Issue

• It would appear that the secure processing in Xalan 2.7.2 (as packaged in JBoss Fuse 6.1 R2) has an issue with producing attributes.
  • the issue occurs in JBoss Fuse 6.1.0 R2
  • the issue occurs in JBoss Fuse 6.1.0 R2P6
  • the issue does NOT occur in an unpatched JBoss Fuse 6.1.0
• When a stylesheet containing a literal element with a literal attribute is loaded the following exception is produced.

  javax.xml.transform.TransformerException: "myattrib" attribute is not allowed on the row element!
    at org.apache.xalan.processor.StylesheetHandler.error(StylesheetHandler.java:904)[:]
    at org.apache.xalan.processor.StylesheetHandler.error(StylesheetHandler.java:947)[:]
    at org.apache.xalan.processor.XSLTElementProcessor.setPropertiesFromAttributes(XSLTElementProcessor.java:347)[:]
    at org.apache.xalan.processor.XSLTElementProcessor.setPropertiesFromAttributes(XSLTElementProcessor.java:267)[:]
    at org.apache.xalan.processor.ProcessorLRE.startElement(ProcessorLRE.java:283)[:]
    at org.apache.xalan.processor.StylesheetHandler.startElement(StylesheetHandler.java:623)[:]
    at org.apache.xerces.parsers.AbstractSAXParser.startElement(Unknown Source)[:]
    at org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanStartElement(Unknown Source)[:]
    at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown Source)[:]
    at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)[:]
    at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)[:]
    at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)[:]
    at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)[:]
    at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source)[:]
    at org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown Source)[:]
    at org.apache.xalan.processor.TransformerFactoryImpl.newTemplates(TransformerFactoryImpl.java:917)[:]
    at org.apache.camel.builder.xml.XsltBuilder.setTransformerSource(XsltBuilder.java:329)[142:org.apache.camel.camel-core:2.12.0.redhat-610379]
    at org.apache.camel.component.xslt.XsltEndpoint.loadResource(XsltEndpoint.java:112)[142:org.apache.camel.camel-core:2.12.0.redhat-610379]
    at org.apache.camel.component.xslt.XsltEndpoint.doStart(XsltEndpoint.java:121)[142:org.apache.camel.camel-core:2.12.0.redhat-610379]
    at ...

• Alternatively the issue can be reproduced in Xalan directly on the command line
  • Works : using libs from JBoss Fuse 6.1 (unpatched)

java 
  -cp org.apache.servicemix.bundles.xalan-2.7.1_7.jar;org.apache.karaf.bundles.xalan-serializer-2.7.1-2.3.0.redhat-610379.jar;org.apache.karaf.bundles.xerces-2.11.0-2.3.0.redhat-610379.jar
  org.apache.xalan.xslt.Process
  -SECURE -XSL transform-xalan-attrib.xsl
  -IN data-xalan-attrib.xml
  -OUT out-6.1-secure.xml

• Works : using libs from JBoss Fuse 6.1 R2 (non secure processing)

java 
  -cp org.apache.servicemix.bundles.xalan-2.7.2_2.jar;org.apache.servicemix.bundles.xalan-serializer-2.7.2_1.jar;org.apache.karaf.bundles.xerces-2.11.0-2.3.0.redhat-610379.jar
  org.apache.xalan.xslt.Process
 -XSL transform-xalan-attrib.xsl
 -IN data-xalan-attrib.xml
 -OUT out-6.1r2-nonsec.xml

• Fails : using libs from JBoss Fuse 6.1 R2 (secure processing)

java 
  -cp org.apache.servicemix.bundles.xalan-2.7.2_2.jar;org.apache.servicemix.bundles.xalan-serializer-2.7.2_1.jar;org.apache.karaf.bundles.xerces-2.11.0-2.3.0.redhat-610379.jar
  org.apache.xalan.xslt.Process 
  -SECURE 
  -XSL transform-xalan-attrib.xsl 
  -IN data-xalan-attrib.xml 
  -OUT out-6.1r2-secure.xml

• The processor emits the following error:

file:///C:/...../transform-xalan-attrib.xsl; Line #12; Column #33; "myattrib" attribute is not allowed on the row element!

• Our workaround for the moment is to set saxon=true in all effected xslt Camel URIs (dependent on whether the stylesheet contains iteral attributes) .