cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Roytenberg \(Consultant\)" <David.Roytenb...@optimalpayments.com>
Subject How to Disable SSLv2 client hello in CXF?
Date Thu, 23 Oct 2014 20:57:06 GMT
I'm having an SSL problem and I wonder if there is a way to fix it within CXF

We have our CXF 2.7.6 based integration deployed on Weblogic 11.  We are using JDK 1.7_065

When we connect to our remote client via SSL we get the following trace with lots of SSL debugging
turned on

What appears to be happening is that the Hello message is sent with an SSLV2 protocol, which
our partner's server does not like.  Apparently sending the Hello at this level is a common
behavior and apparently it sometimes causes the remote server to fail.  I found a suggestion
on line that this can be fixed by removing the SSLv2 from the allowed protocols.  I am wondering
if I can do that through CFX configuration?

This is a reference to the article that suggests that removing the protocol is the solution
to this problem:

http://stackoverflow.com/questions/4682957/why-does-javas-sslsocket-send-a-version-2-client-hello

The protocols are apparently set on the SSLContext in JSSE by calling setEnabledProtocols(String[]
protocols)

Is there a way to set the enabled protocols on the SSLContext via CXF configuration?

If not, is there a way to get hold of the SSLContext programmatically in a CXF interceptor?

We can't fix this problem at the WebLogic level because of side-effects on other apps.   Thanks
in advance for any suggestions or guidance!

WebLogic SSL debug trace follows:

