor = "http://java.sun.com/";
+    public static final String oracleVmVendor = "http://java.oracle.com/";
     public static final String ibmVmVendor = "http://www.ibm.com/";
-    public static final boolean isSunVM = sunVmVendor.equals(vmVendor) ? true: false;
+    public static final boolean isSunVM = sunVmVendor.equals(vmVendor) || oracleVmVendor.equals(vmVendor) ? true: false;
     public static final boolean isIBMVM = ibmVmVendor.equals(vmVendor) ? true : false;
     
     private static final String sunKeyIdentifierSPIClass = "com.sun.wsit.security.SunKeyIdentifierSPI";




[XWSS-56] Timestamp Validation error in Samoa Timezone Created: 21/Mar/12  Updated: 21/Mar/12

Status: Open
Project: xwss
Component/s: None
Affects Version/s: current
Fix Version/s: None

Type: Bug Priority: Major
Reporter: armcd5712 Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Netbeans 7.1.1, Glassfish 3.1.2, JDK 7 update 3, Windows 7 x64



 Description   

Samoa changed timezone late 2011 and are currently UTC +13

Our web services are secured with Username Authentication with Symmetric Key using Development Defaults.

Attempting to run the our application in the Samoa time zone gives the exceptions noted below. The errors do not occur if the timezone is set to New Zealand (UTC + 12)

> Error after changing timezone to Samoa and running application without restarting Glassfish...

Mar 21, 2012 11:07:48 PM com.sun.xml.wss.impl.misc.DefaultCallbackHandler validateCreationTime
SEVERE: WSS1515: The creation time is older than currenttime - timestamp-freshness-limit - max-clock-skew"
Mar 21, 2012 11:07:48 PM com.sun.xml.wss.impl.misc.DefaultCallbackHandler validateCreationTime
SEVERE: Creation time:Wed Mar 21 09:07:47 WSDT 2012
Mar 21, 2012 11:07:48 PM com.sun.xml.wss.impl.misc.DefaultCallbackHandler validateCreationTime
SEVERE: Current time:Wed Mar 21 09:57:48 WSDT 2012
Mar 21, 2012 11:07:48 PM com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl validateTimestamp
SEVERE: WSS0229: Exception occured in validating Timestamp
com.sun.xml.wss.impl.callback.TimestampValidationCallback$TimestampValidationException: The creation time is older than currenttime - timestamp-freshness-limit - max-clock-skew
at com.sun.xml.wss.impl.misc.DefaultCallbackHandler.validateCreationTime(DefaultCallbackHandler.java:1555)
at com.sun.xml.wss.impl.misc.DefaultCallbackHandler$DefaultTimestampValidator.validate(DefaultCallbackHandler.java:1519)
at com.sun.xml.wss.impl.callback.TimestampValidationCallback.getResult(TimestampValidationCallback.java:75)
at com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl.validateTimestamp(DefaultSecurityEnvironmentImpl.java:1432)
at com.sun.xml.ws.security.opt.impl.incoming.TimestampHeader.validate(TimestampHeader.java:109)
at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.handleSecurityHeader(SecurityRecipient.java:334)
at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.cacheHeaders(SecurityRecipient.java:275)
at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.validateMessage(SecurityRecipient.java:225)
at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.verifyInboundMessage(SecurityTubeBase.java:449)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processClientResponsePacket(SecurityClientTube.java:434)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processResponse(SecurityClientTube.java:362)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:651)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:600)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:585)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:482)
at com.sun.xml.ws.client.Stub.process(Stub.java:323)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:161)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:113)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:93)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:144)
at $Proxy43.checkConnection(Unknown Source)
at org.sola.services.boundary.wsclients.SearchClientImpl.checkConnection(SearchClientImpl.java:80)
at org.sola.services.boundary.wsclients.WSManager.initWebServices(WSManager.java:110)
at org.sola.clients.beans.security.SecurityBean.authenticate(SecurityBean.java:124)
at org.sola.clients.beans.security.SecurityBean.authenticate(SecurityBean.java:104)
at org.sola.clients.swing.ui.security.LoginPanel$1.doTask(LoginPanel.java:100)
at org.sola.clients.swing.ui.security.LoginPanel$1.doTask(LoginPanel.java:90)
at org.sola.clients.swing.common.tasks.SolaTask$1.doInBackground(SolaTask.java:153)
at javax.swing.SwingWorker$1.call(SwingWorker.java:296)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
at java.util.concurrent.FutureTask.run(FutureTask.java:166)
at javax.swing.SwingWorker.run(SwingWorker.java:335)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:722)

javax.xml.ws.WebServiceException: com.sun.xml.wss.impl.WssSoapFaultException: The creation time is older than currenttime - timestamp-freshness-limit - max-clock-skew

> Error after changing timezone to Samoa and restarting Glassfish before running the application...

SEVERE: WSITPVD0035: Error in Verifying Security in Inbound Message.
com.sun.xml.wss.impl.WssSoapFaultException: Invalid Security Header
at com.sun.xml.ws.security.opt.impl.util.SOAPUtil.newSOAPFaultException(SOAPUtil.java:159)
at com.sun.xml.wss.impl.misc.WSITProviderSecurityEnvironment.validateCreationTime(WSITProviderSecurityEnvironment.java:2636)
at com.sun.xml.wss.impl.misc.WSITProviderSecurityEnvironment.validateTimestamp(WSITProviderSecurityEnvironment.java:2496)
at com.sun.xml.ws.security.opt.impl.incoming.TimestampHeader.validate(TimestampHeader.java:109)
at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.handleSecurityHeader(SecurityRecipient.java:350)
at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.cacheHeaders(SecurityRecipient.java:291)
at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.validateMessage(SecurityRecipient.java:241)
at com.sun.xml.wss.provider.wsit.WSITServerAuthContext.verifyInboundMessage(WSITServerAuthContext.java:588)
at com.sun.xml.wss.provider.wsit.WSITServerAuthContext.validateRequest(WSITServerAuthContext.java:361)
at com.sun.xml.wss.provider.wsit.WSITServerAuthContext.validateRequest(WSITServerAuthContext.java:264)
at com.sun.enterprise.security.webservices.CommonServerSecurityPipe.processRequest(CommonServerSecurityPipe.java:173)
at com.sun.enterprise.security.webservices.CommonServerSecurityPipe.process(CommonServerSecurityPipe.java:144)
at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:119)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:961)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:910)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:873)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:775)
at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:386)
at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:640)
at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:263)
at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:163)
at org.glassfish.webservices.JAXWSServlet.doPost(JAXWSServlet.java:145)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:688)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:770)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1542)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:849)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:746)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1045)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:228)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:722)



 Comments   
Comment by armcd5712 [ 21/Mar/12 ]

Wrong project - my bad. Have added to the WSIT project (http://java.net/jira/browse/WSIT-1615). Please close





[XWSS-55] XWSS 3.0-FCS - Create SAML 2.0 Assertion should provide mechanism to define default string data type for AttributeValue Created: 02/Aug/11  Updated: 02/Aug/11

Status: Open
Project: xwss
Component/s: None
Affects Version/s: current
Fix Version/s: None

Type: Improvement Priority: Major
Reporter: richard.ettema Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

All



 Description   

com.sun.xml.wss.saml.util.SAMLUtil.createSAMLAssertion(XMLStreamReader reader)

The AttributeValue element is defined by the SAML 2.0 schema with a type="anyType". The corresponding AttributeValue Java class is therefore defined as java.lang.Object. The unmarshalling of the SAML 2.0 Assertion XML relies on jaxb. For an incoming request if the AttributeValue element value contains an XML simple data type; e.g. "string", and no corresponding namespace and "type" attributes are defined, the resulting unmarshalled value is assigned as the literal string "[AttributeValue: null]".

Due to this behavior, interoperability with other web service stacks can be compromised.

A new feature to support a default data type of "string" when the AttributeValue element does not contain the corresponding namespace and "type" attributes would alleviate this condition. A new jvm option could be defined that would allow this feature to be either enabled or disabled, or define the default data type to apply.

Example of SAML 2.0 Assertion AttributeValue without namespace and type:

<Assertion ID="urn:uuid:99b06f65-afcf-4e0e-accf-a92baa1a743b" IssueInstant="2011-08-01T21:21:54.562Z" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
    ...
    <AttributeStatement>
        <Attribute Name="default2string">
            <AttributeValue>string value</AttributeValue>
        </Attribute>





[XWSS-54] Missing Schema Created: 04/Jul/11  Updated: 04/Jul/11

Status: Open
Project: xwss
Component/s: None
Affects Version/s: current
Fix Version/s: None

Type: Improvement Priority: Major
Reporter: fribeiro Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

All XWS-Security environments.



 Description   

The schema for the configuration files should be published in an "official" location, alike the Java EE schemas.






[XWSS-53] The download dosen't work Created: 31/May/11  Updated: 31/May/11

Status: Open
Project: xwss
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major
Reporter: jmnarloch Assignee: Unassigned
Resolution: Unresolved Votes: 2
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: PNG File Screen.png    

 Description   

Hi,

I was trying to download any of the release and it simply didn't work, each time I got an error.
An empty page with message:
The file /web/projects/xwss/servlets/ProjectDocumentList appears to be missing.

To add content to your website, use webdavs.

Could You please fix that.






[XWSS-52] WS Security Header not found in Weblogic Created: 11/Aug/10  Updated: 06/Oct/10  Resolved: 06/Oct/10

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: nybonbon Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 52

 Description   

In com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient class (in xwss
3.1 FCS), there's a method called cacheHeaders(XMLStreamReader
reader,Map<String, String> namespaces), which has code below:

if(reader.getLocalName() == MessageConstants.WSSE_SECURITY_LNAME &&
reader.getNamespaceURI() == MessageConstants.WSSE_NS){
...
handleSecurityHeader();
}

It uses equality operator rather than equals method to compare string values for
local name and namespace. However, different XMLStreamReader implementations may
return different results for reader.getLocalName(). If your application doesn't
provide its own XMLStreamReader implementation and uses the implementation in
Weblogic 10.3.3.0, reader.getLocalName() will return a String which has
different id with MessageConstants.WSSE_SECURITY_LNAME. This will lead to the
failure of equality test and the following security handling failure.



 Comments   
Comment by sm228678 [ 06/Oct/10 ]

fixed !!





[XWSS-51] SecurityRecipient's validateMessage() goes into endless loop Created: 25/May/10  Updated: 06/Oct/10

Status: Open
Project: xwss
Component/s: www
Affects Version/s: 1.3.1
Fix Version/s: milestone 1

Type: Bug Priority: Blocker
Reporter: wlmph Assignee: xwss-issues
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: Windows NT
Platform: All


Issuezilla Id: 51
Status Whiteboard:

3.1-exclude

Tags: 3_1-exclude, incomplete

 Description   

In class com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient,

line 332: while(message.getEventType() != message.END_DOCUMENT)

{ line 563: }

line 564: message.next();

The incrementing index is out of the while loop bracket, which leads to an
endless loop.



 Comments   
Comment by sm228678 [ 26/May/10 ]

please attach a sample test case to reproduce the error?
or attach the request/response and error log messages

Comment by sm228678 [ 26/May/10 ]

is it possible for you to use latest metro builds (1.5 or later) because
earlier we have seen some cases like this and was fixed in later builds
Also please send a sample test case to reproduce this.

Comment by kumarjayanti [ 06/Oct/10 ]

does not affect GF V3.1

Comment by Martin Matula [ 06/Oct/10 ]

Sounds like this is missing info from the reporter - marking as incomplete.





[XWSS-50] Validation of Reference with STR-Transformation for request from Axis client Created: 01/Dec/09  Updated: 12/Jan/10  Resolved: 12/Jan/10

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: mikola_spb Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: Windows XP
Platform: PC


Attachments: XML File BinarySecurityToken-Axis.xml     XML File BinarySecurityToken-Metro.xml     XML File soap.xml     Zip Archive ws-integration.zip    
Issuezilla Id: 50

 Description   

Hi,

I have client application which is Axis based and WebService which is Metro 2.0.
Service has WS-Security and all request must be signed (note: but without
encryption).

In attach you can see full SOAP request from Axis client (formatted for reading).

When Metro validates incomming request I allways get an error:

01.12.2009 13:58:01 com.sun.xml.ws.security.opt.crypto.dsig.Reference validate
FINEST: Calculated digest value is: )}@Ц'╟2їаH~┼┴]kх▒/Ў
01.12.2009 13:58:01 com.sun.xml.ws.security.opt.crypto.dsig.Reference validate
FINEST: Expected digest value is: �Л4!аhqдуN?▲♂ iRPбВ"
01.12.2009 13:58:01
com.sun.xml.ws.security.opt.impl.incoming.processor.SignedInfoProcessor
processReference
SEVERE: WSS1721: Validation of Reference with URI #STRId-1765100 failed

So ds:DigestValue for ds:Reference URI="#STRId-1765100" calculated by client
(Axis) and Metro are different.

I've found that different stream is used for calculating SHA-1 digest. See attaches.
There is only difference that XML Canonicalized by Metro doesn't contain xmlns="".

The following transformation should be used:

<ds:Reference URI="#STRId-1765100"
<ds:Transform
Algorithm="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform"
<wsse:TransformationParameters
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"



 Comments   
Comment by mikola_spb [ 01/Dec/09 ]

Created an attachment (id=19)
SOAP request formatted for reading

Comment by mikola_spb [ 01/Dec/09 ]

Created an attachment (id=20)
Transformed XML by Axis (wss4j)

Comment by mikola_spb [ 01/Dec/09 ]

Created an attachment (id=21)
Transformed XML by Metro

Comment by sm228678 [ 16/Dec/09 ]

Hi, we are working on this.
Can you retest your scenario with latest metro nightly and conform whether this
problem still exists or not?

Comment by mikola_spb [ 18/Dec/09 ]

Hi, I've tested with Metro 2.1 nightly build (Friday, December 18, 2009 at
2:27:41 AM) and see that problem still exists.

If you need I can attach my application which I use for test.
Here is application log.

FINER: engine-com.sun.xml.ws.server.WSEndpointImpl@1664cdefiber-2
com.sun.xml.wss.jaxws.impl.SecurityServerTube@10aeb17.processRequest(com.sun.xml.ws.api.message.Packet@bec35a)
18.12.2009 19:51:14
com.sun.xml.ws.security.opt.impl.incoming.processor.SignedInfoProcessor process
FINEST: Canonicalized Signed Info:<ds:SignedInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
<ds:Reference URI="#id-6">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>mz5hRH8Uei3qWkE+ipomSbE+qmI=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#STRId-C282FEC6E6BCB7647812611550741116">
<ds:Transforms>
<ds:Transform
Algorithm="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform">
<wsse:TransformationParameters
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod></wsse:TransformationParameters>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>jqVeyjCtlIl1g2qHX9Ovax6/qlI=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#Timestamp-4">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>xTmwKT96imbrkbRBsUQe90PMKOs=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
18.12.2009 19:51:14 com.sun.xml.ws.security.opt.crypto.dsig.Reference transform
FINE: Digest Algorithm is http://www.w3.org/2000/09/xmldsig#sha1
18.12.2009 19:51:14 com.sun.xml.ws.security.opt.crypto.dsig.Reference transform
FINE: Mapped Digest Algorithm is SHA-1
18.12.2009 19:51:14 com.sun.xml.ws.security.opt.crypto.dsig.Transform transform
FINEST: WSS1757: Canonicalized target value: <wsse:BinarySecurityToken
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
wsu:Id="CertId-C282FEC6E6BCB7647812611550741114">MIIDDzCCAnigAwIBAgIBAzANBgkqhkiG9w0BAQQFADBOMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEMMAoGA1UEChMDU1VOMQwwCgYDVQQLEwNKV1MxDjAMBgNVBAMTBVNVTkNBMB4XDTA3MDMxMjEwMjQ0MFoXDTE3MDMwOTEwMjQ0MFowbzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UECxMDU1VOMRowGAYDVQQDExF4d3NzZWN1cml0eWNsaWVudDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvYxVZKIzVdGMSBkW4bYnV80MV/RgQKV1bf/DoMTX8laMO45P6rlEarxQiOYrgzuYp+snzz2XM0S6o3JGQtXQuzDwcwPkH55bHFwHgtOMzxG4SQ653a5Dzh04nsmJvxvbncNH/XNaWfHaC0JHBEfNCMwRebYocxYM92pq/G5OGyECAwEAAaOB2zCB2DAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU/mItfvuFdS7A0GCysE71TFRxP2cwfgYDVR0jBHcwdYAUZ7plxs6VyOOOTSFyojDV0/YYjJWhUqRQME4xCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMQwwCgYDVQQKEwNTVU4xDDAKBgNVBAsTA0pXUzEOMAwGA1UEAxMFU1VOQ0GCCQDbHkJaq6KijjANBgkqhkiG9w0BAQQFAAOBgQBEnRdcQeMyCYqOHw2jbPOPUlvu07bZe7sI3ly/Qz+4mkrFctqMSupghQtLv9dZcqDOUFLCGMse7+l5MG00VawzsoVe242iXzJB111ePzhhppIPOHXXtflj/JD2U4Qz75C/dfdd5AAZbqGSFtZh7pyE8Ot1vOq7R48/bHuvTsEVUQ==</wsse:BinarySecurityToken>
18.12.2009 19:51:14 com.sun.xml.ws.security.opt.crypto.dsig.Reference validate
FINEST: Calculated digest value is: «=g©
8jao‰j;­е#­
18.12.2009 19:51:14 com.sun.xml.ws.security.opt.crypto.dsig.Reference validate
FINEST: Expected digest value is: Ћ�^К0­�‰uѓj‡_УЇkїЄR
18.12.2009 19:51:14
com.sun.xml.ws.security.opt.impl.incoming.processor.SignedInfoProcessor
processReference
SEVERE: WSS1721: Validation of Reference with URI
#STRId-C282FEC6E6BCB7647812611550741116 failed
18.12.2009 19:51:14 com.sun.xml.bind.v2.ContextFactory createContext
FINE: Property com.sun.xml.bind.XmlAccessorFactoryis not active. Using JAXB's
implementation
18.12.2009 19:51:14 com.sun.xml.bind.v2.ContextFactory createContext
FINE: Property com.sun.xml.bind.XmlAccessorFactoryis not active. Using JAXB's
implementation
18.12.2009 19:51:14 com.sun.xml.ws.api.pipe.Fiber __doRun
FINER: engine-com.sun.xml.ws.server.WSEndpointImpl@1664cdefiber-2
com.sun.xml.wss.jaxws.impl.SecurityServerTube@10aeb17 returned with
com.sun.xml.ws.api.pipe.NextAction@eab1f2
[kind=RETURN,next=null,packet=com.sun.xml.ws.api.message.Packet@bec35a,throwable=null]
18.12.2009 19:51:14 com.sun.xml.ws.api.pipe.Fiber completionCheck
FINE: engine-com.sun.xml.ws.server.WSEndpointImpl@1664cdefiber-2 completed

Comment by sm228678 [ 19/Dec/09 ]

Yes.Please attach a sample client and service to reproduce it on my side.

Comment by mikola_spb [ 19/Dec/09 ]

Created an attachment (id=22)
Here is client and service. There is CXF client, but error is the same. Both Axis and CXF are WSS4J based.

Comment by sm228678 [ 12/Jan/10 ]

we made a possible fix for the issue. Can you please try with metro 2.1 nightly
build(jan 13th) and let us know





[XWSS-49] XWSSTubelineAssemblerFactory strange behavior Created: 02/Nov/09  Updated: 02/Nov/09  Resolved: 02/Nov/09

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: mazur_roman Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 49

 Description   

Tried to plug in the XWSS framework to the client side application via the tube
line. I created the file com.sun.xml.ws.api.pipe.TubelineAssemblerFactory in
META-INF/services. So I expected outgoing messages tobe processed after setting
the security configuration as a request property
(((BindingProvider)port).getRequestContext().put(XWSSecurityConfiguration.MESSAGE_SECURITY_CONFIGURATION,
config).
But no messages were affected. I discovered that XWSSTubelineAssemblerFactory
initialized the client in an appropriate way when the method
XWSSTubelineAssembler.isSecurityConfigPresent(ClientTubeAssemblerContext)
returns true.
But according to the code it won't return the true value if there is no file
client_security_config.xml in META-INF.
In such case it returns
Boolean.getBoolean("USE_XWSS_SECURITY") - it's always false.
Rather strange... I had to create my own factory to fix it.



 Comments   
Comment by kumarjayanti [ 02/Nov/09 ]

Hi,

The XWSS stuff is really old and we have no real customers so there was a
thought of disabling the supporting for it by default and having it enabled by
the client setting the System Property. The main reason is that the policy
configuration can be specified programmatically and the runtime is forced to
always create the client side Security Tube (costing a little bit of
performance) in anticipation of there being a runtime configuration of policy.

