Project

General

Profile

Bug #316

prodpaos.governikus-eid.de fails to process specifcation conforming StartPAOS message

Added by Tobias Wich over 6 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
eID-Server
Start date:
07/14/2014
Due date:
% Done:

0%

Estimated time:
Reviewer:

Description

Said server responds with an Internal Server Error (500) when it receives a StartPAOS message according to the specification in BSI TR-03112-7 v1.1.4, Sec. 2.6.

The following log containing the messages as sent to the server has been created by starting an authentication against https://www.buergerserviceportal.de/bayern/wuerzburg/public/classic/register.

2014-07-14 14:27:20,623 [PAOS] WARN  o.o.crypto.tls.auth.DynamicAuthentication:-1 - No certificate verifier available, skipping certificate verification.
2014-07-14 14:27:20,792 [PAOS] DEBUG org.openecard.transport.httpcore.HttpUtils:-1 - HTTP Request (before adding content):
  POST /ecardpaos/paosreceiver?sessionid=d2086c14-00a4-49a5-90ca-881495f4eaa0 HTTP/1.1
  Connection: keep-alive
  User-Agent: Open-eCard-App/1.1.0-SNAPSHOT
  Host: prodpaos.governikus-eid.de:443
  PAOS: ver="urn:liberty:paos:2006-08" 
  Accept: text/html; application/vnd.paos+xml

2014-07-14 14:27:20,799 [PAOS] DEBUG org.openecard.transport.paos.PAOS:-1 - Message sent:
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<Envelope xmlns="http://schemas.xmlsoap.org/soap/envelope/">
  <Header>
    <PAOS xmlns:ns0="http://schemas.xmlsoap.org/soap/envelope/" ns0:actor="http://schemas.xmlsoap.org/soap/actor/next" xmlns:ns1="http://schemas.xmlsoap.org/soap/envelope/" ns1:mustUnderstand="1" xmlns="urn:liberty:paos:2006-08">
      <Version>urn:liberty:paos:2006-08</Version>
      <EndpointReference>
        <Address>http://www.projectliberty.org/2006/01/role/paos</Address>
        <MetaData>
          <ServiceType>http://www.bsi.bund.de/ecard/api/1.1/PAOS/GetNextCommand</ServiceType>
        </MetaData>
      </EndpointReference>
    </PAOS>
    <ReplyTo xmlns="http://www.w3.org/2005/03/addressing">
      <Address>http://www.projectliberty.org/2006/02/role/paos</Address>
    </ReplyTo>
    <MessageID xmlns="http://www.w3.org/2005/03/addressing">urn:uuid:015e9b9e-c6bc-4de0-9899-716930db5d31</MessageID>
  </Header>
  <Body>
    <iso:StartPAOS xmlns:iso="urn:iso:std:iso-iec:24727:tech:schema" xmlns:ns10="http://uri.etsi.org/01903/v1.3.2#" xmlns:ns11="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ns12="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ns13="http://www.w3.org/2001/04/xmlenc#" xmlns:ns14="http://ws.openecard.org/schema" xmlns:ns15="http://www.w3.org/2001/04/xmldsig-more#" xmlns:ns16="http://www.w3.org/2007/05/xmldsig-more#" xmlns:ns2="urn:oasis:names:tc:dss:1.0:core:schema" xmlns:ns3="http://www.w3.org/2000/09/xmldsig#" xmlns:ns4="http://www.bsi.bund.de/ecard/api/1.1" xmlns:ns5="http://uri.etsi.org/02231/v2.1.1#" xmlns:ns6="http://uri.etsi.org/02231/v2.x#" xmlns:ns7="http://uri.etsi.org/02231/v3.1.2#" xmlns:ns8="http://www.setcce.org/schemas/ers" xmlns:ns9="urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:schema#" Profile="http://www.bsi.bund.de/ecard/api/1.1">
      <iso:SessionIdentifier>d2086c14-00a4-49a5-90ca-881495f4eaa0</iso:SessionIdentifier>
      <iso:ConnectionHandle>
        <iso:ChannelHandle>
          <iso:SessionIdentifier>4DYYK4LXQRBgLC6t1R_u_A</iso:SessionIdentifier>
        </iso:ChannelHandle>
        <iso:ContextHandle>184C653A60882185708D8B3BF9B0FE8F</iso:ContextHandle>
        <iso:IFDName>REINER SCT cyberJack RFID basis 01 00</iso:IFDName>
        <iso:SlotIndex>0</iso:SlotIndex>
        <iso:CardApplication>3F00</iso:CardApplication>
        <iso:SlotHandle>C9C73C13E993B9483397E02327D336D2</iso:SlotHandle>
        <iso:RecognitionInfo>
          <iso:CardType>http://bsi.bund.de/cif/npa.xml</iso:CardType>
          <iso:CardIdentifier>3B8A80018031F873F741E082900075</iso:CardIdentifier>
        </iso:RecognitionInfo>
      </iso:ConnectionHandle>
      <iso:UserAgent>
        <iso:Name>Open eCard App</iso:Name>
        <iso:VersionMajor>1</iso:VersionMajor>
        <iso:VersionMinor>1</iso:VersionMinor>
        <iso:VersionSubminor>0</iso:VersionSubminor>
      </iso:UserAgent>
      <iso:SupportedAPIVersions>
        <iso:Major>1</iso:Major>
        <iso:Minor>1</iso:Minor>
        <iso:Subminor>4</iso:Subminor>
      </iso:SupportedAPIVersions>
      <iso:SupportedDIDProtocols>urn:oid:1.3.162.15480.3.0.14</iso:SupportedDIDProtocols>
      <iso:SupportedDIDProtocols>urn:oid:1.3.162.15480.3.0.14.2</iso:SupportedDIDProtocols>
      <iso:SupportedDIDProtocols>urn:oid:1.3.162.15480.3.0.25</iso:SupportedDIDProtocols>
      <iso:SupportedDIDProtocols>urn:oid:1.3.162.15480.3.0.9</iso:SupportedDIDProtocols>
    </iso:StartPAOS>
  </Body>
</Envelope>