%% No cached client session
*** ClientHello, TLSv1.2
RandomCookie:  GMT: 1414096267 bytes = { 183, 209, 47, 148, 54, 202, 98, 8, 191, 222, 122,
248, 80, 190, 53, 88, 128, 130, 126, 108, 100, 82, 100, 197, 213, 31, 89, 96 }
Session ID:  {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS
_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AE
S_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_
WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES
_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA,
TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_W
ITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5,
TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1,
sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1,
sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp1
92k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA,
SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA,
SHA1withRSA, SHA1withDSA, MD5withRSA
***
[write] MD5 and SHA1 hashes:  len = 221
0000: 01 00 00 D9 03 03 54 49   66 8B B7 D1 2F 94 36 CA  ......TIf.../.6.
0010: 62 08 BF DE 7A F8 50 BE   35 58 80 82 7E 6C 64 52  b...z.P.5X...ldR
0020: 64 C5 D5 1F 59 60 00 00   54 C0 24 C0 28 00 3D C0  d...Y`..T.$.(.=.
0030: 26 C0 2A 00 6B 00 6A C0   0A C0 14 00 35 C0 05 C0  &.*.k.j.....5...
0040: 0F 00 39 00 38 C0 23 C0   27 00 3C C0 25 C0 29 00  ..9.8.#.'.<.%.).
0050: 67 00 40 C0 09 C0 13 00   2F C0 04 C0 0E 00 33 00  g.@...../.....3.
0060: 32 C0 07 C0 11 00 05 C0   02 C0 0C C0 08 C0 12 00  2...............
0070: 0A C0 03 C0 0D 00 16 00   13 00 04 00 FF 01 00 00  ................
0080: 5C 00 0A 00 34 00 32 00   17 00 01 00 03 00 13 00  \...4.2.........
0090: 15 00 06 00 07 00 09 00   0A 00 18 00 0B 00 0C 00  ................
00A0: 19 00 0D 00 0E 00 0F 00   10 00 11 00 02 00 12 00  ................
00B0: 04 00 05 00 14 00 08 00   16 00 0B 00 02 01 00 00  ................
00C0: 0D 00 1A 00 18 06 03 06   01 05 03 05 01 04 03 04  ................
00D0: 01 03 03 03 01 02 03 02   01 02 02 01 01           .............
[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)', WRITE: TLSv1.2
Handshake, length = 221
[write] MD5 and SHA1 hashes:  len = 188
0000: 01 03 03 00 93 00 00 00   20 00 C0 24 00 C0 28 00  ........ ..$..(.
0010: 00 3D 00 C0 26 00 C0 2A   00 00 6B 00 00 6A 00 C0  .=..&..*..k..j..
0020: 0A 07 00 C0 00 C0 14 00   00 35 00 C0 05 00 C0 0F  .........5......
0030: 00 00 39 00 00 38 00 C0   23 00 C0 27 00 00 3C 00  ..9..8..#..'..<.
0040: C0 25 00 C0 29 00 00 67   00 00 40 00 C0 09 06 00  .%..)..g..@.....
0050: 40 00 C0 13 00 00 2F 00   C0 04 01 00 80 00 C0 0E  @...../.........
0060: 00 00 33 00 00 32 00 C0   07 05 00 80 00 C0 11 00  ..3..2..........
0070: 00 05 00 C0 02 00 C0 0C   00 C0 08 00 C0 12 00 00  ................
0080: 0A 07 00 C0 00 C0 03 02   00 80 00 C0 0D 00 00 16  ................
0090: 00 00 13 00 00 04 01 00   80 00 00 FF 54 49 66 8B  ............TIf.
00A0: B7 D1 2F 94 36 CA 62 08   BF DE 7A F8 50 BE 35 58  ../.6.b...z.P.5X
00B0: 80 82 7E 6C 64 52 64 C5   D5 1F 59 60              ...ldRd...Y`
[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)', WRITE: SSLv2
client hello message, length = 188
[Raw write]: length = 190
0000: 80 BC 01 03 03 00 93 00   00 00 20 00 C0 24 00 C0  .......... ..$..
0010: 28 00 00 3D 00 C0 26 00   C0 2A 00 00 6B 00 00 6A  (..=..&..*..k..j
0020: 00 C0 0A 07 00 C0 00 C0   14 00 00 35 00 C0 05 00  ...........5....
0030: C0 0F 00 00 39 00 00 38   00 C0 23 00 C0 27 00 00  ....9..8..#..'..
0040: 3C 00 C0 25 00 C0 29 00   00 67 00 00 40 00 C0 09  <..%..)..g..@...
0050: 06 00 40 00 C0 13 00 00   2F 00 C0 04 01 00 80 00  ..@...../.......
0060: C0 0E 00 00 33 00 00 32   00 C0 07 05 00 80 00 C0  ....3..2........
0070: 11 00 00 05 00 C0 02 00   C0 0C 00 C0 08 00 C0 12  ................
0080: 00 00 0A 07 00 C0 00 C0   03 02 00 80 00 C0 0D 00  ................
0090: 00 16 00 00 13 00 00 04   01 00 80 00 00 FF 54 49  ..............TI
00A0: 66 8B B7 D1 2F 94 36 CA   62 08 BF DE 7A F8 50 BE  f.../.6.b...z.P.
00B0: 35 58 80 82 7E 6C 64 52   64 C5 D5 1F 59 60        5X...ldRd...Y`
<Oct 23, 2014 4:35:23 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE]
ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled Threads]]weblogic.security.SSL.jsseadapter:
SSLENGINE: SSLEngine.wrap(ByteBuffer,ByteBuffer)
called: result=Status = OK HandshakeStatus = NEED_UNWRAP
bytesConsumed = 0 bytesProduced = 190.>
<Oct 23, 2014 4:35:23 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE]
ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled Threads]]weblogic.security.SSL.jsseadapter:
SSLENGINE: SSLEngine.unwrap(ByteBuffer,ByteBuffer
[]) called: result=Status = BUFFER_UNDERFLOW HandshakeStatus = NEED_UNWRAP
bytesConsumed = 0 bytesProduced = 0.>
[Raw read]: length = 5
0000: 15 03 03 00 02                                     .....
[Raw read]: length = 2
0000: 02 28                                              .(
[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)', READ: TLSv1.2
Alert, length = 2
[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)', RECV TLSv1
ALERT:  fatal, handshake_failure
[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)', fatal: engine
already closed.  Rethrowing javax.net.ssl.SSLException: Received fatal alert: handshake_failure
[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)', fatal: engine
already closed.  Rethrowing javax.net.ssl.SSLException: Received fatal alert: handshake_failure
<Oct 23, 2014 4:35:23 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE]
ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled Threads]]weblogic.security.SSL.jsseadapter:
SSLENGINE: Exception occurred during SSLEngine.un
wrap(ByteBuffer,ByteBuffer[]).
javax.net.ssl.SSLException: Received fatal alert: handshake_failure
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
        at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1619)
        at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1587)
        at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1756)
        at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1060)
        at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:884)
        at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758)
        at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:664)
        at weblogic.security.SSL.jsseadapter.JaSSLEngine$5.run(JaSSLEngine.java:134)
        at weblogic.security.SSL.jsseadapter.JaSSLEngine.doAction(JaSSLEngine.java:732)
        at weblogic.security.SSL.jsseadapter.JaSSLEngine.unwrap(JaSSLEngine.java:132)
        at weblogic.socket.JSSEFilterImpl.unwrap(JSSEFilterImpl.java:505)
        at weblogic.socket.JSSEFilterImpl.unwrapAndHandleResults(JSSEFilterImpl.java:448)
        at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:80)
        at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:64)
        at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:59)
        at weblogic.socket.JSSEFilterImpl.write(JSSEFilterImpl.java:390)
        at weblogic.socket.JSSESocket$JSSEOutputStream.write(JSSESocket.java:89)
        at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
        at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
        at java.io.FilterOutputStream.flush(FilterOutputStream.java:140)
        at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:186)
        at weblogic.net.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:280)
        at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.setupWrappedStream(URLConnectionHTTPConduit.java:168)
        at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1278)
        at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1234)
        at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:195)
        at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47)
        at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)
        at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1291)
        at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
        at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:623)
        at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
        at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
        at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:541)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:474)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:377)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:330)
        at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
        at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134)
        at com.sun.proxy.$Proxy258.startTransaction(Unknown Source)
        at com.optimal.identity.gateway.equifax.eidverify.VerifyClient.initiateVerification(VerifyClient.java:87)
        at com.optimal.identity.gateway.equifax.eidverify.VerifyGateway.submitInitial(VerifyGateway.java:24)
        at com.optimal.identity.service.IdentificationServiceImpl.submitInitial(IdentificationServiceImpl.java:147)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:606)
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
        at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
        at com.sun.proxy.$Proxy211.submitInitial(Unknown Source)
        at com.optimal.identity.web.rest.IdentificationController.create(IdentificationController.java:133)
        at com.optimal.identity.web.rest.IdentificationController$$FastClassByCGLIB$$95f388d3.invoke(<generated>)
        at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
        at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:698)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
        at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:64)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
        at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:631)
        at com.optimal.identity.web.rest.IdentificationController$$EnhancerByCGLIB$$36b7b48f.create(<generated>)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:606)
        at org.springframework.web.method.support.InvocableHandlerMethod.invoke(InvocableHandlerMethod.java:219)
        at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:132)
        at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:104)
        at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandleMethod(RequestMappingHandlerAdapter.java:745)
        at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:686)
        at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:80)
        at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:925)
        at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:856)
        at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:920)
        at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:827)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
        at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:801)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
        at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
        at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
        at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)
        at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
        at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
        at org.springframework.web.filter.ShallowEtagHeaderFilter.doFilterInternal(ShallowEtagHeaderFilter.java:73)
        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
        at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
        at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
        at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
        at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:118)
        at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
        at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
        at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
        at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:201)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
        at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
        at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
        at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
        at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
        at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
        at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
        at com.optimal.rest.loggerfilter.LoggerFilter.doFilterInternal(LoggerFilter.java:169)
        at com.optimal.rest.loggerfilter.LoggerFilter.doFilter(LoggerFilter.java:123)
        at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
        at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
        at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
        at com.optimal.web.spring.filter.ApplicationUidFilter.doFilterInternal(ApplicationUidFilter.java:51)
        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
        at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
        at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
        at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
        at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3730)
        at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3696)
        at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
        at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
        at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2273)
        at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
        at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
>
AVIS IMPORTANT

