santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hess Yvan" <>
Subject XML security seems to be not thread safe...Please Help
Date Wed, 05 Jul 2006 15:55:26 GMT
It seems that XML Apache security (Version 1.3) is not thread safe. Here
what I am doing and the errors encountered:


I sign XML documents using XML apache security and just after a document
has been signed it is verified (signature verification) using XML apache
security. One thread treats one XML document after another.


I have two kinds of errors that appear randomly:


1) I got a null pointer from XML Apache security 


Message: null
Class: java.lang.NullPointerException
Stack trace: 
Resolver.engineResolveX509Certificate(Unknown Source)
ate(Unknown Source)
rs(Unknown Source)
 at com.imtf.atlas.sphinx2.xmlsig.Verifier.verify(


2) The verification failed saying that the XML document is not
valid/corrupted  (not the hash but the signature itself according the
Apache log).


If I run the same test in a single environment (all documents are
treated by only on thread), I never got an error. 


Can somebody help me to resolve the problem? It is critical problem
because our application failed and we have to work in a multi-thread


Thanks for your answer. Yvan Hess


Yvan Hess 

Chief software architect <> 


View raw message