But it turned out that our Performance team has recently revived some old ghosts
which use the same old stuff. So we had to remove the Boolean.getBoolean() and
instead always return true as it used to earlier.

If you pick the latest Metro bits you should see the right behavior.





[XWSS-48] NonceManager needs to be exposed via GMBAL monitoring Created: 14/Jul/09  Updated: 16/Dec/10  Resolved: 16/Dec/10

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: 2.0

Type: New Feature Priority: Major
Reporter: haroldcarr Assignee: haroldcarr
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: Macintosh


Issuezilla Id: 48

 Description   

Kumar just made some changes that now make it possible to add GMBAL monitoring
to NonceManager.



 Comments   
Comment by haroldcarr [ 16/Dec/10 ]

This was done over a year ago.





[XWSS-47] Signed SAML 2.0 assertion does not validate against saml-schema-assertion-2.0.xsd when serialized Created: 28/Apr/09  Updated: 07/Oct/09  Resolved: 07/Oct/09

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: walco Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 47

 Description   

Signed SAML 2.0 assertion does not validate against
saml-schema-assertion-2.0.xsd when serialized. The signature should be inserted
after the Issuer element.

Cause of the problem is the following code:

http://fisheye5.cenqua.com/browse/xwss/xwss-ri/src/com/sun/xml/wss/saml/assertion/saml20/jaxb20/Assertion.java?r=1.22#l355

DOMSignContext dsc = new DOMSignContext(privKey, assertionElement);

This statement should use the three arg constructor to prevent insertion of the
signature at the end of the assertion:

DOMSignContext(KeySelector ks, Node parent, Node nextSibling)



 Comments   
Comment by walco [ 28/Apr/09 ]

set correct version

Comment by kumarjayanti [ 14/Sep/09 ]

Started.

Comment by sm228678 [ 07/Oct/09 ]

fixed !!





[XWSS-46] Implement getTokenValue in Assertion Created: 23/Apr/09  Updated: 29/Sep/09  Resolved: 29/Sep/09

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: recht Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 46

 Description   

When injecting OnBehalfOf via STSIssuedTokenConfiguration, getTokenValue is
called on the token. This method is not implemented in the SAML 2.0 Assertion
class (com.sun.xml.wss.saml.assertion.saml20.jaxb20.Assertion)

Implementing it should be simple, as Assertion already has a toElement method
which returns an Element object.



 Comments   
Comment by kumarjayanti [ 14/Sep/09 ]

Started.

Comment by sm228678 [ 29/Sep/09 ]

implemented!!
please check..

Comment by sm228678 [ 29/Sep/09 ]

implemented!!
please check..





[XWSS-45] Jetty container throws IllegalAccessException Created: 14/Dec/08  Updated: 18/Dec/08  Resolved: 18/Dec/08

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Critical
Reporter: manishkg Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 45

 Description   

Deploying metro jars on Jetty container throws IllegalAccessException.

This exception is happening because class
org.mortbay.jetty.servlet.ServletHandler$Context is package local.
Method returned via context.getClass().getMethod(...) can't be used outside of
package.

Dec 14, 2008 8:06:08 AM
com.sun.xml.ws.transport.http.servlet.WSServletContextListener contextInitialized
SEVERE: WSSERVLET11: failed to parse runtime descriptor:
com.sun.xml.wss.impl.XWSSecurityRuntimeException: java.
lang.IllegalAccessException: Class com.sun.xml.wss.impl.misc.ReflectionUtil can
not access a member of class org.mortbay.jetty.servlet.ServletHandler$Context
with modifiers "public"
com.sun.xml.wss.impl.XWSSecurityRuntimeException:
java.lang.IllegalAccessException: Class com.sun.xml.wss.impl.misc.ReflectionUtil
can not access a member of class
org.mortbay.jetty.servlet.ServletHandler$Context with modifiers "public"
at com.sun.xml.wss.impl.misc.ReflectionUtil.invoke(ReflectionUtil.java:65)
at com.sun.xml.wss.impl.misc.ReflectionUtil.invoke(ReflectionUtil.java:44)
at
com.sun.xml.wss.impl.misc.SecurityUtil.loadFromContext(SecurityUtil.java:574)
at
com.sun.xml.ws.assembler.TubelineAssemblyController$SecurityTubeAppender.isSecurityConfigPresent(TubelineAssemblyController.java:564)
at
com.sun.xml.ws.assembler.TubelineAssemblyController$SecurityTubeAppender.appendTube(TubelineAssemblyController.java:388)
at
com.sun.xml.ws.assembler.TubelineAssemblerFactoryImpl$WsitTubelineAssembler.createServer(TubelineAssemblerFactoryImpl.java:101)
at com.sun.xml.ws.server.WSEndpointImpl.<init>(WSEndpointImpl.java:152)
at
com.sun.xml.ws.server.EndpointFactory.createEndpoint(EndpointFactory.java:217)
at com.sun.xml.ws.api.server.WSEndpoint.create(WSEndpoint.java:467)
at
com.sun.xml.ws.transport.http.DeploymentDescriptorParser.parseAdapters(DeploymentDescriptorParser.java:253)
at
com.sun.xml.ws.transport.http.DeploymentDescriptorParser.parse(DeploymentDescriptorParser.java:147)
at
com.sun.xml.ws.transport.http.servlet.WSServletContextListener.contextInitialized(WSServletContextListener.java:108)
at
org.mortbay.jetty.servlet.WebApplicationContext.doStart(WebApplicationContext.java:495)
at
org.mortbay.j2ee.J2EEWebApplicationContext.doStart(J2EEWebApplicationContext.java:78)
at
org.jboss.jetty.JBossWebApplicationContext.doStart(JBossWebApplicationContext.java:79)
at org.mortbay.util.Container.start(Container.java:72)
at org.jboss.jetty.Jetty.deploy(Jetty.java:322)
at org.jboss.jetty.JettyService.performDeploy(JettyService.java:207)
at
org.jboss.jetty.JettyService$JettyDeployer.performDeploy(JettyService.java:414)
at org.jboss.web.AbstractWebDeployer.start(AbstractWebDeployer.java:371)
at org.jboss.web.WebModule.startModule(WebModule.java:83)
at org.jboss.web.WebModule.startService(WebModule.java:61)
.....
....
...



 Comments   
Comment by manishkg [ 14/Dec/08 ]

One possible solution for this problem is to force the method (invoked via
reflection) to be accessible. Adding the following method in ReflectionUtil
should solve the problem.

public static Method getForcedAccessibleMethod(Class<?> clazz,
String methodName, Class<?>... parameterTypes) {
Method method;
try

{ method = clazz.getMethod(methodName, parameterTypes); }

catch (SecurityException e)

{ throw new CannotAccessMethodException("Cannot access method '" + methodName + "' in class '" + clazz.getName() + "' for security reasons", e); }

catch (NoSuchMethodException e)

{ throw new CannotAccessMethodException("The method '" + methodName + "' in class '" + clazz.getName() + "' does not exist", e); }

if (!method.isAccessible())

{ method.setAccessible(true); }

return method;
}

We need to change following line in ReflectionUtil.invoke()

final Method method = target.getClass().getMethod(methodName, parameterTypes);

by

final Method method = getForcedAccessibleMethod(target.getClass(), methodName,
parameterTypes);

Comment by kumarjayanti [ 18/Dec/08 ]

I have made a potential fix. Can you please try latest build from :

http://hudson.sfbay/view/Tango/job/wsit-javanet/3790/

and let me know if it solves the problem.





[XWSS-44] <sc:DisableInclusivePrefixList /> switch should be the other way around Created: 29/Oct/08  Updated: 14/Sep/09

Status: Open
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Minor
Reporter: kohsuke Assignee: xwss-issues
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 44

 Description   

See http://blogs.sun.com/ashutosh/date/20070919 where Ashutosh himself talks about :

Tango security by default generates InclusivePrefixList for Exclusive
Canonicalization algorithm. But, not many implementations support this. So, in
case you face an interoperability issue where messages containing
InclusivePrefixList are rejected, you can disable generation of
InclusivePrefixList in Exclusive Canonicalization.

This just bit me hard when I was trying to talk to Amazon EC2 SOAP web services,
and what's really bad about this is that the failure mode isn't obvious. When
you are looking at the error it doesn't even occur to you that this is to be
suspected.

So I talked to Jiandong and he agreed that the inclusive prefix list is off by
default (As a data point, CXF does the same), and an option to enable this
should be provided as a separate switch.



 Comments   
Comment by kumarjayanti [ 14/Sep/09 ]

Since we have made a few releases with the current semantics and BSP 1.0/BSP 1.1
actually mandates the presence of the prefix-list we would leave it for now this
way. However we realize the it has caused problems with atleast 3 legacy
systems. So we would introduce a new assertion to enable inclusive prefix and
deprecate <sc:DisableInclusivePrefixList /> in Metro 2.1





[XWSS-43] XWSS fails to retain the chained exceptions Created: 28/Oct/08  Updated: 02/Dec/08  Resolved: 02/Dec/08

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Task Priority: Major
Reporter: kohsuke Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Attachments: HTML File PATCH    
Issuezilla Id: 43

 Description   

Convenience methods in SOAPUtil that creates SOAPFaultException fails to
initialize the chained exception, and thereby making it impossible to see the
root cause of the problem on the client side.

The patch attached.



 Comments   
Comment by kohsuke [ 28/Oct/08 ]

Created an attachment (id=18)
patch

Comment by sm228678 [ 02/Dec/08 ]

fixed





[XWSS-42] DefaultCallbackHandler fails to initialize trustStore Created: 28/Oct/08  Updated: 02/Dec/08  Resolved: 02/Dec/08

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Task Priority: Major
Reporter: kohsuke Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Attachments: HTML File PATCH    
Issuezilla Id: 42

 Description   

While playing with Metro, I got the following stack trace:

SEVERE: WSS1518: Failed to validate certificate
java.lang.NullPointerException: the keystore parameter must be non-null
at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:128)
at java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:113)
at
com.sun.xml.wss.impl.misc.DefaultCallbackHandler$X509CertificateValidatorImpl.validate(DefaultCallbackHandler.java:1507)
at
com.sun.xml.wss.impl.callback.CertificateValidationCallback.getResult(CertificateValidationCallback.java:80)
at
com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl.validateCertificate(DefaultSecurityEnvironmentImpl.java:700)
at
com.sun.xml.ws.security.opt.impl.incoming.X509BinarySecurityToken.validate(X509BinarySecurityToken.java:186)
at
com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.handleSecurityHeader(SecurityRecipient.java:400)
at
com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.cacheHeaders(SecurityRecipient.java:280)
at
com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.validateMessage(SecurityRecipient.java:222)
at
com.sun.xml.wss.jaxws.impl.SecurityTubeBase.verifyInboundMessage(SecurityTubeBase.java:452)
at
com.sun.xml.wss.jaxws.impl.SecurityServerTube.processRequest(SecurityServerTube.java:206)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:598)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:557)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:542)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:439)
at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:243)
at
com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:470)
at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:244)
at
com.sun.xml.ws.transport.http.server.WSHttpHandler.handleExchange(WSHttpHandler.java:106)
at com.sun.xml.ws.transport.http.server.WSHttpHandler.handle(WSHttpHandler.java:91)
at com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:65)
at sun.net.httpserver.AuthFilter.doFilter(AuthFilter.java:65)
at com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:68)
at sun.net.httpserver.ServerImpl$Exchange$LinkHandler.handle(ServerImpl.java:581)
at com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:65)
at sun.net.httpserver.ServerImpl$Exchange.run(ServerImpl.java:553)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:650)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:675)
at java.lang.Thread.run(Thread.java:595)

A little debugging revealed that
DefaultCallbackHandler$X509CertificateValidatorImpl doesn't use the
getTrustStore() method to obtain the trust store, which is necessary for
supporting the lazily loading scheme used in this class. The patch attached.

BTW, this DefaultCallbackHandler class needs some real rewrite. It's very
redundant, have lots of fields that can be local variables, and just too long,
which causes problems like this.



 Comments   
Comment by kohsuke [ 28/Oct/08 ]

Created an attachment (id=17)
patch

Comment by sm228678 [ 02/Dec/08 ]

fixed





[XWSS-41] grammar fix needed Created: 20/Oct/08  Updated: 24/Dec/08  Resolved: 24/Dec/08

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: 1.0(.x)
Fix Version/s: milestone 1

Type: Bug Priority: Minor
Reporter: gmazza Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 41

 Description   

This error message:
SEVERE: WSS0206: Security Requirements have fully not been met

Should probably be switched to this:
SEVERE: WSS0206: Security Requirements have not fully been met

("fully not been met" = 0% met; "not fully been met" = 0%-99% met).



 Comments   
Comment by sm228678 [ 24/Dec/08 ]

fixed.





[XWSS-40] KeyInfo extraction fails when xml contains whitespace Created: 16/Oct/08  Updated: 19/Nov/08  Resolved: 19/Nov/08

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: recht Assignee: kumarjayanti
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 40

 Description   

s whitespace characters between <X509Data> and <X509Certificate>,
com.sun.xml.ws.security.opt.impl.incoming.processor.KeyInfoProcessor fails to
extract the certificate (in line 184). reader.next() should loop until getting a
start tag.



 Comments   
Comment by kumarjayanti [ 06/Nov/08 ]

Started working on this.

Comment by ashutoshshahi [ 10/Nov/08 ]

We have fixed it in xwss. This will be integrated to metro, and should be
available in tomorrow's nightly. Do let us know if your case is fixed.

Comment by kumarjayanti [ 19/Nov/08 ]

Fixed





[XWSS-39] log message WSS0206 hard to understand Created: 30/Sep/08  Updated: 14/Sep/09  Resolved: 14/Sep/09

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: ritzmann Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: Macintosh


Issuezilla Id: 39

 Description   

It looks like in this log message some words should be shifted around:

WSS0206: Security Requirements have fully not been met

Also, the log message should indicate what requirements were not met.



 Comments   
Comment by kumarjayanti [ 14/Sep/09 ]

Fixed.





[XWSS-38] Invalid key exception thrown in an encrypt scenario Created: 01/Aug/08  Updated: 22/Sep/09  Resolved: 22/Sep/09

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: 2.0

Type: Bug Priority: Major
Reporter: Sreekanth Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: Solaris
Platform: Sun


Attachments: XML File 10c.xml     XML File 10s.xml    
Issuezilla Id: 38

 Description   

It is observed that while executing an encrypt test, an invalid key exception is
thrown in a solaris run.This test passed in Linux platform.Attached is the
server and client configuration files.

Exception : javax.xml.ws.WebServiceException:
com.sun.xml.wss.XWSSecurityException:
com.sun.org.apache.xml.internal.security.encryption.XMLEncryptionException:
Could not create key Original Exception was java.security.InvalidKeyException:
Could not create key



 Comments   
Comment by Sreekanth [ 01/Aug/08 ]

Created an attachment (id=15)
server config file

Comment by Sreekanth [ 01/Aug/08 ]

Created an attachment (id=16)
client config file

Comment by kumarjayanti [ 08/Sep/08 ]
      • Issue 37 has been marked as a duplicate of this issue. ***
Comment by kumarjayanti [ 08/Sep/08 ]

Started looking into it. Target Milestone Metro 1.5

Comment by kumarjayanti [ 22/Sep/09 ]

Marking fixed. Sreekanth, please reopen if you see this issue again.

Comment by kumarjayanti [ 22/Sep/09 ]

reassign milestone





[XWSS-37] Invalid key exception thrown in an encrypt scenario Created: 01/Aug/08  Updated: 08/Sep/08  Resolved: 08/Sep/08

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: Sreekanth Assignee: xwss-issues
Resolution: Duplicate Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: Solaris
Platform: Sun


Issuezilla Id: 37

 Description   

It is observed that while executing an encrypt test, an invalid key exception is
thrown in a solaris run.This test passed in Linux platform.Attached is the
server and client configuration files.



 Comments   
Comment by kumarjayanti [ 08/Sep/08 ]

Duplicate of issue 38

      • This issue has been marked as a duplicate of 38 ***




[XWSS-36] "WSS1816: Error occurred while resolving Direct Reference" needs more elaboration Created: 28/Jul/08  Updated: 22/Sep/09

Status: Open
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Minor
Reporter: gmazza Assignee: xwss-issues
Resolution: Unresolved Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 36

 Description   

Hello,

The WSS1816 error ("Error occurred while resolving Direct Reference") is not
informative enough to the user to determine what the problem is. There could be
many things which cause this error to occur--the user needs to know what is
wrong so he can fix it. More information should be provided to the user--WSS4J,
for example, almost always tells you exactly what the problem is with the
certificate or the user's configuration.

The error stack which is producing this error:

[INFO] Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: WSS1816:
Error occurred while resolving Direct Reference
[INFO] at com.sun.xml.ws.fault.SOAP11Fault.getProtocolException(SOAP11Fault.jav
a:188)
[INFO] at com.sun.xml.ws.fault.SOAPFaultBuilder.createException(SOAPFaultBuilde
r.java:130)
[INFO] at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.
java:119)
[INFO] at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.
java:89)
[INFO] at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:118)
[INFO] at $Proxy41.doubleIt(Unknown Source)
[INFO] at com.mycompany.webservice.client.WSClient.doubleIt(WSClient.java:20)
[INFO] at com.mycompany.webservice.client.WSClient.main(WSClient.java:13)
[INFO] Caused by: javax.xml.ws.soap.SOAPFaultException: WSS1816: Error occurred
while resolving Direct Reference
[INFO] at com.sun.xml.ws.security.opt.impl.util.SOAPUtil.getSOAPFaultException(
SOAPUtil.java:175)
[INFO] at com.sun.xml.wss.jaxws.impl.SecurityServerTube.processRequest(Security
ServerTube.java:213)
[INFO] at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:598)
[INFO] at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:557)
[INFO] at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:542)
[INFO] at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:439)
[INFO] at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:24
3)
[INFO] at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdap
ter.java:444)
[INFO] at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:244
)
[INFO] at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAd
apter.java:135)
[INFO] at com.sun.xml.ws.transport.http.servlet.WSServletDelegate.doGet(WSServl
etDelegate.java:129)
[INFO] at com.sun.xml.ws.transport.http.servlet.WSServletDelegate.doPost(WSServ
letDelegate.java:160)

The above error stack doesn't provide much more help, because except for the
line at SecurityServerTube.processRequest(SecurityServerTube.java:213),
everything is painfully generic and nonhelpful for troubleshooting.

Thanks,
Glen



 Comments   
Comment by kumarjayanti [ 08/Sep/08 ]

started looking into it. Target Milestone Metro 1.5

Comment by kumarjayanti [ 22/Sep/09 ]

reassign





[XWSS-35] typos in LogStrings.properties file Created: 24/Jul/08  Updated: 29/Jul/08  Resolved: 29/Jul/08

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Minor
Reporter: gmazza Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 35

 Description   

LogStrings.properties has two typos, "identifier" and "occurred":

      1. Eclipse Workspace Patch 1.0
        #P xwss
        Index: xwss-ri/src/com/sun/xml/wss/logging/impl/opt/token/LogStrings.properties
        ===================================================================
        RCS file:
        /cvs/xwss/xwss-ri/src/com/sun/xml/wss/logging/impl/opt/token/LogStrings.properties,v
        retrieving revision 1.6
        diff -u -r1.6 LogStrings.properties
      • xwss-ri/src/com/sun/xml/wss/logging/impl/opt/token/LogStrings.properties 15
        Mar 2008 21:48:41 -0000 1.6
        +++ xwss-ri/src/com/sun/xml/wss/logging/impl/opt/token/LogStrings.properties 24
        Jul 2008 16:32:56 -0000
        @@ -1,8 +1,8 @@
  1. ResourceBundle properties file for optimized tokens

-WSS1801.bst.creation.failed = WSS1801: Error occured while constructing
BinarySecurityToken.
+WSS1801.bst.creation.failed = WSS1801: Error occurred while constructing
BinarySecurityToken.

-WSS1802.wrong.tokeninclusion.policy = WSS1802: IncludeToken policy is Never and
WSSAssertion has KeyIndentifier/Thumbprint reference types set to false
+WSS1802.wrong.tokeninclusion.policy = WSS1802: IncludeToken policy is Never and
WSSAssertion has KeyIdentifier/Thumbprint reference types set to false

WSS1803.unsupported.reference.type = WSS1803: The reference type

{0}

is not
supported



 Comments   
Comment by ashutoshshahi [ 29/Jul/08 ]

Fixed, thanks for reporting





[XWSS-34] http://kohsuke.sfbay/hudson/job/wsit-javanet-bleedingedge/ is not available Created: 30/Jun/08  Updated: 10/Jul/08  Resolved: 10/Jul/08

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: gregrluck Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 34

 Description   

The SecureXWSS20JDK6 from the download page has a README.