WARNING


Ce message ?lectronique et ses pi?ces jointes peuvent contenir des renseignements confidentiels,
exclusifs ou l?galement privil?gi?s destin?s au seul usage du destinataire vis?. L'exp?diteur
original ne renonce ? aucun privil?ge ou ? aucun autre droit si le pr?sent message a ?t? transmis
involontairement ou s'il est retransmis sans son autorisation. Si vous n'?tes pas le destinataire
vis? du pr?sent message ou si vous l'avez re?u par erreur, veuillez cesser imm?diatement de
le lire et le supprimer, ainsi que toutes ses pi?ces jointes, de votre syst?me. La lecture,
la distribution, la copie ou tout autre usage du pr?sent message ou de ses pi?ces jointes
par des personnes autres que le destinataire vis? ne sont pas autoris?s et pourraient ?tre
ill?gaux. Si vous avez re?u ce courrier ?lectronique par erreur, veuillez en aviser l'exp?diteur.


This electronic message and its attachments may contain confidential, proprietary or legally
privileged information, which is solely for the use of the intended recipient. No privilege
or other rights are waived by any unintended transmission or unauthorized retransmission of
this message. If you are not the intended recipient of this message, or if you have received
it in error, you should immediately stop reading this message and delete it and all attachments
from your system. The reading, distribution, copying or other use of this message or its attachments
by unintended recipients is unauthorized and may be unlawful. If you have received this e-mail
in error, please notify the sender.

-- 
WARNING
-------
This electronic message and its attachments may contain confidential, proprietary or legally
privileged information, which is solely for the use of the intended recipient.  No privilege
or other rights are waived by any unintended transmission or unauthorized retransmission of
this message.  If you are not the intended recipient of this message, or if you have received
it in error, you should immediately stop reading this message and delete it and all attachments
from your system.  The reading, distribution, copying or other use of this message or its
attachments by unintended recipients is unauthorized and may be unlawful.  If you have received
this e-mail in error, please notify the sender.

AVIS IMPORTANT
--------------
Ce message electronique et ses pieces jointes peuvent contenir des renseignements confidentiels,
exclusifs ou legalement privilegies destines au seul usage du destinataire vise.  L'expediteur
original ne renonce a aucun privilege ou a aucun autre droit si le present message a ete transmis
involontairement ou s'il est retransmis sans son autorisation.  Si vous n'etes pas le destinataire
vise du present message ou si vous l'avez recu par erreur, veuillez cesser immediatement de
le lire et le supprimer, ainsi que toutes ses pieces jointes, de votre systeme.  La lecture,
la distribution, la copie ou tout autre usage du present message ou de ses pieces jointes
par des personnes autres que le destinataire vise ne sont pas autorises et pourraient etre
illegaux.  Si vous avez recu ce courrier electronique par erreur, veuillez en aviser l'expediteur.


Mime
  • Unnamed multipart/alternative (inline, 7-Bit, 0 bytes)
View raw message