axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andreas Veithen <andreas.veit...@gmail.com>
Subject Re: Concurrency issue with DocumentBuilderFactoryImpl.setDOOMRequired in SAMLTokenIssuer
Date Fri, 25 Mar 2016 09:06:42 GMT
On Fri, Mar 25, 2016 at 7:02 AM, Chamara Philips <chcphilips.uom@gmail.com>
wrote:

> Hi devs,
>
> There are two issues found when we test WSO2 Identity Server with Passive
> STS and SAML SSO. We do a load test by sending requests to passivests
> endpoint requesting for a user login. And we try to login through SAML SSO
> endpoint at the sametime. Attached NPE was given when doing this.
> We have found the [1],[2],[3],[4] which described the scenario and the fix
> for this issue.
>
> But at the moment we have a problem with upgrading wso2-rampart to use the
> latest apache-rampart version which has the fix for this issue. We are
> using axiom version 1.2.11-wso2v5 and rampart version 1.6.1-wso2v17.
>

The latest Apache Rampart version is designed to work with recent Apache
Axiom versions. It is unlikely that you will be able to make it work with
WSO2's fork of Axiom, which is based on an ancient version.


> The issue is with [5] [6] lines. We need to introduce the AxiomParserPool
> to get rid of this. But the existing axiom version doesn't support this.
> Any thoughts to overcome this with existing resources is highly
> appreciated.
>
>
> [1]
> http://www.archivum.info/axis-user@ws.apache.org/2007-02/00065/Re-(Axis2-1.0)-Rampart-Axoim-Threading-Issues.html
> [2] http://mail.wso2.org/mailarchive/dev/2014-January/026710.html
> [3] https://issues.apache.org/jira/browse/AXIS2-1570
> [4] https://issues.apache.org/jira/browse/AXIOM-332
> [5]
> https://github.com/wso2/wso2-rampart/blob/master/modules/rampart-trust/src/main/java/org/apache/rahas/impl/SAMLTokenIssuer.java#L132
>
> [6]
> https://github.com/wso2/wso2-rampart/blob/master/modules/rampart-trust/src/main/java/org/apache/rahas/impl/SAMLTokenIssuer.java#L293
>
> Thanks & Regards,
> Hareendra Chamara Philips
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
> For additional commands, e-mail: java-dev-help@axis.apache.org
>

Mime
View raw message