Step 2 is to download the latest WSIT:

2. Download Latest WSIT build :
(if you have access to hudson then the link is : http://kohsuke.sfbay/hudson/job/wsit-javanet-
bleedingedge/ )

The host kohsuke.sfbay does note exist.



 Comments   
Comment by kumarjayanti [ 10/Jul/08 ]

Thanks for reporting the issue. It is now fixed.





[XWSS-33] Schema location is incorrect in at least SimpleJDK6WS example and https://xwss.dev.java.net/Securing_JAVASE6_WebServices.html Created: 29/Jun/08  Updated: 10/Jul/08  Resolved: 10/Jul/08

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: gregrluck Assignee: xwss-issues
Resolution: Incomplete Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 33

 Description   

Both examples contain XML configuration which specifies the schema location at ttp://java.sun.com/xml/ns/xwss/config

<xwss:JAXRPCSecurity xmlns:xwss="http://java.sun.com/xml/ns/xwss/config">

I am unable to validate my configurations.

Please fix.



 Comments   
Comment by kumarjayanti [ 10/Jul/08 ]

Hi Greg,

The Namespace URI is a logical one only, especially because the schema is a
proprietary one. But if you are using XWSS API's and Runtime then XWSS actually
does a schema validation of the input configuration as the first step before
doing any further processing with the configuration files.

The schema (.xsd) file is located inside xwss 3.0 xws-security.jar, and it is
also located in metro (webservices-rt.jar)

And we use the following code to set the SchemaSource :

DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setAttribute(
"http://apache.org/xml/features/validation/dynamic",
Boolean.FALSE);
factory.setAttribute(
"http://java.sun.com/xml/jaxp/properties/schemaLanguage",
"http://www.w3.org/2001/XMLSchema");
InputStream is =
SecurityConfigurationXmlReader.class.
getResourceAsStream("xwssconfig.xsd");
factory.setAttribute(
"http://java.sun.com/xml/jaxp/properties/schemaSource", is);
factory.setValidating(true);
factory.setIgnoringComments(true);
factory.setNamespaceAware(true);

If you wish to do your own schema validation (which i think is un-necessary)
then you may get the schema file from here :

http://fisheye5.atlassian.com/browse/~raw,r=1.4/xwss/xwss-ri/src/com/sun/xml/wss/impl/config/xwssconfig.xsd

Thanks





[XWSS-32] ttps://xwss.dev.java.net/SimpleJDK6WS.zip is broken Created: 27/Jun/08  Updated: 10/Jul/08  Resolved: 10/Jul/08

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: gregrluck Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 32

 Description   

On https://xwss.dev.java.net/Securing_JAVASE6_WebServices.html the https://xwss.dev.java.net/SimpleJDK6WS.zip is not in a finished state.

In particular:

/**
*

  • @author kumar jayanti
    */
    public class SimpleWSClient {

/** Creates a new instance of SimpleWSClient */
public SimpleWSClient() {
}

public static void main(String[] args) throws Exception {

try

{ // Call Web Service Operation client.MainService service = new client.MainService(); client.Main port = service.getMainPort(); ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "Ron"); ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "noR"); //List<Handler> chain = new ArrayList<Handler>(); //chain.add(new simplejdk6ws.SecurityHandler("client")); //((BindingProvider)port).getBinding().setHandlerChain(chain); String result = port.sayHello("TOM WITMER"); System.out.println("Result = "+result); }

catch (Exception ex)

{ // TODO handle custom exceptions here throw ex; }

}

}

As shown above the security parts are actually commented out!

I have been trying to get this stuff to work but the sample is broken. Please fix it.



 Comments   
Comment by kumarjayanti [ 28/Jun/08 ]

Please follow the README.txt and i am sure it works. I downloaded it again and
tried it just now to be sure.

The commented handler chain is becuase this sample does not use the handler
chain. This is one of the 3 ways demonstrated in the article. This uses XWSS 2.0
style security and the security policy is specified in src/META-INF directory.
Looks for files client_security_config.xml and server_security_config.xml files.

Here is the console log of the steps i followed from the README.

Server Side
-----------------
E:\FRESH\SimpleJDK6WS>cd SimpleJDK6WS\src

E:\FRESH\SimpleJDK6WS\SimpleJDK6WS\src>copy E:\FRESH\wsit\wsit\dist\image\metro\
lib\webservices-api.jar E:\jdk6skid\jre\lib\endorsed
Overwrite E:\jdk6skid\jre\lib\endorsed\webservices-api.jar? (Yes/No/All): yes
1 file(s) copied.

E:\FRESH\SimpleJDK6WS\SimpleJDK6WS\src>copy E:\FRESH\wsit\wsit\dist\image\metro\
lib\webservices-rt.jar .
1 file(s) copied.

E:\FRESH\SimpleJDK6WS\SimpleJDK6WS\src>copy E:\FRESH\wsit\wsit\dist\image\metro\
lib\webservices-tools.jar .
1 file(s) copied.

E:\FRESH\SimpleJDK6WS\SimpleJDK6WS\src>apt cp .;webservices-rt.jar;webservices
tools.jar simplejdk6ws/Main.java
warning: Annotation types without processors: [javax.annotation.Resource]
1 warning
warning: Annotation types without processors: [javax.xml.bind.annotation.XmlRoot
Element, javax.xml.bind.annotation.XmlAccessorType, javax.xml.bind.annotation.Xm
lType, javax.xml.bind.annotation.XmlElement]
1 warning

E:\FRESH\SimpleJDK6WS\SimpleJDK6WS\src>javac -cp .;webservices-rt.jar;webservice
s-tools.jar simplejdk6ws/*.java
simplejdk6ws\SimpleWSClient.java:31: package client does not exist
client.MainService service =
^
simplejdk6ws\SimpleWSClient.java:32: package client does not exist
new client.MainService();
^
simplejdk6ws\SimpleWSClient.java:33: package client does not exist
client.Main port = service.getMainPort();
^
3 errors

E:\FRESH\SimpleJDK6WS\SimpleJDK6WS\src>java -cp .;webservices-rt.jar;webservices
-tools.jar simplejdk6ws.Main
HelloServer is open for business at http://localhost:8080/WebServiceExample/sayh
ello

Client Side
-------------
E:\FRESH\SimpleJDK6WS\SimpleJDK6WS\src>wsimport -p client http://localhost:8080/
WebServiceExample/sayhello?wsdl

E:\FRESH\SimpleJDK6WS\SimpleJDK6WS\src>javac -cp .;webservices-rt.jar;webservice
s-tools.jar simplejdk6ws/*.java

E:\FRESH\SimpleJDK6WS\SimpleJDK6WS\src>java -cp .;webservices-rt.jar;webservices
-tools.jar simplejdk6ws.SimpleWSClient
Got Username......... : Ron
Got Password......... : noR
Jun 28, 2008 1:31:49 PM com.sun.xml.wss.impl.filter.DumpFilter process
INFO: ==== Sending Message Start ====
<?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-w
ss-wssecurity-secext-1.0.xsd" S:mustUnderstand="1">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-2004
01-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-1214640107656-784321985">
<wsse:Username>Ron</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-use
rname-token-profile-1.0#PasswordText">****</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-ws
s-soap-message-security-1.0#Base64Binary">LdWfFxGV0+wSxiq4Wwkdp1YF</wsse:Nonce>
<wsu:Created>2008-06-28T08:01:48Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</S:Header>
<S:Body>
<ns2:sayHello xmlns:ns2="http://simplejdk6ws/">
<arg0>TOM WITMER</arg0>
</ns2:sayHello>
</S:Body>
</S:Envelope>
==== Sending Message End ====

Jun 28, 2008 1:31:51 PM com.sun.xml.wss.impl.filter.DumpFilter process
INFO: ==== Received Message Start ====
<?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Header/>
<S:Body>
<ns2:sayHelloResponse xmlns:ns2="http://simplejdk6ws/">
<return>Hello!!! TOM WITMER</return>
</ns2:sayHelloResponse>
</S:Body>
</S:Envelope>
==== Received Message End ====
Result = Hello!!! TOM WITMER

Server Side Dump, when the client was run
-------------------------------------------

Jun 28, 2008 1:31:50 PM com.sun.xml.wss.impl.filter.DumpFilter process
INFO: ==== Received Message Start ====
<?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-w
ss-wssecurity-secext-1.0.xsd" S:mustUnderstand="1">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-2004
01-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-1214640107656-784321985">
<wsse:Username>Ron</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-use
rname-token-profile-1.0#PasswordText">****</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-ws
s-soap-message-security-1.0#Base64Binary">LdWfFxGV0+wSxiq4Wwkdp1YF</wsse:Nonce>
<wsu:Created>2008-06-28T08:01:48Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</S:Header>
<S:Body>
<ns2:sayHello xmlns:ns2="http://simplejdk6ws/">
<arg0>TOM WITMER</arg0>
</ns2:sayHello>
</S:Body>
</S:Envelope>
==== Received Message End ====

Requester Subject Subject:
Principal: CN=Ron
Public Credential: Ron

Hello!!! TOM WITMER
Jun 28, 2008 1:31:51 PM com.sun.xml.wss.impl.filter.DumpFilter process
INFO: ==== Sending Message Start ====
<?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Body>
<ns2:sayHelloResponse xmlns:ns2="http://simplejdk6ws/">
<return>Hello!!! TOM WITMER</return>
</ns2:sayHelloResponse>
</S:Body>
</S:Envelope>
==== Sending Message End ====

Comment by gregrluck [ 28/Jun/08 ]

Can we leave this issue open a little longer.

I am trying to follow Option 3 on https://xwss.dev.java.net/Securing_JAVASE6_WebServices.html.

It says:

"So you can run the packaged version of this sample by downloading the ZIP file from :
SimpleJDK6WS.zip"

But there is a problem.

The sample code shown in option 3 in the article does not match the download sample. In particular
the article has

public static void main(String[] args)

{ Endpoint endpoint = Endpoint.publish("http://localhost:8080/WebServiceExample/sayhello", new Main()); Binding binding = endpoint.getBinding(); //Add a SecurityHandler as the first handler on the server side List<Handler> handlerChain = new LinkedList<Handler>(); handlerChain.add(new simplejdk6ws.SecurityHandler("server")); binding.setHandlerChain(handlerChain); System.out.println("HelloServer is open for business at http://localhost:8080/WebServiceExample/sayhello"); }

The sample, as you point out, skips the programmatic handler registration and has:

/**

  • @param args the command line arguments
    */
    public static void main(String[] args) { // TODO code application logic here Endpoint endpoint = Endpoint.publish( "http://localhost:8080/WebServiceExample/sayhello", new Main()); //Binding binding = endpoint.getBinding(); //List<Handler> handlerChain = new LinkedList<Handler>(); //handlerChain.add(new simplejdk6ws.SecurityHandler("server")); //binding.setHandlerChain(handlerChain); System.out.println("HelloServer is open for business at http://localhost:8080/WebServiceExample/sayhello"); }

The two are inconsistent. Also it is not clear whether this is XWSS 2 or 3.

The README says:

2. Download Latest WSIT build :
(if you have access to hudson then the link is : http://kohsuke.sfbay/hudson/job/wsit-javanet-
bleedingedge/

I have trying to write production code here and am not interested in bleeding edge stuff. I am trying to
use the XWSS 3.0 FCS.

I have an existing JAX-WS application I am trying to secure.

I am following the sample as stated in the article. So consider this bug to be the inconsistencies
between the two as expressed above. It is very confusing if you are a newbie like me.

What is not working for me is the following:

Endpoint endpoint = Endpoint.publish(address, implementor);
Binding binding = endpoint.getBinding();
//Add a SecurityHandler as the first handler on the server side
List<Handler> handlerChain = new LinkedList<Handler>();
handlerChain.add(new SecurityHandler("server"));
binding.setHandlerChain(handlerChain);
System.out.println("Web Service listening at URI " + address);

net.sf.ehcache.server.soap.jaxws.EhcacheWebServiceEndpoint cacheService =
new EhcacheWebServiceEndpointService().getEhcacheWebServiceEndpointPort();

//invoke business method
String result = cacheService.ping();
assertEquals("pong", result);

cacheService.ping() should not work because I have configured security as per the article. But it keeps
happily working as if there were no security.

But when I compare server_security_config.xml looks nothing like the article which has:
<xwss:SecurityConfiguration xmlns:xwss="http://java.sun.com/xml/ns/xwss/config"
dumpMessages="true" >
<xwss:RequireUsernameToken passwordDigestRequired="false"/>
</xwss:SecurityConfiguration>

From debugging it is clear that I have a security handler registered but it is never invoked and I have
not idea how to reconcile the article with the "download sample".

The final thing is that I have Java 5 (Mac PowerPC so I cannot use Java 6) and I am unclear whether SimpleJDK6WS.zip really requires 6 or not. For JAX-WS 6 is not required. I am using the http.jar from 6
which is shipped with the Jersey project.

So, after all that, I guess I

Comment by kumarjayanti [ 10/Jul/08 ]

Hi Greg,

Sorry for the mixup. It appears the original sample for Option 3 got
overwritten with another one and that has caused this issue.

I have now fixed the article as well as the sample, you can use Production
quality Metro 1.2 to run the sample. I have updated the README.

https://xwss.dev.java.net/Securing_JAVASE6_WebServices.html

Thanks again for the Feedback and let me know if it worked this time around for you.





[XWSS-31] xmldsig jar is missing from maven repository Created: 27/Jun/08  Updated: 23/Sep/09

Status: Open
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: 2.0

Type: Bug Priority: Minor
Reporter: gregrluck Assignee: xwss-issues
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 31
Tags: 2_0-waived

 Description   

My xwss pom fails to download all its dependencies

I found by searching the following:

http://mirrors.ibiblio.org/pub/mirrors/maven2/javax/xml/xmldsig/1.0/xmldsig-1.0.pom

But there is no jar file attached.

You cannot satisfy a maven dependency without a jar.



 Comments   
Comment by gregrluck [ 27/Jun/08 ]

I found other people with the same problem:

http://www.mail-archive.com/users@maven.apache.org/msg71361.html

Comment by kumarjayanti [ 10/Jul/08 ]

the version of xmldsig that is being used in Metro and XWSS does not have Open
Source License. That is the reason we are unable to publish it.

Unless you indicate to us that we can just publish the binaries to maven
(without the sources).

Meanwhile xmldsig is now an Apache Project and we are working on upgrading our
internal xmldsig version in Metro/XWSS to be the Apache one. So as part of that
we would alsp publish xmldsig to maven and update the Poms in XWSS to refer to
the right version. We hope to do this soon...

Please bear with us.

Thanks.

Comment by kumarjayanti [ 22/Sep/09 ]

sean mullan was informed about this long ago. Will check with him again.

Comment by kumarjayanti [ 23/Sep/09 ]

setting to P4 and will be automatically upgraded post Metro 2.0 to P3





[XWSS-30] The XWSS project does not provide its Maven details even though it has them Created: 27/Jun/08  Updated: 28/Jun/08  Resolved: 28/Jun/08

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: gregrluck Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 30

 Description   

In the documentation the location of the pom.xml and repository configuration is not provided. I
wasted half an hour looking for it and finally found a reference in http://blogs.sun.com/manveen/entry/xwss_on_maven.

The pom snippet for 3.0 should be:

<dependency>
<groupId>com.sun.xml.wss</groupId>
<artifactId>xws-security</artifactId>
<version>3.0</version>
</dependency>

and you need to add the following repository to get to it:

<repository>
<id>java.net</id>
<url>http://download.java.net/maven/1</url>
<layout>legacy</layout>
</repository>

Please add this information to the home page.



 Comments   
Comment by kumarjayanti [ 28/Jun/08 ]

Done. Thanks for the feedback.

https://maven-repository.dev.java.net/repository/com.sun.xml.wss/





[XWSS-29] Add XWSS users ML to Metro Nabble Forum? Created: 19/Jun/08  Updated: 19/Jun/08

Status: Open
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Improvement Priority: Minor
Reporter: gmazza Assignee: xwss-issues
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 29

 Description   

It may be a good idea to join the XWSS Users Mailing List
(https://xwss.dev.java.net/servlets/BrowseList?listName=users) to the Metro
forum at Nabble (http://www.nabble.com/Metro-f24524.html) as a child forum of it
(you can see it already has two child forums--Metro Users and Metro Dev). This
would give the XWSS User's list more exposure and more eyes for questions to be
asked and answered.

Or, create a new subproject for it, like there is already for JAX-WS and WSIT
(you can see on the same page).

I think doing the first option is simpler and would give the XWSS questions
greater exposure--the WSIT and JAX-WS forums don't have many user questions.
The latter option would be good though if you eventually want to bring in the
other XWSS-related lists as well.

Kohsuke (or whoever the Nabble Metro forum admin is) probably would know how to
do this.






[XWSS-28] Timestamp in WS-Security layer is one hour out during DST transition Created: 10/Apr/08  Updated: 21/Apr/08  Resolved: 21/Apr/08

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Blocker
Reporter: superpat7 Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: Solaris
Platform: Sun


Issuezilla Id: 28

 Description   

Last Saturday morning, my demo system (showing, amongst other things, a WS_Trust
STS using Metro and its dependencies) worked perfectly correctly. On returning
to it on Saturday night, messages were being rejected, since their timestamp was
one hour in the future. After some hours of debugging, I identified the issue as
com.sun.xml.ws.security.opt.impl.tokens.Timestamp.createDateTime() - repeated
here for reference:

public void createDateTime() throws XWSSecurityException {
if (created == null) {
Calendar c = new GregorianCalendar();
int offset = c.get(Calendar.ZONE_OFFSET);
if (c.getTimeZone().inDaylightTime(c.getTime()))

{ offset += c.getTimeZone().getDSTSavings(); }

synchronized (calendarFormatter1)

{ calendarFormatter1.setTimeZone(c.getTimeZone()); // always send UTC/GMT time long beforeTime = c.getTimeInMillis(); long currentTime = 0; currentTime = beforeTime - offset; c.setTimeInMillis(currentTime); // finished UTC/GMT adjustment setCreated(calendarFormatter1.format(c.getTime())); c.setTimeInMillis(currentTime + timeout); setExpires(calendarFormatter1.format(c.getTime())); }

}
}

createDateTime() obtains the time in UTC via getTimeInMillis(), then converts it
to local DST time, then formats it to a string, in UTC.

Preamble: the JVM was pre-DST change, so this bug became apparent for me on
Saturday 4/4, when the DST change would have happened before it was moved into
March. THIS BUG WILL ARISE EVERY YEAR, ON THE EVENING OF THE DST CHANGE!!!

On Saturday night, c.getTimeZone().inDaylightTime(c.getTime()) was returning
false, so the offset (I'm in US Pacific time zone) was calculated as -28800000
(-8 hours). Now, this is subtracted from the UTC time in milliseconds, to
correct for the fact that calendarFormatter1 has been set to the local timezone.
When this corrected time is formatted, the calendar formatter thinks it should
apply DST, since we pushed it 8 hours into the future, across the DST changeover!

By Sunday morning, the situation had corrected itself, since the current time
and time + 8 hours were both in DST, according to the JVM.

