Skip to content

WSS Broken #17

New issue
New issue
Open
Open
WSS Broken#17
Labels
bug
@robvinson

Description

@robvinson
robvinson
opened on Dec 9, 2016

The SAMLRaider request editor had the string "" when intercepting some WSS SAML requests. The stack trace was a RuntimeException: "com.sun.org.apache.xerces.internal.dom.DeferredTextImpl cannot be cast to org.w3c.dom.Element". I narrowed this down to:

XMHelpers.java - getSAMLResponseOfSOAP():

Element SAMLresponseOld = (Element) body.getFirstChild();

Note: For what it's worth maybe it'd be better to use a Node here instead of element, and then check to see if the Node is of the type you are expecting?

In this case though, the first element of the body is not a SAML element, because this is WSSE everything SAML related is in the SOAP header element. Working backward and reviewing SamlTabController.java leads to the isWSSMessage boolean which is only set to true in isSAMLMessage() and only if helpers.getRequestParameter(content, "wresult") is non-null. Searching around for where the wresult parameter is set leads to getMessage():

if (isWSSMessage) {
    parameterToUpdate = "wresult";
}

Unless I've missed something, it seems isWSSMessage is only set when the wresult parameter is set, and wresult is only set when isWSSMessage is set, a circular dependency.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions