Accessing a service with a WS-Policy element containing an XPath expression with a comparison ('<') fails with a ParseError

[Tomas-Kraus]

I get an exception using JAX-WS 2.2 to access a service that contains XML special characters in a WS-Policy element.

Example: <wsp:Policy wsu:Id="DemoPolicy"> wsp:MessagePredicatestring-length(wsp:body()//tns:root) <= 4</wsp:MessagePredicate> </wsp:Policy>

'wsp:MessagePredicate' may contain any XPath 1.0 expression, so this should be legal. Unfortunately, accessing such a service leads to a javax.xml.stream.XMLStreamException: ParseError at [row,col]:[16,221] Message: The content of elements must consist of well-formed character data or markup.

The problem seems to be that the policy is parsed twice. I found that in method com.sun.xml.ws.policy.jaxws.SafePolicyReader.readPolicyElement(XMLStreamReader, String) there's a StringBuffer containing the policy element. The less character ('<') is already decoded, so I assume the WSDL war parsed into this String. In line 284 (JAX-WS RT 2.2.8), it is unmarshalled once more, leading to the Exception.

Environment

Any Java environment running JAX-WS 2.2 (e.g. JDK 7)

Affected Versions

[2.2, 2.2.1, 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.7, 2.2.8]

Source: https://github.com/javaee/metro-jax-ws/issues/1136 Author: glassfishrobot