This short program shows the bug (on a current JVM that has the correct DST
changeover) and a fixed createDateTime that does not perform the unnecessary
conversion to local DST and back (I don't know if I'll be able to create an
attachment, so I'm just pasting):

----BEGIN Main.java----
package testtime;

import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.TimeZone;
import java.util.logging.Level;
import java.util.logging.Logger;

/**

  • Extract from com.sun.xml.ws.security.opt.impl.tokens.Timestamp to show DST
  • changeover bug
  • @author Pat Patterson
    */
    public class Main {
    public static final SimpleDateFormat calendarFormatter1
    = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
    /**
  • @param args the command line arguments
    */
    public static void main(String[] args)
    Unknown macro: { try { // US DST Change 2008 - Sunday 9 March // Bug will occur late on Saturday night calendarFormatter1.setTimeZone(TimeZone.getTimeZone("America/Los_Angeles")); Date saturdayNight = calendarFormatter1.parse("2008-03-08T23:00:00Z"); System.out.println("DST Saturday night, buggy:"); createDateTime(saturdayNight.getTime()); System.out.println("DST Saturday night, correct:"); createDateTime2(saturdayNight.getTime()); long timeNow = System.currentTimeMillis(); System.out.println("Now, buggy:"); createDateTime(timeNow); System.out.println("Now, correct:"); createDateTime2(timeNow); } catch (ParseException ex) { Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex); } }

public static void createDateTime(long time) {
Calendar c = new GregorianCalendar();
// Set calendar to incoming time - don't need to do this if we're
working with
// the real current time
c.setTimeInMillis(time);

int offset = c.get(Calendar.ZONE_OFFSET);
Date date = new Date(time);
if (c.getTimeZone().inDaylightTime(date))

{ offset += c.getTimeZone().getDSTSavings(); }

synchronized (calendarFormatter1)

{ calendarFormatter1.setTimeZone(c.getTimeZone()); // always send UTC/GMT time long currentTime = 0; currentTime = time - offset; c.setTimeInMillis(currentTime); // finished UTC/GMT adjustment System.out.println(time + " is " + calendarFormatter1.format(c.getTime())); }

}

public static void createDateTime2(long time) {
TimeZone utc = TimeZone.getTimeZone("UTC");
Calendar c = new GregorianCalendar(utc);
// Set calendar to incoming time - don't need to do this if we're
working with
// the real current time
c.setTimeInMillis(time);

synchronized (calendarFormatter1)

{ calendarFormatter1.setTimeZone(utc); // always send UTC/GMT time c.setTimeInMillis(time); System.out.println(time + " is " + calendarFormatter1.format(c.getTime())); }

}
}
----END Main.java----



 Comments   
Comment by superpat7 [ 10/Apr/08 ]

You can further simplify my example by moving the
calendarFormatter1.setTimeZone(utc) call to a static initializer and making the
GregorianCalendar object static too, since access to it is in the synchronized
block:

----BEGIN Main.java----
package testtime;

import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.TimeZone;
import java.util.logging.Level;
import java.util.logging.Logger;

/**

  • Extract from com.sun.xml.ws.security.opt.impl.tokens.Timestamp to show DST
  • changeover bug
  • @author Pat Patterson
    */
    public class Main {
    private static final TimeZone utc = TimeZone.getTimeZone("UTC");
    private static Calendar utcCalendar = new GregorianCalendar(utc);
    private static final SimpleDateFormat calendarFormatter1
    = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
    private static final SimpleDateFormat utcCalendarFormatter1
    = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");

static

{ utcCalendarFormatter1.setTimeZone(utc); }

/**

  • @param args the command line arguments
    */
    public static void main(String[] args)
    Unknown macro: { try { // US DST Change 2008 - Sunday 9 March // Bug will occur late on Saturday night calendarFormatter1.setTimeZone(TimeZone.getTimeZone("America/Los_Angeles")); Date saturdayNight = calendarFormatter1.parse("2008-03-08T23:00:00Z"); System.out.println("DST Saturday night, buggy:"); createDateTime(saturdayNight.getTime()); System.out.println("DST Saturday night, correct:"); createDateTime2(saturdayNight.getTime()); long timeNow = System.currentTimeMillis(); System.out.println("Now, buggy:"); createDateTime(timeNow); System.out.println("Now, correct:"); createDateTime2(timeNow); } catch (ParseException ex) { Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex); } }

public static void createDateTime(long time) {
Calendar c = new GregorianCalendar();
// Set calendar to incoming time - don't need to do this if we're
working with
// the real current time
c.setTimeInMillis(time);

int offset = c.get(Calendar.ZONE_OFFSET);
Date date = new Date(time);
if (c.getTimeZone().inDaylightTime(date))

{ offset += c.getTimeZone().getDSTSavings(); }

synchronized (calendarFormatter1)

{ calendarFormatter1.setTimeZone(c.getTimeZone()); // always send UTC/GMT time long currentTime = 0; currentTime = time - offset; c.setTimeInMillis(currentTime); // finished UTC/GMT adjustment System.out.println(time + " is " + calendarFormatter1.format(c.getTime())); }

}

public static void createDateTime2(long time) {
// maybe better style to sync on utcCalendar, since we use it first
synchronized (utcCalendar)

{ // Using time parameter for this example - would simply use // System.currentTimeMillis() in // com.sun.xml.ws.security.opt.impl.tokens.Timestamp.createDateTime() utcCalendar.setTimeInMillis(time); System.out.println(time + " is " + utcCalendarFormatter1.format(utcCalendar.getTime())); }

}
}
----END Main.java----

Comment by kumarjayanti [ 10/Apr/08 ]

Pat,

Thanks for the issue and the fix.

Comment by ashutoshshahi [ 21/Apr/08 ]

Fixed in trunk as well as 1.2 branch of WSIT





[XWSS-27] SecurityConfigurationXmlReader ignores digestPassword in xml Created: 08/Apr/08  Updated: 08/Apr/08  Resolved: 08/Apr/08

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: jarol1 Assignee: xwss-issues
Resolution: Incomplete Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 27

 Description   

I found a bug in SecurityConfigurationXmlReader - it ignores digestPassword
attribute, which is mentioned in ConfigurationConstants.java. As a result,
plaintext password which can be found in <Username> element of
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"
is not supported (only digested works). Exception WSS1404.notmet.digested will
be thrown.

Example SOAP that is rejected (it was generated by Oracle BPEL):

"<soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\"
xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"><soap:Header><wsse:Security
xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\"
xmlns=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\"
xmlns:env=\"http://schemas.xmlsoap.org/soap/envelope/\"
soap:mustUnderstand=\"1\"><wsse:UsernameToken
xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\"
xmlns=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\"><wsse:Username>XXXXXXXXX</wsse:Username><wsse:Password
Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText\">XXXXXXXX</wsse:Password></wsse:UsernameToken></wsse:Security></soap:Header><soap:Body
xmlns:ns1=\"http://xmlns.oracle.com/transferCredit\"><ns1:transferCreditProcessRequest><ns1:destination_deviceid>XXXXXXX</ns1:destination_deviceid><ns1:sum>0.001</ns1:sum></ns1:transferCreditProcessRequest></soap:Body></soap:Envelope>";

I used XWSS 2.0 style configuration:

"<xwss:SecurityConfiguration dumpMessages=\"true\"
xmlns:xwss=\"http://java.sun.com/xml/ns/xwss/config\"><xwss:UsernameToken
digestPassword=\"false\"
/><xwss:RequireUsernameToken/></xwss:SecurityConfiguration>";



 Comments   
Comment by jarol1 [ 08/Apr/08 ]

Close this issue, the correct configuration is:

"<xwss:SecurityConfiguration dumpMessages=\"true\"
xmlns:xwss=\"http://java.sun.com/xml/ns/xwss/config\"><xwss:UsernameToken
useNonce=\"false\" digestPassword=\"false\"/><xwss:RequireUsernameToken
nonceRequired=\"false\"
passwordDigestRequired=\"false\"/></xwss:SecurityConfiguration>";

Comment by kumarjayanti [ 08/Apr/08 ]

closing the issue as suggested by user.





[XWSS-26] ext cleanup of XWSS security_config.xml page. Created: 13/Mar/08  Updated: 18/Jun/08

Status: Open
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Task Priority: Critical
Reporter: kumarjayanti Assignee: xwss-issues
Resolution: Unresolved Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Attachments: Text File securityConfigPatch.txt    
Issuezilla Id: 26

 Description   

User gmazza has provided a Patch after fixing some spelling and grammar errors.

https://jax-ws.dev.java.net/issues/show_bug.cgi?id=540

Also some of the information in the article is OLD and needs to be updated with
latest information and information about new features.



 Comments   
Comment by kumarjayanti [ 13/Mar/08 ]

Thanks for the Patch. If you do find more errors send us. Meantime i am planning
the update the info in there with latest features.

Comment by kumarjayanti [ 13/Mar/08 ]

Closing issue 540 on jax-ws.

Comment by kumarjayanti [ 14/Mar/08 ]

Created an attachment (id=14)
patch

Comment by gmazza [ 12/May/08 ]

Kumar, what's the status on this? We need to get the documents polished up, and
there are more fixes that need to be done after this is applied. Alternatively,
if you can hand the page off to a tech writer at Sun Microsystems, he/she can
fix these bugs quite rapidly.

Comment by kumarjayanti [ 18/Jun/08 ]

sorry for the delay, i will be doing this soon as part of Metro 1.3 release. I
was thinking i just apply your patch and publish, but i need to proof read it
after applying your patch, just to be sure.

Thanks.

Comment by gmazza [ 18/Jun/08 ]

Good! I'll supply another patch for the rest of the text (I think I managed
only half) when you're done.





[XWSS-25] Sample code is useless Created: 28/Feb/08  Updated: 29/Feb/08  Resolved: 29/Feb/08

Status: Closed
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: jbarnum Assignee: xwss-issues
Resolution: Incomplete Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: Macintosh


Issuezilla Id: 25

 Description   

The readme file that comes with SecureXWSS20JDK6 claims that "The Sample Inserts a Username-
Password Token into SOAP Message. It also Signs and Encrypts the UsernameToken and the SOAP Body."

In actuality, the sample code does nothing other than insert basic HTTP auth headers:

((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "Ron");
((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "noR");



 Comments   
Comment by kumarjayanti [ 28/Feb/08 ]

Hi,

The sample has not been written very cleanly but if you follow the
instructions in the README file FaithFully it works. After i saw this bug i got
a doubt if there is something really wrong so i downloaded and tried the whole
thing again. Here is what i did :

For the Server :
---------------------------------------------
D:\>cd SecureXWSS20JDK6

D:\SecureXWSS20JDK6>cd src

D:\SecureXWSS20JDK6\src>copy E:\210307\wsit\wsit\dist\image\metro\lib\webservice
s-rt.jar .
1 file(s) copied.

D:\SecureXWSS20JDK6\src>copy E:\210307\wsit\wsit\dist\image\metro\lib\webservice
s-api.jar .
1 file(s) copied.

D:\SecureXWSS20JDK6\src>copy E:\210307\wsit\wsit\dist\image\metro\lib\webservice
s-tools.jar .
1 file(s) copied.

D:\SecureXWSS20JDK6\src>copy e:\210307\xwss\xwss-ri\lib\mail.jar .
1 file(s) copied.

D:\SecureXWSS20JDK6\src>dir
Volume in drive D is Data1
Volume Serial Number is D868-332E

Directory of D:\SecureXWSS20JDK6\src

02/29/2008 11:24 AM <DIR> .
02/29/2008 11:24 AM <DIR> ..
05/02/2006 09:26 PM 388,830 mail.jar
02/29/2008 11:15 AM <DIR> META-INF
02/29/2008 11:15 AM <DIR> simplejdk6ws
02/27/2008 05:22 PM 174,831 webservices-api.jar
02/27/2008 05:22 PM 12,049,131 webservices-rt.jar
02/27/2008 05:22 PM 3,633,406 webservices-tools.jar
4 File(s) 16,246,198 bytes
4 Dir(s) 29,850,988,544 bytes free

D:\SecureXWSS20JDK6\src>E:\jdk6skid\bin\apt.exe -cp .;webservices-api.jar;webser
vices-rt.jar;webservices-tools.jar simplejdk6ws/Main.java
warning: Annotation types without processors: [javax.annotation.Resource]
1 warning
warning: Annotation types without processors: [javax.xml.bind.annotation.XmlRoot
Element, javax.xml.bind.annotation.XmlAccessorType, javax.xml.bind.annotation.Xm
lType, javax.xml.bind.annotation.XmlElement]
1 warning

D:\SecureXWSS20JDK6\src>E:\jdk6skid\bin\javac -cp .;webservices-api.jar;webservi
ces-rt.jar;webservices-tools.jar simplejdk6ws/*.java
simplejdk6ws\ClientSecurityEnvironmentHandler.java:453: warning: sun.security.x5
09.KeyIdentifier is Sun proprietary API and may be removed in a future release
sun.security.x509.KeyIdentifier keyId = null;
^
simplejdk6ws\ClientSecurityEnvironmentHandler.java:455: warning: sun.security.ut
il.DerValue is Sun proprietary API and may be removed in a future release
sun.security.util.DerValue derVal = new sun.security.util.DerValue(
^
simplejdk6ws\ClientSecurityEnvironmentHandler.java:455: warning: sun.security.ut
il.DerValue is Sun proprietary API and may be removed in a future release
sun.security.util.DerValue derVal = new sun.security.util.DerValue(
^
simplejdk6ws\ClientSecurityEnvironmentHandler.java:456: warning: sun.security.ut
il.DerInputStream is Sun proprietary API and may be removed in a future release
new sun.security.util.DerInputStream(subjectKeyIdentifier).getO
ctetString());
^
simplejdk6ws\ClientSecurityEnvironmentHandler.java:458: warning: sun.security.x5
09.KeyIdentifier is Sun proprietary API and may be removed in a future release
keyId = new sun.security.x509.KeyIdentifier(derVal.getOctetString())
;
^
simplejdk6ws\ServerSecurityEnvironmentHandler.java:430: warning: sun.security.x5
09.KeyIdentifier is Sun proprietary API and may be removed in a future release
sun.security.x509.KeyIdentifier keyId = null;
^
simplejdk6ws\ServerSecurityEnvironmentHandler.java:432: warning: sun.security.ut
il.DerValue is Sun proprietary API and may be removed in a future release
sun.security.util.DerValue derVal = new sun.security.util.DerValue(
^
simplejdk6ws\ServerSecurityEnvironmentHandler.java:432: warning: sun.security.ut
il.DerValue is Sun proprietary API and may be removed in a future release
sun.security.util.DerValue derVal = new sun.security.util.DerValue(
^
simplejdk6ws\ServerSecurityEnvironmentHandler.java:433: warning: sun.security.ut
il.DerInputStream is Sun proprietary API and may be removed in a future release
new sun.security.util.DerInputStream(subjectKeyIdentifier).getO
ctetString());
^
simplejdk6ws\ServerSecurityEnvironmentHandler.java:435: warning: sun.security.x5
09.KeyIdentifier is Sun proprietary API and may be removed in a future release
keyId = new sun.security.x509.KeyIdentifier(derVal.getOctetString())
;
^
simplejdk6ws\SimpleWSClient.java:31: package client does not exist
client.MainService service =
^
simplejdk6ws\SimpleWSClient.java:32: package client does not exist
new client.MainService();
^
simplejdk6ws\SimpleWSClient.java:33: package client does not exist
client.Main port = service.getMainPort();
^
3 errors
10 warnings

D:\SecureXWSS20JDK6\src>E:\jdk6skid\bin\java -cp .;webservices-api.jar;webservic
es-rt.jar;webservices-tools.jar;mail.jar simplejdk6ws.Main
HelloServer is open for business at http://localhost:8080/WebServiceExample/sayh
ello

-----------------------------------------------------------

The Server is Ready to recieve requests above.

For the Client
----------------------------------------
D:\SecureXWSS20JDK6\src>dir
Volume in drive D is Data1
Volume Serial Number is D868-332E

Directory of D:\SecureXWSS20JDK6\src

02/29/2008 11:24 AM <DIR> .
02/29/2008 11:24 AM <DIR> ..
05/02/2006 09:26 PM 388,830 mail.jar
02/29/2008 11:15 AM <DIR> META-INF
02/29/2008 11:26 AM <DIR> simplejdk6ws
02/27/2008 05:22 PM 174,831 webservices-api.jar
02/27/2008 05:22 PM 12,049,131 webservices-rt.jar
02/27/2008 05:22 PM 3,633,406 webservices-tools.jar
4 File(s) 16,246,198 bytes
4 Dir(s) 29,850,894,336 bytes free

D:\SecureXWSS20JDK6\src>e:\jdk6skid\bin\wsimport.exe -p client http://localhost:
8080/WebServiceExample/sayhello?wsdl

D:\SecureXWSS20JDK6\src>E:\jdk6skid\bin\javac.exe -cp .;webservices-api.jar;webs
ervices-rt.jar;webservices-tools.jar simplejdk6ws/*.java
simplejdk6ws\ClientSecurityEnvironmentHandler.java:453: warning: sun.security.x5
09.KeyIdentifier is Sun proprietary API and may be removed in a future release
sun.security.x509.KeyIdentifier keyId = null;
^
simplejdk6ws\ClientSecurityEnvironmentHandler.java:455: warning: sun.security.ut
il.DerValue is Sun proprietary API and may be removed in a future release
sun.security.util.DerValue derVal = new sun.security.util.DerValue(
^
simplejdk6ws\ClientSecurityEnvironmentHandler.java:455: warning: sun.security.ut
il.DerValue is Sun proprietary API and may be removed in a future release
sun.security.util.DerValue derVal = new sun.security.util.DerValue(
^
simplejdk6ws\ClientSecurityEnvironmentHandler.java:456: warning: sun.security.ut
il.DerInputStream is Sun proprietary API and may be removed in a future release
new sun.security.util.DerInputStream(subjectKeyIdentifier).getO
ctetString());
^
simplejdk6ws\ClientSecurityEnvironmentHandler.java:458: warning: sun.security.x5
09.KeyIdentifier is Sun proprietary API and may be removed in a future release
keyId = new sun.security.x509.KeyIdentifier(derVal.getOctetString())
;
^
simplejdk6ws\ServerSecurityEnvironmentHandler.java:430: warning: sun.security.x5
09.KeyIdentifier is Sun proprietary API and may be removed in a future release
sun.security.x509.KeyIdentifier keyId = null;
^
simplejdk6ws\ServerSecurityEnvironmentHandler.java:432: warning: sun.security.ut
il.DerValue is Sun proprietary API and may be removed in a future release
sun.security.util.DerValue derVal = new sun.security.util.DerValue(
^
simplejdk6ws\ServerSecurityEnvironmentHandler.java:432: warning: sun.security.ut
il.DerValue is Sun proprietary API and may be removed in a future release
sun.security.util.DerValue derVal = new sun.security.util.DerValue(
^
simplejdk6ws\ServerSecurityEnvironmentHandler.java:433: warning: sun.security.ut
il.DerInputStream is Sun proprietary API and may be removed in a future release
new sun.security.util.DerInputStream(subjectKeyIdentifier).getO
ctetString());
^
simplejdk6ws\ServerSecurityEnvironmentHandler.java:435: warning: sun.security.x5
09.KeyIdentifier is Sun proprietary API and may be removed in a future release
keyId = new sun.security.x509.KeyIdentifier(derVal.getOctetString())
;
^
10 warnings

