cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Kulp <dk...@apache.org>
Subject Re: WS-Security concurrency issue with CXF 2.2.12 + WSS4J 1.5.10
Date Wed, 01 Jun 2011 15:01:07 GMT
On Wednesday, June 01, 2011 4:52:24 AM Alessio Soldano wrote:
> Hi,
> we're running some WS-Security load tests with Apache CXF 2.2.12 + WSS4J
> 1.5.10 and might have found a concurrency issue.

I know this was an issue with 1.5.6 or so that I fixed (or thought I fixed) a 
long time ago.    It was way more apparent with 64bit JDK's than 32bit as well 
due to the way WSS4J was hashing doc objects and such.   However, I really 
thought this was fixed.      

Is this something that you can create a small maven testcase for to 
demonstrate?   I'm not really sure what would be going on.  :-(

Dan


> We're getting the following exception:
> 
> [runTest(bash)] OUT>  Caused by: java.util.ConcurrentModificationException
> [runTest(bash)] OUT>  	at
> java.util.AbstractList$Itr.checkForComodification(AbstractList.java:372)
> [runTest(bash)] OUT>  	at
> java.util.AbstractList$Itr.next(AbstractList.java:343) [runTest(bash)]
> OUT>  	at
> org.apache.ws.security.WSDocInfo.getSecurityTokenReference(WSDocInfo.java:
> 86) [runTest(bash)] OUT>  	at
> org.apache.ws.security.message.EnvelopeIdResolver.engineResolve(EnvelopeId
> Resolver.java:114) [runTest(bash)] OUT>  	at
> org.apache.xml.security.utils.resolver.ResourceResolver.resolve(Unknown
> Source) [runTest(bash)] OUT>  	at
> org.apache.xml.security.signature.Reference.getContentsBeforeTransformatio
> n(Unknown Source) [runTest(bash)] OUT>  	at
> org.apache.xml.security.signature.Reference.dereferenceURIandPerformTransf
> orms(Unknown Source) [runTest(bash)] OUT>  	at
> org.apache.xml.security.signature.Reference.calculateDigest(Unknown
> Source) [runTest(bash)] OUT>  	at
> org.apache.xml.security.signature.Reference.verify(Unknown Source)
> [runTest(bash)] OUT>  	at
> org.apache.xml.security.signature.Manifest.verifyReferences(Unknown
> Source) [runTest(bash)] OUT>  	at
> org.apache.xml.security.signature.SignedInfo.verify(Unknown Source)
> [runTest(bash)] OUT>  	at
> org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown
> Source) [runTest(bash)] OUT>  	at
> org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown
> Source) [runTest(bash)] OUT>  	at
> org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(Sig
> natureProcessor.java:470) [runTest(bash)] OUT>  	at
> org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureP
> rocessor.java:114) [runTest(bash)] OUT>  	at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEn
> gine.java:328) [runTest(bash)] OUT>  	at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEn
> gine.java:245) [runTest(bash)] OUT>  	at
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInI
> nterceptor.java:208) [runTest(bash)] OUT>  	at
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInI
> nterceptor.java:78) [runTest(bash)] OUT>  	at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorCha
> in.java:243) [runTest(bash)] OUT>  	at
> org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:755)
> [runTest(bash)] OUT>  	at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRespon
> seInternal(HTTPConduit.java:2408) [runTest(bash)] OUT>  	at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRespon
> se(HTTPConduit.java:2278) [runTest(bash)] OUT>  	at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPCo
> nduit.java:2121) [runTest(bash)] OUT>  	at
> org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
> [runTest(bash)] OUT>  	at
> org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:695)
> [runTest(bash)] OUT>  	at
> org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInt
> erceptor.handleMessage(MessageSenderInterceptor.java:62) [runTest(bash)]
> OUT>  	at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorCha
> in.java:243) [runTest(bash)] OUT>  	at
> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
> [runTest(bash)] OUT>  	at
> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
> [runTest(bash)] OUT>  	at
> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
> [runTest(bash)] OUT>  	at
> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> [runTest(bash)] OUT>  	at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
> [runTest(bash)] OUT>  	... 9 more
> 
> 
> Interestingly, forcing the use of WSS4J 1.5.8 instead (we discovered
> this by accident ;-) ) the problem goes away.
> The application basically builds up a JAXWS client using WS-Security
> (Sign only) through programmatically configured WSS4J interceptors:
> http://fpaste.org/pYHM/
> Once the proxy is ready on client side, it's called concurrently using
> multiple threads (performIteration() method in the code).
> Does the problem/exception above ring any bell? I'm going to investigate
> this a bit more in any case.
> Thanks
> Alessio

-- 
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog
Talend - http://www.talend.com

Mime
View raw message