2014-07-14 14:27:20,890 [PAOS] DEBUG org.openecard.transport.httpcore.HttpUtils:-1 - HTTP Response:
  HTTP/1.1 500 Internal Server Error
  Server: Apache-Coyote/1.1
  Content-Type: text/html;charset=utf-8
  Content-Length: 1799
  Date: Mon, 14 Jul 2014 12:27:18 GMT
  Connection: close
<html><head><title>JBoss Web/7.0.16.Final - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 500 - </h1><HR size="1" noshade="noshade"><p><b>type</b> Exception report</p><p><b>message</b> <u></u></p><p><b>description</b> <u>The server encountered an internal error () that prevented it from fulfilling this request.</u></p><p><b>exception</b> <pre>java.lang.NullPointerException
    de.bos_bremen.eid.authentication.paos.handler.AusweisAppPaosHandler.&lt;init&gt;(AusweisAppPaosHandler.java:49)
    de.bos_bremen.eid.authentication.paos.handler.PaosHandlerFactory.tryCreateNewInstances(PaosHandlerFactory.java:161)
    de.bos_bremen.eid.authentication.paos.handler.PaosHandlerFactory.newInstance(PaosHandlerFactory.java:111)
    de.bos_bremen.eid.authentication.paos.PaosReceiver.doPost(PaosReceiver.java:99)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
    de.bos_bremen.eid.server.filter.CSPFilter.doFilter(CSPFilter.java:36)
</pre></p><p><b>note</b> <u>The full stack trace of the root cause is available in the JBoss Web/7.0.16.Final logs.</u></p><HR size="1" noshade="noshade"><h3>JBoss Web/7.0.16.Final</h3></body></html>

Also available in: Atom PDF