D:\SecureXWSS20JDK6\src>E:\jdk6skid\bin\java.exe -cp .;webservices-api.jar;webse
rvices-rt.jar;webservices-tools.jar;mail.jar simplejdk6ws.SimpleWSClient
Got Username......... : Ron
Got Password......... : noR
Feb 29, 2008 11:30:12 AM com.sun.xml.wss.impl.filter.DumpFilter process
INFO: ==== Sending Message Start ====
<?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-w
ss-wssecurity-secext-1.0.xsd" S:mustUnderstand="1">
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-ws
s-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-1204264812218-1575931445">
<wsu:Created>2008-02-29T06:00:12.117Z</wsu:Created>
<wsu:Expires>2008-02-29T06:05:12.117Z</wsu:Expires>
</wsu:Timestamp>
<xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="XWSSGID-12
04264812268-1360985858">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-2
00401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-o
pen.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdenti
fier">dVE29ysyFW/iD1la3ddePzM6IWo=</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>ouxC0cqrmQWnWpDucV1A7b8IyCsVqMEhM1qLvRfzBd0IRm8c1nptRfF37FEFYE
MkIfat5kxcwhLs
qF+IETfPltt6dwyPAkhE42ZWUnLzulh5fRf2vfApnMJdDpouWy5xD6/LejUtWue095qTE3vG32Pq
0UicznASqPF9kqYIl98=</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedKey>
<xenc:ReferenceList xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:DataReference URI="#XWSSGID-1204264812558-1655628261"/>
<xenc:DataReference URI="#XWSSGID-1204264812558-1123387489"/>
</xenc:ReferenceList>
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-2004
01-wss-wssecurity-utility-1.0.xsd" wsu:Id="username-token">
<xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="XWSSGID-1
204264812558-1123387489" Type="http://www.w3.org/2001/04/xmlenc#Content">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc
"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<wsse:Reference URI="#XWSSGID-1204264812268-1360985858"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>PBc+yg1LEGjAJEecV8eUdhdmR3SjIaPVSIIOzUjW8OnmDN76tTO0ork9w/J96I
6T/q0HTStTS6EY
2F7nqjmkDSE1Uj30vdL2pszqZLIVEov4YRGq6Y/vQRVxZ/FFMq5OpwKmNwPEud/2KY5agHOJ8IRt
nrqYJJ05A7p1JkgtrK2YT5ksgrMYG7f300VO1kvTF2AP9s2agenQE3UlATLCDcV0zhxxkIVwQRmt
C0MYgxD+FvktMWckOhQe66K2pKEW3H5zHRJ6x6knpwygDQAUPzfnX4b4ta+owjc9fgqOez8G6h+S
lM0sserRskfZfoxwM2yS7sV1nv68Qdi5tufSNfEcla9WRb08OF2aG1+bOE2oIp1yLJi6TB3KifHx
RMOdBJYce0NZW1EWDCOS7gs6D7XquJr6hhJIhOcLButr6WIHBWi7bVEloh2XzMPp0C0dYCrXxIox
skFJZd1ynWwV5S0cNDM+Ug3ppImlyBUhViu/0f38X1kmrGpvAePxuyxIKjVD4SwNG1NQGT54DWNK
vE7x7GM6Z1TCogibTAZzT3XiGEPSgYbkj5q+PyY4JNe8U3ugf365XeuP2g2zgOXYEoDFNQc6rbq6
tYwQWqZOPw8h+nDF+CcyOBpeUqNXod7/JL5x2WVlYy4qjZr1cH2h4uSGF/1O56dcBWmSKOEJvWS5
lFrlIrs1NjjwNibXInYO6n2B1I6mBS7tXPVc1yzDltnpu37O+3JtLG+1cBe3zi4B7Q784dBykhRg
sw3AWbiIzk1lnDciLskFIq8lBpsRpl2cNKH2zydMsOn17iNxa+YshzCgsJ2c4Tn4jl4zt3eOeY7q
/RwW3j8zXsS+Q8SYpgpTGY3EtpkbbFcWBo+RUKrJMpyuF8VyX5YdVWt3jougJVK1T6fnCPbDqbbM
8gPYkq/YP6fuIsUR3os+Vm5qCmJS+ljEffNovUCTo2nZIVmJc9ijjF1E8fM=</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
</wsse:UsernameToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="XWSSGID-12042648
11937224709851">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList=
"wsse S"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="username-token">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>kwiB8WHVoryp8vWkFn00XFCi+xk=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#XWSSGID-1204264812218-1993000820">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>ZpbALBVMdm3A6E8AUoVyP94ep78=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#XWSSGID-1204264812218-1575931445">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>/V/lfEtnjh/ZesI66sSwH/CM2zg=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>BGRLsbaR3Z6SGaYW5uaDgMPFG+1zEUa/vkmIYLECbq1ed3tbfK7P8EwZX/+cA
jXfRh/O3U3SLFRx
m1y0/7Utv/LApDFrclEhcTnWNMeGJg8ENRyc6TAQsoJ7aEMgkQklZTUIGGPsSS4CUwGCu+pLE8th
4Wy0Og3HsaTPyBjZewU=</ds:SignatureValue>
<ds:KeyInfo>
<wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/o
asis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-12042648121982050460
263">
<wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-2
00401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-o
pen.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdenti
fier">/mItfvuFdS7A0GCysE71TFRxP2c=</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</S:Header>
<S:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd" wsu:Id="XWSSGID-1204264812218-1993000820">
<xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="XWSSGID-1
204264812558-1655628261" Type="http://www.w3.org/2001/04/xmlenc#Content">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc
"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/
oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Reference URI="#XWSSGID-1204264812268-1360985858"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>kIvPUZ/X2fHeYlmKuh3GD17fvgeas9NfR2pFHQXsMjHmc//by1ohveA+py55FO
aI+0SwMXQt2y0Z
mfhAEzABPm5lAMsjRdcxglstnbrUHzEVcR1ivkUVUa7TIMmST1tw</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
</S:Body>
</S:Envelope>
==== Sending Message End ====

Feb 29, 2008 11:30:13 AM com.sun.xml.wss.impl.filter.DumpFilter process
INFO: ==== Received Message Start ====
<?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-w
ss-wssecurity-secext-1.0.xsd" S:mustUnderstand="1">
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-ws
s-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-12042648131191728657222">
<wsu:Created>2008-02-29T06:00:13.109Z</wsu:Created>
<wsu:Expires>2008-02-29T06:05:13.109Z</wsu:Expires>
</wsu:Timestamp>
<xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="XWSSGID-12
042648131291256334627">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-2
00401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-o
pen.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdenti
fier">/mItfvuFdS7A0GCysE71TFRxP2c=</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>g59ZH6noOQ7WocpaUoAhy9Gi+yyFnm/KACr16iVHnU3tp8w31+8953TjR3wMzu
7nifnlBsc5hQYs
T97MR/PELN2qq6plWJkpXWbiCOe4A3qg8ZeQ0R0699YQNW7yJUGlBvGhVORH4HRz9zIxPGemUqPZ
dIxNZ61fCECILKS9RN0=</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedKey>
<xenc:ReferenceList xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:DataReference URI="#XWSSGID-1204264813139-1712609121"/>
</xenc:ReferenceList>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="XWSSGID-12042646
148341763527754">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList=
"wsse S"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#XWSSGID-1204264813119847920932">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>Xu7W826z9xfkkympq5YvoQbpALg=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#XWSSGID-12042648131191728657222">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>yhODJj4R1F59qGwEMJ3eK+RgWxg=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>stm0VlFj8g88qFb1Bfe3tYcwgGVwX/1dsjZZwt0a4vfNwjJr+3kWRA4oW7qro
KNhBootbrgwmHnP
eMj2bU6va7JZS0hco0pCYAVNRAHWPxVknFBiFw56ReZobOlfIhJfVmsCJKjbtbzGAQAJfIfLF/Pt
KfUdoEFO4Mcc3bIS6nk=</ds:SignatureValue>
<ds:KeyInfo>
<wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/o
asis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-1204264813119-674277
324">
<wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-2
00401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-o
pen.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdenti
fier">dVE29ysyFW/iD1la3ddePzM6IWo=</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</S:Header>
<S:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd" wsu:Id="XWSSGID-1204264813119847920932">
<xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="XWSSGID-1
204264813139-1712609121" Type="http://www.w3.org/2001/04/xmlenc#Content">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc
"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/
oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Reference URI="#XWSSGID-12042648131291256334627"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>9FkOn1aCN6riUS2BUyvGRWMamS5CzEwRtB5fW9TQldCa/IjPKprBK8BbLL8qNm
o0vG/MDy7GOSQC
4zoBAhibmYRUOKksd1LwwXMaVYTyWzG1qDokK1woaef7kag6WayXvgSecvzY5NWBHwt7ZTHyNcaV
5j/ORnnnztdIvtkogm7tB2NYw7tuJiVrRL7h6VaCTs9N08KGq6c9fsXvDHo1ddMUeiUIAnJDoPFq
1i6o+1lRS7/Yd09MVZoCloAy9cDlk7J0ovHsl2JCrRI/4ccrMC8GF6Q6XtPioyEbE4WiTzJIsLCo
QniTe120bBZhmutvU1Txwg/du7W2txObrtb4jyrZJ/nLB4iCZTcB1Y0ExfM=</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
</S:Body>
</S:Envelope>
==== Received Message End ====

Result = Hello!!! TOM WITMER
-------------------------------------

So you can actually see that a Username Password was sent as well as the Message
was Signed and Encrypted. Actually the content of the usernametoken has also
been encrypted to protect the confidentiality of the password.

When i get some time i promise to Tidy up the sample but otherwise things do
work. The overloaded use of BindingProivider.USERNAME_PROPERTY and
PASSWORD_PROPERTY was a mistake (since they are meant for BASIC-AUTH). So we
have since deprecated the use of these properties in Metro for WS-Security
Purposes. For the purpose of this sample the properties are being read by the
ClientSecurityEnvironmentHandler.java so you can easily replace them by setting
your own properties in the Client code and then read those properties in the
ClientSecurityEnvironmentHandler.

Comment by jbarnum [ 29/Feb/08 ]

Thanks very much for taking the time to respond to that. I never got past those errors in the initial build,
especially because the sample code did not look like it did what I needed.





[XWSS-24] XWSS 3.0 can not be used with JAX-WS 2.0.1 Created: 02/Jan/08  Updated: 14/Sep/09

Status: Open
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Minor
Reporter: freddydaking Assignee: kumarjayanti
Resolution: Unresolved Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All
URL: https://xwss.dev.java.net/servlets/ReadMsg?list=users&msgNo=496


Issuezilla Id: 24
Tags: as911na

 Description   

when loading the server_security_config.xml file the following exception occurs:
java.lang.NoSuchMethodError: getServiceName
at
com.sun.xml.xwss.XWSSPipelineAssemblerFactory$XWSSPipelineAssembler.isSecurityConfigPresent(XWSSPipelineAssemblerFactory.java:136)
at
com.sun.xml.xwss.XWSSPipelineAssemblerFactory$XWSSPipelineAssembler.createServer(XWSSPipelineAssemblerFactory.java:84)
at com.sun.xml.ws.server.WSEndpointImpl.<init>(WSEndpointImpl.java:93)
at
com.sun.xml.ws.server.EndpointFactory.createEndpoint(EndpointFactory.java:199)
at com.sun.xml.ws.api.server.WSEndpoint.create(WSEndpoint.java:291)
at com.sun.xml.ws.api.server.WSEndpoint.create(WSEndpoint.java:315)

This is line 136 in XWSSPipelineAssemblerFactory (method
isSecurityConfigPresent()):
QName serviceQName = context.getEndpoint().getServiceName();

In JAX-WS 2.0.1 WSEndpointImpl there is no such method, I think it
was introduced in JAX-WS 2.1.



 Comments   
Comment by kumarjayanti [ 29/Jan/08 ]

Targeted for Metro 1.2. The issue does not affect WSIT in anyway. It concerns
standalone XWSS users.

Comment by kumarjayanti [ 31/Jan/08 ]

Added Keyword : as911na

Comment by kumarjayanti [ 18/Jun/08 ]

If you have any idea how i can get the service name in JAXWS 2.0.1 please let me
know so i can think of making some code change. We have kept this low priority
and am unable to spend time on this due to lack of cycles. If you can submit a
patch i can review and integrate the same.

Thanks.

Comment by kumarjayanti [ 14/Sep/09 ]

reassign.





[XWSS-23] Please backport NPE fix in XWSSClientPipe to Metro 1.0.x branch Created: 23/Dec/07  Updated: 16/Jan/08  Resolved: 16/Jan/08

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Blocker
Reporter: al130959 Assignee: kumarjayanti
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 23

 Description   

Using the Metro 1.0.1 FCS release, when trying to add a WSS username and
password header to a client request that has been created using the Dispatch API
and does NOT reference a WSDL file, I run into the following NullPointerException:

Exception in thread "main" java.lang.NullPointerException
at com.sun.xml.ws.api.message.Message.getOperation(Message.java:281)
at com.sun.xml.xwss.XWSSClientPipe.secureRequest(XWSSClientPipe.java:258)
at com.sun.xml.xwss.XWSSClientPipe.process(XWSSClientPipe.java:143)
at
com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:115)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:595)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:554)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:539)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:436)
at com.sun.xml.ws.client.Stub.process(Stub.java:248)
at
com.sun.xml.ws.client.dispatch.DispatchImpl.doInvoke(DispatchImpl.java:180)
at com.sun.xml.ws.client.dispatch.DispatchImpl.invoke(DispatchImpl.java:206)
at
com.sun.germany.vine2.troubleTicket.client.TroubleTicketClientImpl.call(TroubleTicketClientImpl.java:63)
at
com.sun.germany.vine2.troubleTicket.client.TroubleTicketClientProxy.call(TroubleTicketClientProxy.java:105)
at
com.sun.germany.vine2.troubleTicket.client.test.TroubleTicketClientTest.main(TroubleTicketClientTest.java:108)

Client code fragment looks like the following:

Service service = Service.create(serviceName);
service.addPort(portName, soapBinding, webserviceURL.toExternalForm());
Source request = new StreamSource(new
ByteArrayInputStream(messageBody));
Dispatch<Source> dispatch = service.createDispatch(portName,
Source.class, Service.Mode.PAYLOAD);
WSBindingProvider bp = (WSBindingProvider) dispatch;
XWSSecurityConfiguration securityConfig =
SecurityConfigurationFactory.newXWSSecurityConfiguration(Thread.currentThread().getContextClassLoader().getResourceAsStream("/xwss-client-config.xml"));
Map <String, Object> requestCtx = dispatch.getRequestContext();

requestCtx.put(XWSSecurityConfiguration.MESSAGE_SECURITY_CONFIGURATION,
securityConfig);
requestCtx.put(BindingProviderProperties.CONNECT_TIMEOUT,
connectTimeout);
requestCtx.put(BindingProviderProperties.REQUEST_TIMEOUT, readTimeout);
requestCtx.put(Dispatch.ENDPOINT_ADDRESS_PROPERTY,
webserviceURL.toExternalForm());
Source response = dispatch.invoke(request);

The exact same client code works fine using Metro 1.1 FCS.

From looking at the XWSS source code for com.sun.xml.xwss.XWSSClientPipe, it
seems like it would be sufficient to backport the changes made between CVS
revision 2.5.6.1 (WSIT-1_0-FCS-BRANCH) and revision 1.8 to the WSIT-1_0-FCS-BRANCH.

In my current customer scenario, using Metro 1.1 is not an option, as we have to
use an officially supported Metro build from the 1.0.x branch.

Many thanks in advance!

Best regards,

Andreas


Andreas Loew
Java Architect
Sun Microsystems (Germany)



 Comments   
Comment by al130959 [ 10/Jan/08 ]

Setting to P1 to clarify its importance for our customer scenario (cf. internal
mail).

Comment by kumarjayanti [ 16/Jan/08 ]

checked in the fix to XWSS : WSIT-1_0-FCS-BRANCH Branch.





[XWSS-22] XWS-3.0-FCS is not deployed to maven repo Created: 06/Dec/07  Updated: 24/Apr/08  Resolved: 24/Apr/08

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Critical
Reporter: slonopotamus Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 22
Tags: as911na

 Description   

subj



 Comments   
Comment by kumarjayanti [ 29/Jan/08 ]

Not related to Metro 1.2.

Comment by kumarjayanti [ 31/Jan/08 ]

Added keyword as911na

Comment by kumarjayanti [ 24/Apr/08 ]

xws-security-3.0-sources.jar 24-Apr-2008 02:58 1M
xws-security-3.0-sources.jar.md5 24-Apr-2008 02:58 32b
xws-security-3.0.jar 24-Apr-2008 02:57 2M
xws-security-3.0.jar.md5 24-Apr-2008 02:57 32b

Now available at :
https://maven-repository.dev.java.net/nonav/repository/com.sun.xml.wss/jars/

Sorry for the long delay in doing this.





[XWSS-21] SOAP with Attachments WSS complete transform is incorrect Created: 26/Nov/07  Updated: 03/Jul/08  Resolved: 03/Jul/08

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: sjones4 Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Attachments: Text File swa_correct.txt     Text File swa_wrong.txt    
Issuezilla Id: 21
Tags: as911na

 Description   

The XWSS 2.0 toolkit supports SOAP with Attachments WSS 1.0 (Draft). There are 2
transformations available for this:

Attachment-Content-Only-Transform
Attachment-Complete-Transform

The complete transform is not correctly implemented and fails to include any of
the required MIME headers in the canonicalized output unless all the processed
headers are present in lexicographical order.



 Comments   
Comment by sjones4 [ 26/Nov/07 ]

Created an attachment (id=12)
A correct example

Comment by sjones4 [ 26/Nov/07 ]

Created an attachment (id=13)
An example that shows the same message with different header order

Comment by kumarjayanti [ 29/Jan/08 ]

Targeted for Metro 1.3. Does not affect WSIT, it only affects standalone XWSS
2.0 and 3.0 users.

Comment by kumarjayanti [ 31/Jan/08 ]

Added keyword as911na

Comment by ashutoshshahi [ 03/Jul/08 ]

Fixed in xwss 3.0 trunk





[XWSS-20] xws-security.jar manifest doesn't contain build numbers Created: 20/Sep/07  Updated: 22/Nov/07  Resolved: 22/Nov/07

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: kohsuke Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 20

 Description   

xws-security.jar does not contain the hudson build number. I suspect a bug in
the build script or the Hudson job configuration.

See the output, which is from Metro 1.0.

> [kk122374@kohsuke2:/java/re/wsit/1.0/promoted/fcs/latest/ws/wsit/wsit/lib/runtime]
> : unzip -p xws-security.jar META-INF/MANIFEST.MF
> Manifest-Version: 1.0
> Ant-Version: Apache Ant 1.6.5
> Created-By: 1.5.0_06-b05 (Sun Microsystems Inc.)
> Specification-Title: XML and Web Services Security (Non-standard API)
> Implementation-Title: XML and Web Services Security Implementation
> Implementation-Version: 3.0-FCS
> Implementation-Vendor: Sun Microsystems, Inc.
> Implementation-Vendor-Id: com.sun
> Build-Id: $

{build.number}

-July 26 2007



 Comments   
Comment by kumarjayanti [ 14/Nov/07 ]

Hi Kohsuke,

Can you show me how the build script can pickup the build number from Hudson
so that i can fix this Bug.

Thanks.

Comment by kumarjayanti [ 22/Nov/07 ]

fixed.

Comment by kumarjayanti [ 22/Nov/07 ]

The next time we copy xwss jars into WSIT from Hudson we should see the Build.Id
set correctly.

Comment by kumarjayanti [ 22/Nov/07 ]

The next time we copy xwss jars into WSIT from Hudson we should see the Build.Id
set correctly.





[XWSS-19] Selecting provider in DecryptionProcessor Created: 11/Sep/07  Updated: 11/Sep/07

Status: Open
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: New Feature Priority: Major
Reporter: vtregner Assignee: xwss-issues
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: HP-UX
Platform: HP


Issuezilla Id: 19
Tags: as91-na

 Description   

Hello,
we use XWSS to decrypt incomming SOAP message. Private key for decryption is
stored in HSM module (nCipher). When message is to be decrypted we have got
error message telling that it is not possible to export key outside HSM. Problem
is that DecryptionProcessor creates instance of XMLCipher by calling
XMLCipher.getInstance(encryptionAlgorithm). This creates XMLCipher with default
provider, in out case, SUN provider is used for RSA cipher, but this leads to
error I mentioned above. We need to use provider shiped with nCipher, this is
nCipherKM provider, but how to use it? Class XMLCipher has another method -
getProviderInstance which creates XMLCipher instance using given provider. But
class DecryptionProcessor doesn't allow to choose provider (method
processEncryptedKey).



 Comments   
Comment by kumarjayanti [ 11/Sep/07 ]

adding keyword as91-na

Comment by kumarjayanti [ 11/Sep/07 ]

Can you not solve the issue by changing the Order of Preference of the Providers
in <java.home>/lib/security/java.security file.

One of the types of properties contained in the java.security file is of the
following form:

security.provider.n=providerClassName

This declares a provider, and specifies its preference order "n". The preference
order is the order in which providers are searched for requested algorithms
(when no specific provider is requested). The order is 1-based; 1 is the most
preferred, followed by 2, and so on.

Add the above line to java.security, replacing providerClassName with the class
implementing the nCipher provider, and substituting n with the priority that you
would like to assign to the "nCipher" provider (which in your case is 1). your
entries would look like:

security.provider.1=your.nCipher.Provider
security.provider.2=com.sun.net.ssl.internal.ssl.Provider

"SunJSSE" would now be the second preferred provider

If you are satisfied with the answer please let us know so we can close the issue.

Thanks.





[XWSS-18] â€œenforce=falseâ€� in the Target (SignatureTarget, EncryptionTarget) is not working when request message is without security Created: 25/Jun/07  Updated: 26/Jun/07  Resolved: 26/Jun/07

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: shyam_rao Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 18
Tags: as91-na

 Description   

Problem Description from XWSS user (Summer Li):
===============================================

Hi Kumar,

Here’s the request message. There’s no encryption and signature in the message.
I’m using the configuration file attached in my previous email. I didn’t use
dynamicPolicyCallback. I’ll try that. Maybe I misunderstood the usage of
“enforce�. I thought that was used when a target can be secured or not.

Thank you for your help!

<env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope">

<env:Header>

<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
env:mustUnderstand="1">

<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="usertoken">
<wsse:Username>abc</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">****</wsse:Password>
<wsse:Nonce
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">ofI85c1qGbr9G2bgKO/3tRAG</wsse:Nonce>
<wsu:Created>2007-06-12T18:52:30Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</env:Header>
<env:Body>
<eease:RequestInfo xmlns:eease="http://www.employease.com/wsi#">
<ServiceName>Ping</ServiceName>
</eease:RequestInfo>
</env:Body>
</env:Envelope>

Li, Summer wrote:

I tried to create a flexible server side configuration file. I use
“enforce=false� in the Target (SignatureTarget, EncryptionTarget), but if the
request message doesn’t encrypt the target or sign the target, then a exception
will be thrown:

com.sun.xml.wss.XWSSecurityException : com.sun.xml.wss.XWSSecurityException :
More Receiver requirements [ EncryptionPolicy ] specified than present in the
message
at com.sun.xml.wss.impl.misc.XWSSProcessor2_0Impl.verifyInboundMessage(
XWSSProcessor2_0Impl.java:115 )
I tried both “Target� and “SignatureTarget/EncrytionTarget�, but the result is
the same.

