axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chamara Philips <>
Subject Concurrency issue with DocumentBuilderFactoryImpl.setDOOMRequired in SAMLTokenIssuer
Date Fri, 25 Mar 2016 07:02:05 GMT
Hi devs,

There are two issues found when we test WSO2 Identity Server with Passive
STS and SAML SSO. We do a load test by sending requests to passivests
endpoint requesting for a user login. And we try to login through SAML SSO
endpoint at the sametime. Attached NPE was given when doing this.
We have found the [1],[2],[3],[4] which described the scenario and the fix
for this issue.

But at the moment we have a problem with upgrading wso2-rampart to use the
latest apache-rampart version which has the fix for this issue. We are
using axiom version 1.2.11-wso2v5 and rampart version 1.6.1-wso2v17.

The issue is with [5] [6] lines. We need to introduce the AxiomParserPool
to get rid of this. But the existing axiom version doesn't support this.
Any thoughts to overcome this with existing resources is highly



Thanks & Regards,
Hareendra Chamara Philips

View raw message