Here’s the configuration file:

<!-- Server side configuration -->

<xwss:SecurityConfiguration dumpMessages="true"
xmlns:xwss="http://java.sun.com/xml/ns/xwss/config">
<!-- Encrypt soap body and the attachment-->
<xwss:Encrypt>
<xwss:X509Token certificateAlias='somecert'
keyReferenceType='IssuerSerialNumber' valueType='#X509v3'/>
<xwss:DataEncryptionMethod
algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<xwss:Target type="xpath">//env:Body</xwss:Target>
<xwss:Target type="uri">cid:*</xwss:Target>
</xwss:Encrypt>
<!-- Requirement for incoming message -->
<xwss:RequireUsernameToken id="usertoken" passwordDigestRequired="true"
nonceRequired="true" maxClockSkew="60" timestampFreshnessLimit="300"
maxNonceAge="900"/>

<!-Require to encrypt soap body and attachment(s)->
<xwss:RequireEncryption>
<xwss:Target type="xpath" enforce="false">//env:Body</xwss:Target>
<xwss:Target type="uri" enforce="false">cid:*</xwss:Target>
</xwss:RequireEncryption>
<!-Require to sign usertoken->
<xwss:RequireSignature requireTimestamp="false">
<xwss:Target type="uri" enforce="false">usertoken</xwss:Target>
</xwss:RequireSignature>
</xwss:SecurityConfiguration>

Any suggestions about that? Thanks!
Summer Li



 Comments   
Comment by shyam_rao [ 25/Jun/07 ]

Fixed in XWSS20 & XWSS30( Trunk).

Need verification from the User.

Comment by shyam_rao [ 26/Jun/07 ]

adding keyword "as91-na"





[XWSS-17] XWSS 2.0 Decryption of Attachment Fails Created: 11/Jun/07  Updated: 26/Jun/07  Resolved: 26/Jun/07

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: kumarjayanti Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Attachments: XML File plain_request.xml     XML File wsi_client.xml    
Issuezilla Id: 17
Tags: as91-na

 Description   

Li, Summer wrote:

>I'm using XWSS 2.0.

I believe you have hit a bug. We will try to fix this soon. It will be very nice
if you can give us a reproducible testcase...

BTW where did you get the XWSS jars from ?. Did you download the latest ones
from https://xwss.dev.java.net

What is the JDK version that you are using ?. And finally where did you get all
the other supporting jars such as SAAJ, JAXWS/JAXRPC etc.

regards,
kumar

----Original Message----

From: K.Venugopal@Sun.COM K.Venugopal@Sun.COM

Sent: Thursday, June 07, 2007 10:08 PM

To: users@xwss.dev.java.net

Subject: Re: decrypt attachment

which version of xwss are you using

venu

Li, Summer wrote:

>See the encrypted message carefully, and find that the CipherReference
>
>

>URI=cid:ayloa, where in the attachment the cid is "payload". The cid
>
>is truncated. Is it a bug which causes the NullPointerException?
>
>
>
>If I missed something, could you help me to figure it out?
>
>
>
>Thank you,
>
>
>
>Summer Li
>
>
>
>
>
>

------------------------------------------------------------------------

>From: Li, Summer
>
>Sent: Wednesday, June 06, 2007 6:46 PM
>
>To: 'users@xwss.dev.java.net'
>
>Subject: decrypt attachment
>
>
>
>I have a message with encrypted soap body and attachment. When I
>
>decrypt the attachment, a NullPointerException throws, see below.
>
>
>
>Jun 6, 2007 5:59:22 PM
>
>com.sun.xml.wss.impl.apachecrypto.DecryptionProcessor
>
>

processEncryptedKey

>SEVERE: Error occurred while decrypting
>
>
>
>java.lang.NullPointerException
>
>
>
>at
>
>
>
>

com.sun.xml.wss.impl.apachecrypto.DecryptionProcessor.processEncryptedDa

ta(DecryptionProcessor.java:453)

>at
>
>
>
>

com.sun.xml.wss.impl.apachecrypto.DecryptionProcessor.decryptReferenceLi

st(DecryptionProcessor.java:292)

>at
>
>
>
>

com.sun.xml.wss.impl.apachecrypto.DecryptionProcessor.processEncryptedKe

y(DecryptionProcessor.java:213)

>at
>
>
>
>

com.sun.xml.wss.impl.apachecrypto.DecryptionProcessor.decrypt(Decryption

Processor.java:116)

>at
>
>
>
>

com.sun.xml.wss.impl.filter.EncryptionFilter.process(EncryptionFilter.ja

va:210)

>at
>
>

com.sun.xml.wss.impl.HarnessUtil.processWSSPolicy(HarnessUtil.java:66)

>at com.sun.xml.wss.impl.HarnessUtil.processDeep(HarnessUtil.java:218)
>
>
>
>at
>
>
>
>

com.sun.xml.wss.impl.SecurityRecipient.processMessagePolicy(SecurityReci

pient.java:785)

>at
>
>
>
>

com.sun.xml.wss.impl.SecurityRecipient.processMessagePolicy(SecurityReci

pient.java:748)

>at
>
>
>
>

com.sun.xml.wss.impl.SecurityRecipient.validateMessage(SecurityRecipient

.java:216)

>at
>
>
>
>

com.sun.xml.wss.impl.misc.XWSSProcessor2_0Impl.verifyInboundMessage(XWSS

Processor2_0Impl.java:113)

>My Configuration file is
>
>
>
><xwss:SecurityConfiguration dumpMessages="true"
>
>xmlns:xwss="http://java.sun.com/xml/ns/xwss/config">
>
>
>
><!-- Encrypt soap body and the attachment-->
>
>
>
><xwss:Encrypt>
>
>
>
><xwss:X509Token certificateAlias='somecert'
>
>keyReferenceType='IssuerSerialNumber' valueType='#X509v3'/>
>
>
>
><xwss:DataEncryptionMethod
>
>algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
>
>
>
><xwss:Target type="xpath">//env:Body</xwss:Target>
>
>
>
><xwss:Target type="uri">cid:*</xwss:Target>
>
>
>
></xwss:Encrypt>
>
>
>
><!-- Requirement for incoming message -->
>
>
>
><!-- Require UserToken -->
>
>
>
><xwss:RequireUsernameToken id="usertoken"
>
>passwordDigestRequired="true" nonceRequired="true"
>
>
>
>maxClockSkew="60" timestampFreshnessLimit="300" maxNonceAge="900"/>
>
>
>
><!-Require to encrypt soap body and attachment(s)->
>
>
>
><xwss:RequireEncryption/>
>
>
>
><!-- Require to sign usertoken-->
>
>
>
><xwss:RequireSignature>
>
>
>
><xwss:SignatureTarget type="uri" value="usertoken"/>
>
>
>
></xwss:RequireSignature>
>
>
>
></xwss:SecurityConfiguration>
>
>
>
>If the message doesn't contain an encrypted attachment, then the
>
>message can be verified successfully. So is there something wrong with
>
>

>the attachment part?
>
>
>
>I attached the secured incoming message.
>
>
>
>Appreciate any help!
>
>
>
>Summer Li



 Comments   
Comment by kumarjayanti [ 11/Jun/07 ]

Created an attachment (id=10)
config file

Comment by kumarjayanti [ 11/Jun/07 ]

marked as as91-na since it does not apply to WSIT

Comment by kumarjayanti [ 11/Jun/07 ]

Created an attachment (id=11)
request

Comment by shyam_rao [ 25/Jun/07 ]

Reported config file was wrong. With the changed security config file, it worked
for me.

Comment by shyam_rao [ 26/Jun/07 ]

I am able to reproduce the problem with provided test case by user. So,
reopening the isssue

Comment by shyam_rao [ 26/Jun/07 ]

Fixed in XWSS20 & XWSS30( Trunk).





[XWSS-16] XWSS 3.0 does not work correctly with Jaxws 2.1's simple endpoint feature Created: 30/Apr/07  Updated: 13/Aug/07  Resolved: 13/Aug/07

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: breadfan_de Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 16
Tags: as91-na

 Description   

Using xwss 3.0 and jaxws 2.1 (not 2.1.1 RC1!) we get a NPE using the simple
endpoint (J2SE Enpdoints) feature, as soon as xwss is in the classpath:

java.lang.NullPointerException
at
com.sun.xml.xwss.XWSSPipelineAssemblerFactory$XWSSPipelineAssembler.isSecurityConfigPresent(XWSSPipelineAssemblerFactory.java:111)
at
com.sun.xml.xwss.XWSSPipelineAssemblerFactory$XWSSPipelineAssembler.createServer(XWSSPipelineAssemblerFactory.java:76)
at
com.sun.xml.ws.api.pipe.TubelineAssemblerFactory$TubelineAssemblerAdapter.createServer(TubelineAssemblerFactory.java:104)
at com.sun.xml.ws.server.WSEndpointImpl.<init>(WSEndpointImpl.java:121)
at com.sun.xml.ws.server.EndpointFactory.createEndpoint(EndpointFactory.java:199)
at com.sun.xml.ws.api.server.WSEndpoint.create(WSEndpoint.java:420)
at com.sun.xml.ws.api.server.WSEndpoint.create(WSEndpoint.java:439)
at
com.sun.xml.ws.transport.http.server.EndpointImpl.createEndpoint(EndpointImpl.java:208)
at com.sun.xml.ws.transport.http.server.EndpointImpl.publish(EndpointImpl.java:138)
at
com.o2.portal.fss.jaxwsutil.server.ServerUtils.createServer(ServerUtils.java:143)

Seems that the servlet context is null, like described in
http://forums.java.net/jive/thread.jspa?threadID=24510.

For clarification:

  • We do not use the spring integration nor do we use wsit mentioned in the forum
    thread
  • I had to add the lib servlet-api (2.4) so that I reach to the above exception.
    (otherwise you get a ClassNotFound-Ex

We are using the simple endpoint feature (as a mock server) in our testcases for
our ws-client code. My first idea was to run the testcases against the j2se
simple endpoint mock without any security features which is impossible because
of the NPE above.

Adding a security-config-xml to the classpath surely does not help, because the
servlet-context (which is null) is asked to resolve it.



 Comments   
Comment by kumarjayanti [ 17/May/07 ]

This is a known issue. XWSS 3.0 does not yet support the JAXWS EndPoint Feature.
There is a hard assumption in the XWSS <-> JAXWS integration layer where we
assume that the server side security configuration is located inside a WAR file.

The ServletContext is being used in this case to locate the security
configuration insided the WAR file.

Till we find an alternative way to locate the Security Configuration on the
Server Side for the J2SE EndPoint feature we will be unable to support this
combination. We will try to fix this soon...

Till then i have written down an alternative way to accomplish this using
Handler(s). Please take a look :

https://xwss.dev.java.net/Securing_JAVASE6_WebServices.html

Thanks.

Comment by kumarjayanti [ 17/May/07 ]

This issue is not relevant for WSIT 1.0 FCS.

Comment by rameshm [ 23/May/07 ]

This issue is not relevant for WSIT 1.0 FCS.
-Kumar

Comment by rameshm [ 30/May/07 ]

Added keyword ( as91-na)

Comment by kumarjayanti [ 13/Aug/07 ]

Fixed the issue.

A complete sample that shows how to use JDK6 and XWSS 2.0 style security can be
downloaded from here :

https://xwss.dev.java.net/servlets/ProjectDocumentList?folderID=7894&expandFolder=7894&folderID=7894





[XWSS-15] xwss2.0 tests fails with latest xwss3.0 jar Created: 30/Mar/07  Updated: 30/Mar/07  Resolved: 30/Mar/07

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: shyam_rao Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 15

 Description   

WSS1203: Exception [ Wrong algorithm: AES or Rijndael required ] while trying to
decrypt message|#]



 Comments   
Comment by shyam_rao [ 30/Mar/07 ]

Fixed & Checked in xwss30 workspace





[XWSS-14] The creation time is ahead of the current time Created: 31/Jan/07  Updated: 02/Feb/07  Resolved: 02/Feb/07

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: ingo_siebert Assignee: xwss-issues
Resolution: Incomplete Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: Windows XP
Platform: All


Attachments: Java Source File SecurityEnvironmentHandler.java    
Issuezilla Id: 14

 Description   

Hi,

my JAX-WS2.1 EA3 WebService and client are using both XWSS 3.
The WS-Security is configured this way:

<xwss:SecurityConfiguration dumpMessages="false" xmlns:xwss="http://
java.sun.com/xml/ns/xwss/config">
<xwss:RequireUsernameToken passwordDigestRequired="false"
nonceRequired="true"/>
</xwss:SecurityConfiguration>

If i set nonceRequired="false", all is working well.

It seem's that this bug is somehow related to Bug number 6, but it occurs
always.

The exception on the server includes this information:
xwss.XwsSecurityInterceptor - Could not validate request:
com.sun.xml.wss.impl.WssSoapFaultException: The creation time is ahead of the
current time.; nested exception is com.sun.xml.wss.XWSSecurityException:
com.sun.xml.wss.impl.WssSoapFaultException: The creation time is ahead of the
current time.

Is it possible to provide a build which fixed this bug? That would be great.
Cheers,

Ingo



 Comments   
Comment by shyam_rao [ 31/Jan/07 ]

please check my comments on issue# 6
(https://xwss.dev.java.net/issues/show_bug.cgi?id=6). It might help you in
resolving the problem on client side.

Issue# 6 was fixed couple of months back in xwss2.0 & xwss3.0

If you still see this issue, send me your SecurityEnvironmentHandler file.

Comment by ingo_siebert [ 31/Jan/07 ]

Yes i'm aware of that issue, but i thought it occurs now every time.

The java client sends this:
<wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
wssecurity-utility-1.0.xsd">2007-01-31T11:08:23.686Z</wsu:Created>

If i change the message code to "2007-01-31T11:09:23.010Z", it's working. It's
seems that it is still the same bug.

It's working with a .Net client. The .Net client sends this:
<wsu:Created>2007-01-31T10:46:19Z</wsu:Created>

Are you really sure that it is fixed?

Which SecurityEnvironmentHandler file do you mean?
The client callback class or the securityPolicy.xml?

Ingo

Comment by shyam_rao [ 31/Jan/07 ]

I am talking about client callback class.
Are you using latest xwss3.0 ?

Comment by ingo_siebert [ 31/Jan/07 ]

I'm using the official 3.0 release, no nightly build.

The Java webservice client is only a test client at the moment, that's why the
callback class is pretty simple. I will add an attachment, but why do you think
it will help?

Ingo

Comment by ingo_siebert [ 31/Jan/07 ]

Created an attachment (id=9)
My client callback handler

Comment by kumarjayanti [ 01/Feb/07 ]

Downgrading to P3 since it does not affect any Interop Scenarios right now and
hence is not blocking WSIT-M3 criteria.

Shyam has started working on this issue. We also need a reproducable testcase to
be able to reproduce the problem first.

Comment by shyam_rao [ 01/Feb/07 ]

I am not able to reproduce this problem. Send me the reproducable testcase.

Have you written any DefaultTimestampValidator in server-side callback class in
your sample? If yes, then search for the pattern
"yyyy-MM-dd'T'HH:mm:ss'.'sss'Z'" and if you find any such pattern then replace
it with "yyyy-MM-dd'T'HH:mm:ss'.'SSS'Z'". Now Run the sample and see whether it
passes or not.

Comment by shyam_rao [ 01/Feb/07 ]

Adding to my previous comment :

send the complete server side stacktrace.

Are you using spring framework for client & server side implementation ?

Comment by ingo_siebert [ 02/Feb/07 ]

Yes, i'm using Spring-WS at server side.
But S-WS is reusing existing implementations where ever it can so i thought it's
most likely a XWSS bug as it was before(issue #6). I thought it may slipped in
again in XWSS3, after it had been fixed in XWSS2.

I informed Arjen of S-WS and asking if he is using his own timestamp validator.
Because i'm on a nightly build on S-WS, i haven't the source available at my
debugger.

I'll post more if i know more. If possible, i'll create a test case.

Ingo

Comment by shyam_rao [ 02/Feb/07 ]

It was a XWSS bug found in Issue# 6. But now its already fixed from our side a
couple of months back. So you need to fix the DefaultTimestampValidator
Implementation in your side.

I have had a look into Spring-WS's DefaultTimestampValidator implementation
found at (
http://static.springframework.org/spring-ws/site/xref/org/springframework/ws/soap/security/xwss/callback/DefaultTimestampValidator.html).
Is it the same implementation being used by S-WS ?

In this implementation, you will have to replace
"yyyy-MM-dd'T'HH:mm:ss'.'sss'Z'" with "yyyy-MM-dd'T'HH:mm:ss'.'SSS'Z'" . That
would solve the problem.

Comment by ingo_siebert [ 02/Feb/07 ]

Hi,

it's really a bug of Spring-WS and not of XWSS. It'll be fixed in the next
Spring-WS version. Sorry for the inconvenience.

Ingo





[XWSS-13] Key Usage X.509 extension Created: 14/Jan/07  Updated: 14/Jan/07

Status: Open
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Improvement Priority: Major
Reporter: tetsuo_shima Assignee: xwss-issues
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 13

 Description   

XWSS should check that the Key Usage extension for X.509 certificates is being
adhered to when the key is used. For example, a key that has only "Key
Encipherment" Key Usage should fail if used for signing a message.






[XWSS-12] internationalize Exception Messages Created: 04/Jan/07  Updated: 09/Jan/07

Status: Open
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Improvement Priority: Major
Reporter: kumarjayanti Assignee: xwss-issues
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 12

 Description   

internationalize Exception Messages.
Try to add more info to all the Messages, something like client identifier, more
context information, and in cases where we say something is not supported then
say what is supported.



 Comments   
Comment by kumarjayanti [ 09/Jan/07 ]

Marking it as an Enhancement because this has not been the GF Logging guideline.
XWSS 2.0 has a huge codebase and internationalizing all the exceptions would
take some time.





[XWSS-11] Fix Findbugs reported issues Created: 04/Jan/07  Updated: 09/Jan/07  Resolved: 09/Jan/07

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: kumarjayanti Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 11

 Description   

Fix Findbugs reported issues



 Comments   
Comment by kumarjayanti [ 09/Jan/07 ]

Fixed by Shyam..





[XWSS-10] empty password are not transmitted => server receives a null value Created: 30/Nov/06  Updated: 30/Nov/06

Status: Open
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Minor
Reporter: kumarjayanti Assignee: kumarjayanti
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 10

 Description   

MIGRATING the Issue from JAXWS to XWSS :
--------------------------------------------------
Hi!

I'm using a simlpe handler to set username and password (see at the end of my
report).
If i set a password like this
cb.setPassword("r")
, all is working well.

But if the user sets an empty password
cb.setPassword("")
, which is an empty string, the <password> element is missing in
wsse:UsernameToken of the SOAP message. The result on the server is, that i get
'null' for my password and not an empty string.

Cheers,

Ingo

public class SecurityEnvironmentHandler implements CallbackHandler {

private static final UnsupportedCallbackException unsupported =
new UnsupportedCallbackException(null, "Unsupported Callback Type
Encountered");

public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {

for (int i=0; i < callbacks.length; i++) {

if (callbacks[i] instanceof UsernameCallback)

{ UsernameCallback cb = (UsernameCallback)callbacks[i]; cb.setUsername("Max Musterman"); }

else if (callbacks[i] instanceof PasswordCallback)

{ PasswordCallback cb = (PasswordCallback) callbacks[i]; cb.setPassword(""); }

else

{ throw unsupported; }

}
}
}

That's my security policy:

<xwss:Service conformance= "bsp">
<xwss:SecurityConfiguration dumpMessages="true" >
<xwss:UsernameToken digestPassword="false" useNonce="false"/>
</xwss:SecurityConfiguration>
</xwss:Service>

<xwss:SecurityEnvironmentHandler>com.mycompany.SecurityEnvironmentHandler</
xwss:SecurityEnvironmentHandler>

--------------------------------------------



 Comments   
Comment by kumarjayanti [ 30/Nov/06 ]

Changing priority from P3 to P4.

The implementation is explicitly avoiding sending of Password element when the
password returned by CallbackHandler is either Null or Empty.

While this can be fixed easily we would like to know how an Empty password helps
the usecase as compared to getting Null.





[XWSS-9] Problem with XWSS and JAX-WS 2.1 EA3 Created: 16/Nov/06  Updated: 27/Nov/06  Resolved: 27/Nov/06

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: mstettler Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: Windows XP
Platform: PC


Issuezilla Id: 9

 Description   

I've created a WebService with JAX-WS 2.1 EA3 and XWSS, that is using Message
Security with a UsernameToken and a customized SecurityEnvironmentHandler. The
problem is, that the SecurityEnvironmentHandler won't be called at all. The
same code works perfectly with JAX-WS 2.0. Is there anything special to
consider regarding JAX-WS 2.1 EA3?



 Comments   
Comment by kumarjayanti [ 16/Nov/06 ]

This is a known issue and it is fixed as well. However it will take me a few
days to publish on the site such that XWSS 2.0 works with JAXWS 2.1.

Meantime if you want to give it a try with XWSS 3.0 (Early Access), you can do
so. It already works with JAXWS 2.1, but just that there could be bugs.

The GOOD News with XWSS 3.0 is that, there is just a single jar xws-security.jar
as opposed to 3 jars in XWSS 2.0 (aka xws-security.jar,
xws-security_jaxrpc.jar, security-plugin.jar)

Please download xws-security.jar from here :

https://xwss.dev.java.net/files/documents/4864/44018/xwss-3.0.zip

Note: You will still need all the other jars in your classpath (like xmlsec.jar,
xmldsig.jar, mail.jar and activation.jar, saaj-*.jar)

Let me know if this worked for you.....

Comment by kumarjayanti [ 27/Nov/06 ]

Fixed, XWSS 3.0 now works with JAXWS 2.1 EA





[XWSS-8] Backward compatibility XWSS3.0 and XWSS2.0:Server returns faultcode : SOAP-ENV:MustUnderstand Created: 03/Nov/06  Updated: 06/Nov/06  Resolved: 06/Nov/06

Status: Closed
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Critical
Reporter: eric_ekka Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Attachments: Text File 2.txt     XML File encrypt-client.xml     XML File encrypt-server.xml     XML File PingService.wsdl    
Issuezilla Id: 8

 Description   

Setup:
WSIT integrated Glassfish build v2b24

Attachments:
1)test case wsdl
2)Client/Server security config files
2)commandline log containing the request/response soap messages.

Description:
Testing backward compatibility between XWSS3.0 and XWSS2.0.
The XWSS2.0 test suite was being run against the WSIT jars (which has XWSS3.0).

The client/server side security configuration files have encrypt body.
The server returns the following fault:
<SOAP-ENV:Fault xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<faultstring>MustUnderstand
headers:[

{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}

Security]
are not understood</faultstring>
<faultcode>SOAP-ENV:MustUnderstand</faultcode>
</SOAP-ENV:Fault>



 Comments   
Comment by eric_ekka [ 03/Nov/06 ]

Created an attachment (id=5)
commandline log containing the request/response messages

Comment by eric_ekka [ 03/Nov/06 ]

Created an attachment (id=6)
test case wsdl

Comment by eric_ekka [ 03/Nov/06 ]

Created an attachment (id=7)
server security config file

Comment by eric_ekka [ 03/Nov/06 ]

Created an attachment (id=8)
client security config file

Comment by ashutoshshahi [ 06/Nov/06 ]

Fixed in latest workspace by Kumar

Comment by eric_ekka [ 06/Nov/06 ]

Verified with WSIT build 1189

Comment by eric_ekka [ 06/Nov/06 ]

Fix verified.Closing the issue.





[XWSS-7] Backward compatibility between XWSS3.0 and XWSS2.0:Client throws NullPointerException in com.sun.xml.xwss.XWSSClientPipe.secureRequest Created: 02/Nov/06  Updated: 16/Nov/06  Resolved: 16/Nov/06

Status: Closed
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Critical
Reporter: eric_ekka Assignee: xwss-issues
Resolution: Cannot Reproduce Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Attachments: Text File 8.txt     XML File MyService_rpc-lit.wsdl     XML File sign-client.xml     XML File sign-server.xml    
Issuezilla Id: 7

 Description   

Setup:
WSIT installed on Glassfish v2 b24
XWSS2.0 tests
Attachments:
1)XWSS2.0 client/server security configuration files
2)WSDL [RPC-Literal]
3)Command line log containing client side exception

Description:
The XWSS2.0 tests were run against WSIT installed on Glassfish v2b24 to test for
backward compatibility between XWSS3.0 and XWSS2.0.

The test case was a sign body scenario.

The client threw a NullPointerException:
java.lang.NullPointerException
at com.sun.xml.xwss.XWSSClientPipe.secureRequest(XWSSClientPipe.java:220)
at com.sun.xml.xwss.XWSSClientPipe.process(XWSSClientPipe.java:107)
at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:79)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:528)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:486)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:384)
at com.sun.xml.ws.client.Stub.process(Stub.java:197)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:118)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:238)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:212)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:101)
at $Proxy28.addNumbers(Unknown Source)
at simple.client.Client.main(Unknown Source)

webservices-rt.jar and webservices-tools.jar were placed on the wsimport and
client classpath.



 Comments   
Comment by eric_ekka [ 02/Nov/06 ]

Created an attachment (id=1)
command line log containing the client side exception

Comment by eric_ekka [ 02/Nov/06 ]

Created an attachment (id=2)
Client Security Config file

Comment by eric_ekka [ 02/Nov/06 ]

Created an attachment (id=3)
Server Security Config file

Comment by eric_ekka [ 02/Nov/06 ]

Created an attachment (id=4)
WSDL

Comment by eric_ekka [ 02/Nov/06 ]

Upgrading priority to P2 , as its a backward compatibility bug and observed in
almost all tests.

Comment by kumarjayanti [ 16/Nov/06 ]

It was a problem with a particular build withi which it was tested.

Comment by eric_ekka [ 16/Nov/06 ]

With the Feature Freeze build of WSIT , this failure is not being
encountered.Closing the bug.





[XWSS-6] Timestamp validation failes at milliseconds Created: 10/Oct/06  Updated: 16/Nov/06  Resolved: 16/Nov/06

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Critical
Reporter: res1st Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: Windows XP
Platform: All


Issuezilla Id: 6

 Description   

Hi,

i'm using JWSDP2 and XWS-Security.
I creating a WS(-application) and a WS-Client to test my web service.
The WS-Client is also done with JDWSDP2.
That's my (client) security info:

<xwss:Service conformance= "bsp">
<xwss:SecurityConfiguration dumpMessages="true" >
<xwss:UsernameToken digestPassword="true" useNonce="true"/>
</xwss:SecurityConfiguration>
</xwss:Service>

My server needs the create timestamp(for password digest). If my JWSDP2-Client
creates it, it's working fine but it looks as follows:
<wsu:Created>2006-10-10T14:33:39Z</wsu:Created>

But if i use Axis with xmlsec-1.3.0 as my client technology, it creates a
timestamp which is looking as the following line:
<wsu:Created>2006-10-10T12:59:34.150Z</wsu:Created>

As you can see, XMLSEC of Apache includes milli seconds. That's why JWSDP on my
server creates this exception:

"com.sun.xml.wss.impl.callback.TimestampValidationCallback$TimestampValidationException:
The creation time is ahead of the current time".

I think it's related to this bug report:
http://forum.java.sun.com/thread.jspa?forumID=331&threadID=748336

Please fix it. Can you notify me please, if this bug is fixed in a (nightly)
build.

Ingo



 Comments   
Comment by kumarjayanti [ 10/Oct/06 ]

Hi,

Can you try with the latest jars available at :

https://xwss.dev.java.net/files/documents/4864/36186/xwss-2.0.zip

I guess this should fix your problem, because we had some other user report
this issue earlier and to the best of my knowledge we fixed it.

unzip the jar and copy this updated xws-security.jar to both your client and
server environments.

<jwspd.home>/xws-security/lib and <container.home>/xws-security/lib

I shall wait for your confirmation before trying to investigate any further fix.

Please note that TimeStampValidation can now be handled by the users if they
so desire. This can be done by handling the TimestampValidationCallback in the
CallbackHandler.

} else if (callbacks[i] instanceof TimestampValidationCallback)

{ TimestampValidationCallback cb = (TimestampValidationCallback)callbacks[i]; // handle timestamp validation here // by calling cb.setValidator(<validator instance>); }

The TimestampValidator should implement:

com.sun.xml.wss.impl.TimestampValidationCallback.TimestampValidator interface

Comment by res1st [ 11/Oct/06 ]

Hi,

sorry i forgot to tell that i already tried the latest build and i'm still
using it. But it doesn't solve the problem.
I've a few sample values here.

This Axis timestamps does NOT work:
2006-10-10T12:59:15.911Z
2006-10-10T12:59:18.364Z
2006-10-10T12:59:20.520Z
2006-10-10T12:59:22.645Z

This Axis timestamps are working:

2006-10-10T12:59:34.050Z
2006-10-10T13:04:18.022Z
2006-10-10T13:06:13.064Z

Thanks for looking for the bug.

Ingo

Comment by shyam_rao [ 15/Nov/06 ]

Are you using jwsdp2 security sample for server? If yes, then look into the file
<jwsdp2_home>/xws-security/samples/jaxws2.0/simple/src/simple/server/SecurityEnvironmentHandler.java

and search for DefaultTimestampValidator class. In this class, there is a
statement :
SimpleDateFormat calendarFormatter2 = new
SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'.'sss'Z'");

Just replace this statement with,
SimpleDateFormat calendarFormatter2 = new
SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'.'SSS'Z'");

Here millisecond format is not proper, thats the reason while validating the
timestamp, its treating milliseconds as seconds. Due to which, created time is
changing before validating it.

Let me know, if you face any problem.

Comment by shyam_rao [ 16/Nov/06 ]

It is fixed.

Comment by kumarjayanti [ 16/Nov/06 ]

Please get the Latest XWSS jars with the fix at :
https://xwss.dev.java.net/files/documents/4864/36186/xwss-2.0.zip

For obtaining fixes in samples please checkout xwss2.0 workspace.
cvs -d :pserver:yourid@cvs.dev.java.net:/cvs co -r XWSS_2_0 xwss/xwss-ri

and cd wspack-samples and look for the fixed SecurityEnvironmentHandler classes.





[XWSS-5] Regression with : com.sun.xml.wss.XWSSecurityException: SignatureTarget with URI Created: 26/Sep/06  Updated: 26/Sep/06  Resolved: 26/Sep/06

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Critical
Reporter: kumarjayanti Assignee: kumarjayanti
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 5

 Description   

There has been a regression in XWSS 2.0 with latest JDK's (1.5.0_05 onwards) due
to a possible change in NodeSetData behaviour.

A user has reported seeing this exception yesterday :
com.sun.xml.wss.XWSSecurityException: SignatureTarget with URI

{http://schemas.xmlsoap.org/soap/envelope/}

Body is not in the message

Local tests confirm that the order of references in SignatureTarget seemed to
matter .



 Comments   
Comment by kumarjayanti [ 26/Sep/06 ]

Fixed the issue : Putback Log attached below

Tag: XWSS_2_0
User: kumarjayanti
Date: 2006/09/26 03:35:21

Modified:
xwss/xwss-ri/src/com/sun/xml/wss/impl/dsig/SignatureProcessor.java

Log:
Fix for Issue#5 :
Instead of checking all the Iterable contents of NodeSetData for equality we
now just check the Root elements for equality. This is because for some reason
the Iterator over the NodeSetData does not give things in expected order anymore.

File Changes:

Directory: /xwss/xwss-ri/src/com/sun/xml/wss/impl/dsig/
=======================================================

File [changed]: SignatureProcessor.java
Url:
https://xwss.dev.java.net/source/browse/xwss/xwss-ri/src/com/sun/xml/wss/impl/dsig/SignatureProcessor.java?r1=1.2&r2=1.2.2.1
Delta lines: +23 -3
--------------------
— SignatureProcessor.java 3 Apr 2006 15:21:29 -0000 1.2
+++ SignatureProcessor.java 26 Sep 2006 10:35:18 -0000 1.2.2.1
@@ -18,7 +18,7 @@

  • [name of copyright owner]
    */
    /*
  • * $Id: SignatureProcessor.java,v 1.2 2006/04/03 15:21:29 kumarjayanti Exp $
    + * $Id: SignatureProcessor.java,v 1.2.2.1 2006/09/26 10:35:18 kumarjayanti Exp $
    *
  • Copyright 2004 Sun Microsystems, Inc. All rights reserved.
  • SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
    @@ -579,7 +579,7 @@
    }

if(optionalReqList.size () ==0 && requiredReferenceList.size () !=
signedReferenceList.size ())

{ - throw new XWSSecurityException ("Number of Targets in the message"+ + throw new XWSSecurityException ("Number of Signature Targets in the message"+ " dont match number of Targets in receiver requirements"); }

@@ -682,6 +682,25 @@
if(data1.isNodesetData ()&& data2.isNodesetData ()){
NodeSetData ns1 = (NodeSetData)(data1.getData ());
NodeSetData ns2 = (NodeSetData)(data2.getData ());
+
+ Node nsd1Root = null;
+ Node nsd2Root = null;
+
+ if (ns1 instanceof org.jcp.xml.dsig.internal.dom.DOMSubTreeData)

{ + nsd1Root = ((org.jcp.xml.dsig.internal.dom.DOMSubTreeData)ns1).getRoot(); + }

+
+ if (ns2 instanceof org.jcp.xml.dsig.internal.dom.DOMSubTreeData)

{ + nsd2Root = ((org.jcp.xml.dsig.internal.dom.DOMSubTreeData)ns2).getRoot(); + }

+
+ if (nsd1Root != null && nsd2Root != null) {
+ if(nsd1Root.isSameNode (nsd2Root) || nsd1Root.isEqualNode
(nsd2Root))

{ + return true; + }


+ }
+ return false;
+ /*
Iterator itr1 = ns1.iterator ();
Iterator itr2 = ns2.iterator ();
//based of property set we can reduce checking all the
@@ -707,6 +726,7 @@
return false;
}
return true;
+ */
}else if(data1.isOctectData () && data2.isOctectData ()){
OctetStreamData osd1 = (OctetStreamData)data1.getData ();
OctetStreamData osd2 = (OctetStreamData)data2.getData ();





[XWSS-4] NullPointerException in WSIT client code with WSS enabled Created: 21/Sep/06  Updated: 22/Sep/06  Resolved: 22/Sep/06

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Critical
Reporter: obarrot Assignee: kumarjayanti
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 4

 Description   

>> server log

[#|2006-09-14T14:57:26.546+0200|INFO|sun-appserver-pe9.1|javax.enterprise.system.stream.out|_ThreadID=11;_ThreadName=httpWorkerThread-8080-0;|
[WS-Security WEB SERVICE fr.gouv.finances.dgme.prototype.PrestoSvc] Called
'submitOneWay' with testDocIn:|#]

[#|2006-09-14T14:57:26.546+0200|INFO|sun-appserver-pe9.1|javax.enterprise.system.stream.out|_ThreadID=11;_ThreadName=httpWorkerThread-8080-0;|
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<testDocIn xmlns="http://dgme.finances.gouv.fr/prototype">
<intStrElement>
<intElement>12</intElement>
<strElement>test de string</strElement>
</intStrElement>

<binaryElement>/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAAPAA0DASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6|#]

[#|2006-09-14T14:57:26.546+0200|INFO|sun-appserver-pe9.1|javax.enterprise.system.stream.out|_ThreadID=11;_ThreadName=httpWorkerThread-8080-0;|wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwDp/FPjS1fWtUNtd6rcXGiahYQR2elLO6vmaMzb2jxGzOGaERyE4aI4wXIroJte10WdtfDVbEQ3W4pFa+HL29MJU4aN2jkBDKcqdyISVPyqQQNTW/DMLadctoWnabBqE97a3krFRALhorhJj5johJJ2tyQeW+tcXffEfwcl5IbnxRfeG9Z4TU7SztvOAnQBWVi8DozIQU3pjcFXJIVcAH//2Q==</binaryElement>
<anyElement xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xsi:type="xs:string"><test123>1 2 3 4 5 6</test123></anyElement>
</testDocIn>

#]

>> client log

*[#|2006-09-14T14:57:26.546+0200|SEVERE|sun-appserver-pe9.1|javax.enterprise.system.container.web|_ThreadID=12;_ThreadName=httpWorkerThread-8080-1;_RequestID=48e18a98-d8f9-4699-bbf0-174ff211ffbf;|StandardWrapperValve[PRESTODynamicClientServlet]:
PWC1406: Servlet.service() for servlet PRESTODynamicClientServlet threw exception
*java.lang.NullPointerException
at
com.sun.xml.wss.jaxws.impl.SecurityClientPipe.process(SecurityClientPipe.java:235)
at com.sun.xml.ws.addressing.jaxws.WsaClientPipe.process(WsaClientPipe.java:62)
at com.sun.xml.ws.protocol.soap.ClientMUPipe.process(ClientMUPipe.java:58)
at com.sun.xml.ws.handler.HandlerPipe.process(HandlerPipe.java:107)
at com.sun.xml.ws.handler.HandlerPipe.process(HandlerPipe.java:107)
at com.sun.xml.ws.client.Stub.process(Stub.java:121)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:122)
at
com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:238)
at
com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:212)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:105)
at $Proxy51.submitOneWay(Unknown Source)
at
fr.gouv.finances.dgme.prototype.AbstractPRESTOClientServlet.callSubmitOneWayWithDefaultData(AbstractPRESTOClientServlet.java:209)
at
fr.gouv.finances.dgme.prototype.AbstractPRESTOClientServlet.processDynamicRequest(AbstractPRESTOClientServlet.java:307)
at
fr.gouv.finances.dgme.prototype.PRESTODynamicClientServlet.processRequest(PRESTODynamicClientServlet.java:31)
at
fr.gouv.finances.dgme.prototype.PRESTODynamicClientServlet.doPost(PRESTODynamicClientServlet.java:51)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at
org.apache.catalina.core.ApplicationFilterChain.servletService(ApplicationFilterChain.java:397)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:276)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:586)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:556)
at
org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:246)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:185)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:586)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:73)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:182)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:586)
at
com.sun.enterprise.web.VirtualServerPipeline.invoke(VirtualServerPipeline.java:120)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:939)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:137)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:586)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:556)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:939)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:239)
at
com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:618)
at
com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.processNonBlocked(DefaultProcessorTask.java:549)
at
com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:789)
at
com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:328)
at
com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:251)
at
com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:205)
at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:252)



 Comments   
Comment by kumarjayanti [ 22/Sep/06 ]

This issue is a duplicate of Issue#73 at wsit.dev.java.net.

Marking it as fixed since it has been fixed already at wsit.dev.java.net





[XWSS-3] cvs build is failing with checkout Created: 20/Sep/06  Updated: 20/Sep/06  Resolved: 20/Sep/06

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Critical
Reporter: sameer_t Assignee: xwss-issues
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: Windows XP
Platform: All
URL: http://xwss.dev.java.net


Issuezilla Id: 3

 Description   

checkout from trunk is failing. See output on windows below.

Total time: 7 seconds
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri>build.bat
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\core\SecurityTokenReference.java:61:
cannot find symbol
[javac] symbol : class EncryptedKeySHA1Identifier
[javac] location: package com.sun.xml.wss.core.reference
[javac] import com.sun.xml.wss.core.reference.EncryptedKeySHA1Identifier;
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\SecurableSoapMessage.java:155:
package com.sun.xml.wss.util does not exist

[javac] import com.sun.xml.wss.util.NodeListImpl;
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\apachecrypto\EncryptionProcessor.java:125:
cannot find symbol
[javac] symbol : class EncryptedKeySHA1Identifier
[javac] location: package com.sun.xml.wss.core.reference
[javac] import com.sun.xml.wss.core.reference.EncryptedKeySHA1Identifier;
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\apachecrypto\EncryptionProcessor.java:267:
package com.sun.xml.ws.security
.impl does not exist
[javac] import com.sun.xml.ws.security.impl.DerivedKeyTokenImpl;
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\KeySelectorImpl.java:105:
package com.sun.xml.ws.security.impl does n
ot exist
[javac] import com.sun.xml.ws.security.impl.DerivedKeyTokenImpl;
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\SignatureProcessor.java:69:
package com.sun.xml.ws.security.impl does
not exist
[javac] import com.sun.xml.ws.security.impl.DerivedKeyTokenImpl;
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\SignatureProcessor.java:117:
cannot find symbol
[javac] symbol : class EncryptedKeySHA1Identifier
[javac] location: package com.sun.xml.wss.core.reference
[javac] import com.sun.xml.wss.core.reference.EncryptedKeySHA1Identifier;
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\WSSPolicyConsumerImpl.java:75:
package com.sun.xml.wss.util does not
exist
[javac] import com.sun.xml.wss.util.NodeListImpl;
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\HarnessUtil.java:123:
cannot find symbol
[javac] symbol : class SignatureConfirmationFilter
[javac] location: package com.sun.xml.wss.impl.filter
[javac] import com.sun.xml.wss.impl.filter.SignatureConfirmationFilter;
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\DefaultCallbackHandler.java:139:
cannot find symbol
[javac] symbol : class SAMLAssertionValidator
[javac] location: package com.sun.xml.wss.impl.callback
[javac] import com.sun.xml.wss.impl.callback.SAMLAssertionValidator;
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\DefaultCallbackHandler.java:327:
cannot find symbol
[javac] symbol : class SAMLAssertionValidator
[javac] location: class com.sun.xml.wss.impl.misc.DefaultCallbackHandler
[javac] private SAMLAssertionValidator sValidator;
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\KeyResolver.java:199:
package com.sun.xml.ws.security.impl does not e
xist
[javac] import com.sun.xml.ws.security.impl.IssuedTokenContextImpl;
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\KeyResolver.java:201:
package com.sun.xml.ws.security.impl does not e
xist
[javac] import com.sun.xml.ws.security.impl.DerivedKeyTokenImpl;
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\SecurityUtil.java:111:
package com.sun.xml.ws.security.impl does not
exist
[javac] import com.sun.xml.ws.security.impl.IssuedTokenContextImpl;
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\NewSecurityRecipient.java:127:
cannot find symbol
[javac] symbol : class SignatureConfirmationFilter
[javac] location: package com.sun.xml.wss.impl.filter
[javac] import com.sun.xml.wss.impl.filter.SignatureConfirmationFilter;
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\SecurityRecipient.java:119:
cannot find symbol
[javac] symbol : class SignatureConfirmationFilter
[javac] location: package com.sun.xml.wss.impl.filter
[javac] import com.sun.xml.wss.impl.filter.SignatureConfirmationFilter;
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\core\SecurityTokenReference.java:667:
cannot find symbol
[javac] symbol : class EncryptedKeySHA1Identifier
[javac] location: class com.sun.xml.wss.core.SecurityTokenReference
[javac] return new EncryptedKeySHA1Identifier(element);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\core\reference\X509ThumbPrintIdentifier.java:55:
cannot find symbol
[javac] symbol : variable X509ThumbPrintIdentifier_NS
[javac] location: class com.sun.xml.wss.impl.MessageConstants
[javac] private String valueType =
MessageConstants.X509ThumbPrintIdentifier_NS;
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\SecurableSoapMessage.java:1555:
cannot find symbol
[javac] symbol : class NodeListImpl
[javac] location: class com.sun.xml.wss.impl.SecurableSoapMessage
[javac] retValue = new NodeListImpl();
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\SecurableSoapMessage.java:1569:
cannot find symbol
[javac] symbol : class NodeListImpl
[javac] location: class com.sun.xml.wss.impl.SecurableSoapMessage
[javac]
((NodeListImpl)retValue).add(child);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\SecurableSoapMessage.java:1587:
cannot find symbol
[javac] symbol : class NodeListImpl
[javac] location: class com.sun.xml.wss.impl.SecurableSoapMessage
[javac]
((NodeListImpl)retValue).add(child);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\SecurableSoapMessage.java:1591:
cannot find symbol
[javac] symbol : class NodeListImpl
[javac] location: class com.sun.xml.wss.impl.SecurableSoapMessage
[javac]
((NodeListImpl)retValue).add(child);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\SecurableSoapMessage.java:1605:
cannot find symbol
[javac] symbol : class NodeListImpl
[javac] location: class com.sun.xml.wss.impl.SecurableSoapMessage
[javac]
((NodeListImpl)retValue).add(child);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\SecurableSoapMessage.java:1611:
cannot find symbol
[javac] symbol : class NodeListImpl
[javac] location: class com.sun.xml.wss.impl.SecurableSoapMessage
[javac]
((NodeListImpl)retValue).add(child);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\apachecrypto\EncryptionProcessor.java:735:
cannot find symbol
[javac] symbol : class EncryptedKeySHA1Identifier
[javac] location: class com.sun.xml.wss.impl.apachecrypto.EncryptionProcessor
[javac] EncryptedKeySHA1Identifier refElem = new
EncryptedKeySHA1Identifier(secureMessage.getSOAPPart());
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\apachecrypto\EncryptionProcessor.java:735:
cannot find symbol
[javac] symbol : class EncryptedKeySHA1Identifier
[javac] location: class com.sun.xml.wss.impl.apachecrypto.EncryptionProcessor
[javac] EncryptedKeySHA1Identifier refElem = new
EncryptedKeySHA1Identifier(secureMessage.getSOAPPart());
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\apachecrypto\EncryptionProcessor.java:1301:
cannot find symbol
[javac] symbol : method setSCTURI(java.lang.String,java.lang.String)
[javac] location: class com.sun.xml.wss.core.reference.DirectReference
[javac]
reference.setSCTURI(sct.getIdentifier().toString(), sct.getInstance());
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\apachecrypto\EncryptionProcessor.java:1379:
cannot find symbol
[javac] symbol : class DerivedKeyTokenImpl
[javac] location: class com.sun.xml.wss.impl.apachecrypto.EncryptionProcessor
[javac] DerivedKeyToken dkt = new
DerivedKeyTokenImpl(offset, length, secret);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\apachecrypto\EncryptionProcessor.java:1403:
cannot find symbol
[javac] symbol : class EncryptedKeySHA1Identifier
[javac] location: class com.sun.xml.wss.impl.apachecrypto.EncryptionProcessor
[javac] EncryptedKeySHA1Identifier refElem = new
EncryptedKeySHA1Identifier(secureMessage.getSOAPPart());
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\apachecrypto\EncryptionProcessor.java:1403:
cannot find symbol
[javac] symbol : class EncryptedKeySHA1Identifier
[javac] location: class com.sun.xml.wss.impl.apachecrypto.EncryptionProcessor
[javac] EncryptedKeySHA1Identifier refElem = new
EncryptedKeySHA1Identifier(secureMessage.getSOAPPart());
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\apachecrypto\EncryptionProcessor.java:1569:
cannot find symbol
[javac] symbol : class DerivedKeyTokenImpl
[javac] location: class com.sun.xml.wss.impl.apachecrypto.EncryptionProcessor
[javac] DerivedKeyToken dkt = new
DerivedKeyTokenImpl(offset, length, secret);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\apachecrypto\EncryptionProcessor.java:1705:
cannot find symbol
[javac] symbol : class DerivedKeyTokenImpl
[javac] location: class com.sun.xml.wss.impl.apachecrypto.EncryptionProcessor
[javac] DerivedKeyToken dkt = new DerivedKeyTokenImpl(offset,
length, secret);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\apachecrypto\EncryptionProcessor.java:1741:
cannot find symbol
[javac] symbol : method setSCTURI(java.lang.String,java.lang.String)
[javac] location: class com.sun.xml.wss.core.reference.DirectReference
[javac]
reference.setSCTURI(sct.getIdentifier().toString(), sct.getInstance());
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\apachecrypto\EncryptionProcessor.java:1775:
cannot find symbol
[javac] symbol : class DerivedKeyTokenImpl
[javac] location: class com.sun.xml.wss.impl.apachecrypto.EncryptionProcessor
[javac] DerivedKeyToken dkt = new
DerivedKeyTokenImpl(offset, length, trustContext.getProofKey());
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\KeySelectorImpl.java:2533:
cannot find symbol
[javac] symbol : class DerivedKeyTokenImpl
[javac] location: class com.sun.xml.wss.impl.dsig.KeySelectorImpl
[javac] DerivedKeyToken dkt = new DerivedKeyTokenImpl(offset,
length, secret, nonce);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\SignatureProcessor.java:451:
cannot find symbol
[javac] symbol : class DerivedKeyTokenImpl
[javac] location: class com.sun.xml.wss.impl.dsig.SignatureProcessor
[javac] DerivedKeyToken dkt = new
DerivedKeyTokenImpl(offset, length, secret);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\SignatureProcessor.java:473:
cannot find symbol
[javac] symbol : class DerivedKeyTokenImpl
[javac] location: class com.sun.xml.wss.impl.dsig.SignatureProcessor
[javac] DerivedKeyToken dkt = new
DerivedKeyTokenImpl(offset, length, prfKey);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\SignatureProcessor.java:501:
cannot find symbol
[javac] symbol : class DerivedKeyTokenImpl
[javac] location: class com.sun.xml.wss.impl.dsig.SignatureProcessor
[javac] DerivedKeyToken dkt = new
DerivedKeyTokenImpl(offset, length,
context.getSecureConversationContext().getProofKey());
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\SignatureProcessor.java:779:
cannot find symbol
[javac] symbol : class EncryptedKeySHA1Identifier
[javac] location: class com.sun.xml.wss.impl.dsig.SignatureProcessor
[javac] EncryptedKeySHA1Identifier refElem = new
EncryptedKeySHA1Identifier(secureMessage.getSOAPPart());
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\SignatureProcessor.java:779:
cannot find symbol
[javac] symbol : class EncryptedKeySHA1Identifier
[javac] location: class com.sun.xml.wss.impl.dsig.SignatureProcessor
[javac] EncryptedKeySHA1Identifier refElem = new
EncryptedKeySHA1Identifier(secureMessage.getSOAPPart());
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\SignatureProcessor.java:2393:
cannot find symbol
[javac] symbol : class EncryptedKeySHA1Identifier
[javac] location: class com.sun.xml.wss.impl.dsig.SignatureProcessor
[javac] EncryptedKeySHA1Identifier refElem = new
EncryptedKeySHA1Identifier(secureMessage.getSOAPPart());
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\SignatureProcessor.java:2393:
cannot find symbol
[javac] symbol : class EncryptedKeySHA1Identifier
[javac] location: class com.sun.xml.wss.impl.dsig.SignatureProcessor
[javac] EncryptedKeySHA1Identifier refElem = new
EncryptedKeySHA1Identifier(secureMessage.getSOAPPart());
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\SignatureProcessor.java:3357:
cannot find symbol
[javac] symbol : method setSCTURI(java.lang.String,java.lang.String)
[javac] location: class com.sun.xml.wss.core.reference.DirectReference
[javac] reference.setSCTURI(sct.getIdentifier().toString(),
sct.getInstance());
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\SignatureProcessor.java:3513:
cannot find symbol
[javac] symbol : constructor
KeyIdentifierStrategy(java.lang.String,boolean,boolean)
[javac] location: class com.sun.xml.wss.impl.keyinfo.KeyIdentifierStrategy
[javac] KeyIdentifierStrategy keyIdentifier = new
KeyIdentifierStrategy(certInfo.getCertificateIdentifier(),true, true);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\WSSPolicyConsumerImpl.java:1481:
cannot find symbol
[javac] symbol : class NodeListImpl
[javac] location: class com.sun.xml.wss.impl.dsig.WSSPolicyConsumerImpl
[javac] nodes = new NodeListImpl();
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\WSSPolicyConsumerImpl.java:1495:
cannot find symbol
[javac] symbol : class NodeListImpl
[javac] location: class com.sun.xml.wss.impl.dsig.WSSPolicyConsumerImpl
[javac]
((NodeListImpl)nodes).add(child);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\WSSPolicyConsumerImpl.java:1513:
cannot find symbol
[javac] symbol : class NodeListImpl
[javac] location: class com.sun.xml.wss.impl.dsig.WSSPolicyConsumerImpl
[javac]
((NodeListImpl)nodes).add(child);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\WSSPolicyConsumerImpl.java:1517:
cannot find symbol
[javac] symbol : class NodeListImpl
[javac] location: class com.sun.xml.wss.impl.dsig.WSSPolicyConsumerImpl
[javac]
((NodeListImpl)nodes).add(child);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\WSSPolicyConsumerImpl.java:1531:
cannot find symbol
[javac] symbol : class NodeListImpl
[javac] location: class com.sun.xml.wss.impl.dsig.WSSPolicyConsumerImpl
[javac]
((NodeListImpl)nodes).add(child);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\dsig\WSSPolicyConsumerImpl.java:1537:
cannot find symbol
[javac] symbol : class NodeListImpl
[javac] location: class com.sun.xml.wss.impl.dsig.WSSPolicyConsumerImpl
[javac]
((NodeListImpl)nodes).add(child);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\HarnessUtil.java:179:
cannot find symbol
[javac] symbol : variable SignatureConfirmationFilter
[javac] location: class com.sun.xml.wss.impl.HarnessUtil
[javac] SignatureConfirmationFilter.process(fpContext);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\HarnessUtil.java:195:
cannot find symbol
[javac] symbol : method
processX509Token(com.sun.xml.wss.impl.FilterProcessingContext)
[javac] location: class com.sun.xml.wss.impl.filter.AuthenticationTokenFilter
[javac] AuthenticationTokenFilter.processX509Token(fpContext);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\DefaultCallbackHandler.java:665:
cannot find symbol
[javac] symbol : class ThumbprintBasedRequest
[javac] location: class
com.sun.xml.wss.impl.callback.SignatureVerificationKeyCallback
[javac] } else if (cb.getRequest() instanceof
SignatureVerificationKeyCallback.ThumbprintBasedRequest)

{ [javac] ^ [javac] F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\DefaultCallbackHandler.java:667: cannot find symbol [javac] symbol : class ThumbprintBasedRequest [javac] location: class com.sun.xml.wss.impl.callback.SignatureVerificationKeyCallback [javac] SignatureVerificationKeyCallback.ThumbprintBasedRequest request = [javac] ^ [javac] F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\DefaultCallbackHandler.java:669: cannot find symbol [javac] symbol : class ThumbprintBasedRequest [javac] location: class com.sun.xml.wss.impl.callback.SignatureVerificationKeyCallback [javac] (SignatureVerificationKeyCallback.ThumbprintBasedRequest) cb.getRequest(); [javac] ^ [javac] F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\DefaultCallbackHandler.java:797: cannot find symbol [javac] symbol : class ThumbprintBasedRequest [javac] location: class com.sun.xml.wss.impl.callback.DecryptionKeyCallback [javac] }

else if (cb.getRequest() instanceof
DecryptionKeyCallback.ThumbprintBasedRequest)

{ [javac] ^ [javac] F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\DefaultCallbackHandler.java:799: cannot find symbol [javac] symbol : class ThumbprintBasedRequest [javac] location: class com.sun.xml.wss.impl.callback.DecryptionKeyCallback [javac] DecryptionKeyCallback.ThumbprintBasedRequest request = [javac] ^ [javac] F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\DefaultCallbackHandler.java:801: cannot find symbol [javac] symbol : class ThumbprintBasedRequest [javac] location: class com.sun.xml.wss.impl.callback.DecryptionKeyCallback [javac] (DecryptionKeyCallback.ThumbprintBasedRequest) cb.getRequest(); [javac] ^ [javac] F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\DefaultCallbackHandler.java:967: package SAMLAssertionValidator does not exist [javac] }

catch (SAMLAssertionValidator.SAMLValidationException e) {
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\DefaultCallbackHandler.java:2279:
cannot find symbol
[javac] symbol : class SAMLAssertionValidator
[javac] location: class com.sun.xml.wss.impl.misc.DefaultCallbackHandler
[javac] sValidator =
(SAMLAssertionValidator)samlValidator.newInstance();
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\DefaultSecurityEnvironmentImpl.java:869:
cannot find symbol
[javac] symbol : class ThumbprintBasedRequest
[javac] location: class com.sun.xml.wss.impl.callback.DecryptionKeyCallback
[javac] new
DecryptionKeyCallback.ThumbprintBasedRequest(identifier);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\DefaultSecurityEnvironmentImpl.java:1081:
cannot find symbol
[javac] symbol : class ThumbprintBasedRequest
[javac] location: class
com.sun.xml.wss.impl.callback.SignatureVerificationKeyCallback
[javac] new
SignatureVerificationKeyCallback.ThumbprintBasedRequest(identifier);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\KeyResolver.java:2159:
cannot find symbol
[javac] symbol : class DerivedKeyTokenImpl
[javac] location: class com.sun.xml.wss.impl.misc.KeyResolver
[javac] DerivedKeyToken dkt = new DerivedKeyTokenImpl(offset,
length, secret, nonce);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\SecurityUtil.java:677:
cannot find symbol
[javac] symbol : class IssuedTokenContextImpl
[javac] location: class com.sun.xml.wss.impl.misc.SecurityUtil
[javac] IssuedTokenContextImpl ictx =
(IssuedTokenContextImpl)wssContext.getTrustCredentialHolder();
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\SecurityUtil.java:677:
cannot find symbol
[javac] symbol : class IssuedTokenContextImpl
[javac] location: class com.sun.xml.wss.impl.misc.SecurityUtil
[javac] IssuedTokenContextImpl ictx =
(IssuedTokenContextImpl)wssContext.getTrustCredentialHolder();
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\misc\SecurityUtil.java:681:
cannot find symbol
[javac] symbol : class IssuedTokenContextImpl
[javac] location: class com.sun.xml.wss.impl.misc.SecurityUtil
[javac] ictx = new IssuedTokenContextImpl();
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\NewSecurityRecipient.java:833:
cannot find symbol
[javac] symbol : variable SignatureConfirmationFilter
[javac] location: class com.sun.xml.wss.impl.NewSecurityRecipient
[javac] SignatureConfirmationFilter.process(fpContext);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\impl\SecurityRecipient.java:2149:
cannot find symbol
[javac] symbol : variable SignatureConfirmationFilter
[javac] location: class com.sun.xml.wss.impl.SecurityRecipient
[javac] SignatureConfirmationFilter.process(fpContext);
[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\saml\assertion\saml11\jaxb10\Assertion.java:103:
com.sun.xml.wss.saml.assertion
.saml11.jaxb10.Assertion is not abstract and does not override abstract method
sign(javax.xml.crypto.dsig.DigestMethod,java.lang.String,java.security.
cert.X509Certificate,java.security.PrivateKey) in com.sun.xml.wss.saml.Assertion
[javac] public class Assertion extends
com.sun.xml.wss.saml.internal.saml11.jaxb10.impl.AssertionImpl implements
com.sun.xml.wss.saml.Assertion {

[javac] ^
[javac]
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri\src\com\sun\xml\wss\saml\assertion\saml11\jaxb20\Assertion.java:108:
com.sun.xml.wss.saml.assertion
.saml11.jaxb20.Assertion is not abstract and does not override abstract method
sign(javax.xml.crypto.dsig.DigestMethod,java.lang.String,java.security.
cert.X509Certificate,java.security.PrivateKey) in com.sun.xml.wss.saml.Assertion
[javac] public class Assertion extends
com.sun.xml.wss.saml.internal.saml11.jaxb20.AssertionType implements
com.sun.xml.wss.saml.Assertion {
[javac] ^
[javac] Note: Some input files use unchecked or unsafe operations.
[javac] Note: Recompile with -Xlint:unchecked for details.
[javac] 70 errors

BUILD FAILED
file:F:/temp/CVSCheckOuts/xwss/xwss/xwss-ri/build.xml:273: Compile failed; see
the compiler error output for details.

Total time: 7 seconds
F:\temp\CVSCheckOuts\xwss\xwss\xwss-ri>



 Comments   
Comment by kumarjayanti [ 20/Sep/06 ]

Just run "ant" and it should build XWSS.

Note: The tip of XWSS now contains XWSS 3.0 which is still under development.

If you need XWSS 2.0 then please checkout the branch "XWSS_2_0"





[XWSS-2] Incorrect handling Signature when a QName resolves to multiple nodes Created: 08/Sep/06  Updated: 09/Jan/07  Resolved: 09/Jan/07

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: kumarjayanti Assignee: xwss-issues
Resolution: Won't Fix Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All


Issuezilla Id: 2

 Description   

When a QName target resolves to multiple Nodes in the document, the
implementation is unable to handle things correctly.

1. Only the last of the node reference is signed
2. The Signed node reference has EXC14n transform specified N-1 times.



 Comments   
Comment by kumarjayanti [ 27/Nov/06 ]

This bug is not relevant for WSIT (it was filed on XWSS 2.0)

Comment by kumarjayanti [ 09/Jan/07 ]

Not relevant to WSIT.
Will not be fixed unless some user actually runs into this issue with XWSS 2.0.





[XWSS-1] SubjectAccessor API Broken for JAXWS Services Created: 09/Aug/06  Updated: 09/Aug/06  Resolved: 09/Aug/06

Status: Resolved
Project: xwss
Component/s: www
Affects Version/s: current
Fix Version/s: milestone 1

Type: Bug Priority: Major
Reporter: