ws-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "sureshkumar (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (WSS-282) STRTransform JCE provider throws java.lang.ClassCastException: org.jcp.xml.dsig.internal.dom.DOMSubTreeData incompatible with javax.xml.crypto.OctetStreamData in Websphere
Date Fri, 18 Nov 2011 19:12:52 GMT

    [ https://issues.apache.org/jira/browse/WSS-282?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13153055#comment-13153055
] 

sureshkumar commented on WSS-282:
---------------------------------

I tired using wss4j-1.6.4-SNAPSHOT and xmlsec-1.5.0-SNAPSHOT and i got the below exception


Server : WAS7.0
JDK 1.6.29

Jars Used
----------------
bcprov-jdk15-1.46.jar
commons-logging-1.1.1.jar
joda-time-1.6.2.jar
jul-to-slf4j-1.6.1.jar
log4j-1.2.16.jar
log4j-over-slf4j-1.6.1.jar
opensaml-2.5.1-1.jar
openws-1.4.2-1.jar
serializer-2.7.1.jar
slf4j-api-1.6.1.jar
slf4j-log4j12-1.6.1.jar
wss4j-1.6.4-SNAPSHOT.jar
xalan-2.7.1.jar
xercesImpl-2.9.1.jar
xml-apis-1.3.04.jar
xmlsec-1.5.0-SNAPSHOT.jar
xmltooling-1.3.2-1.jar


org.apache.ws.security.message.WSSecSignature prepare 
                                 java.lang.ClassCastException: org.apache.jcp.xml.dsig.internal.dom.DOMExcC14NMethod
incompatible with javax.xml.crypto.dsig.CanonicalizationMethod
	at com.ibm.xml.crypto.dsig.dom.FactoryImpl.newCanonicalizationMethod(FactoryImpl.java:197)
	at org.apache.ws.security.message.WSSecSignature.prepare(WSSecSignature.java:178)
	at org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:362)
	at com.bcbssc.wms.security.handler.WSSecurityHandlerUtil.insertSecurityElement(WSSecurityHandlerUtil.java:110)
	at com.bcbssc.wms.security.handler.WSSecurityHandler.handleMessage(WSSecurityHandler.java:56)
	at com.bcbssc.wms.security.handler.WSSecurityHandler.handleMessage(WSSecurityHandler.java:1)
	at org.apache.axis2.jaxws.handler.HandlerChainProcessor.callHandleMessageWithTracker(HandlerChainProcessor.java:832)
	at org.apache.axis2.jaxws.handler.HandlerChainProcessor.handleMessage(HandlerChainProcessor.java:494)
	at org.apache.axis2.jaxws.handler.HandlerChainProcessor.callGenericHandlers(HandlerChainProcessor.java:256)
	at org.apache.axis2.jaxws.handler.HandlerChainProcessor.processChain(HandlerChainProcessor.java:206)
	at org.apache.axis2.jaxws.handler.HandlerInvokerUtils.invokeOutboundHandlers(HandlerInvokerUtils.java:139)
	at org.apache.axis2.jaxws.core.controller.impl.InvocationControllerImpl.invoke(InvocationControllerImpl.java:81)

                
> STRTransform JCE provider throws  java.lang.ClassCastException: org.jcp.xml.dsig.internal.dom.DOMSubTreeData
incompatible with javax.xml.crypto.OctetStreamData in Websphere
> ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: WSS-282
>                 URL: https://issues.apache.org/jira/browse/WSS-282
>             Project: WSS4J
>          Issue Type: Bug
>          Components: WSS4J Core
>    Affects Versions: 1.6
>         Environment: WebSphere 7.0.0.15
>            Reporter: Jeremy Tadman
>            Assignee: Colm O hEigeartaigh
>         Attachments: wss4j-1.6.4-SNAPSHOT.jar, xmlsec-1.5.0-SNAPSHOT.jar
>
>
> When using WSS4J to generate signed sender-vouches SAML tokens involving an STRTransform
I get the below exception (right at the end). It only happens when there are multiple applications
using WSS4J or the application is restarted.
> Seems to be related to the fact that the STRTransformProvider is added to WebSphere's
JCE provider list using Security.addProvider(provider) but is loaded using the WAR module's
classloader. When an app is restarted, this classloader hangs around and causes  issues because
org.jcp.xml.dsig.internal.dom.DOMSubTreeData loaded by the new module instance's classloader
is not considered an instance of the org.jcp.xml.dsig.internal.dom.DOMSubTreeData class loaded
by the STRTransform instance. I tested this by modifying the source code and printing out
which classloader had loaded the class. In the case where things work (first startup of the
first application to use WSS4J) the classloaders are the same. In cases where things don't
work the classloader of the DOMSubTreeData instance passed into the transform is different
to the classloader of the DOMSubTreeData class itself. Similar result when trying from one
application then another.
> This seems loosely related to https://issues.apache.org/jira/browse/WSS-82 and http://bouncy-castle.1462172.n4.nabble.com/Bug-in-Cipher-class-td1465452.html.
> Seems there are problems running custom JCE providers on WebSphere (and IBM say they
don't support custom JCE providers). 
> Adding WSS4j to a higher level classloader causes all kinds of other errors to come up.
> Is there any way we can get this to work or are we WebSphere users out of luck? (Or am
I just doing something horrible wrong?). I've already applied the fixes shown in https://issues.apache.org/jira/browse/WSS-273
(I got those errors before I got this one).
> [5/4/11 16:41:04:379 EST] 00000029 SystemErr     R org.apache.ws.security.WSSecurityException:
Signature creation failed; nested exception is: 
> 	javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.dsig.TransformException:
javax.xml.crypto.dsig.TransformException: java.lang.ClassCastException: org.jcp.xml.dsig.internal.dom.DOMSubTreeData
incompatible with javax.xml.crypto.OctetStreamData
> [5/4/11 16:41:04:379 EST] 00000029 SystemErr     R 	at org.apache.ws.security.saml.WSSecSignatureSAML.computeSignature(WSSecSignatureSAML.java:529)
> [5/4/11 16:41:04:379 EST] 00000029 SystemErr     R 	at org.apache.ws.security.saml.WSSecSignatureSAML.build(WSSecSignatureSAML.java:155)
> ... servlet stack trace components ....
> [5/4/11 16:41:04:392 EST] 00000029 SystemErr     R Caused by: javax.xml.crypto.dsig.XMLSignatureException:
javax.xml.crypto.dsig.TransformException: javax.xml.crypto.dsig.TransformException: java.lang.ClassCastException:
org.jcp.xml.dsig.internal.dom.DOMSubTreeData incompatible with javax.xml.crypto.OctetStreamData
> [5/4/11 16:41:04:393 EST] 00000029 SystemErr     R 	at org.jcp.xml.dsig.internal.dom.DOMReference.transform(DOMReference.java:412)
> [5/4/11 16:41:04:393 EST] 00000029 SystemErr     R 	at org.jcp.xml.dsig.internal.dom.DOMReference.digest(DOMReference.java:304)
> [5/4/11 16:41:04:393 EST] 00000029 SystemErr     R 	at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.digestReference(DOMXMLSignature.java:467)
> [5/4/11 16:41:04:393 EST] 00000029 SystemErr     R 	at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:361)
> [5/4/11 16:41:04:393 EST] 00000029 SystemErr     R 	at org.apache.ws.security.saml.WSSecSignatureSAML.computeSignature(WSSecSignatureSAML.java:524)
> [5/4/11 16:41:04:393 EST] 00000029 SystemErr     R 	... 66 more
> [5/4/11 16:41:04:394 EST] 00000029 SystemErr     R Caused by: javax.xml.crypto.dsig.TransformException:
javax.xml.crypto.dsig.TransformException: java.lang.ClassCastException: org.jcp.xml.dsig.internal.dom.DOMSubTreeData
incompatible with javax.xml.crypto.OctetStreamData
> [5/4/11 16:41:04:394 EST] 00000029 SystemErr     R 	at org.apache.ws.security.transform.STRTransform.transformIt(STRTransform.java:267)
> [5/4/11 16:41:04:394 EST] 00000029 SystemErr     R 	at org.apache.ws.security.transform.STRTransform.transform(STRTransform.java:122)
> [5/4/11 16:41:04:395 EST] 00000029 SystemErr     R 	at org.jcp.xml.dsig.internal.dom.DOMTransform.transform(DOMTransform.java:147)
> [5/4/11 16:41:04:395 EST] 00000029 SystemErr     R 	at org.jcp.xml.dsig.internal.dom.DOMReference.transform(DOMReference.java:409)
> [5/4/11 16:41:04:395 EST] 00000029 SystemErr     R 	... 70 more
> [5/4/11 16:41:04:395 EST] 00000029 SystemErr     R Caused by: javax.xml.crypto.dsig.TransformException:
java.lang.ClassCastException: org.jcp.xml.dsig.internal.dom.DOMSubTreeData incompatible with
javax.xml.crypto.OctetStreamData
> [5/4/11 16:41:04:395 EST] 00000029 SystemErr     R 	at org.apache.ws.security.transform.STRTransform.transformIt(STRTransform.java:163)
> [5/4/11 16:41:04:396 EST] 00000029 SystemErr     R 	... 73 more
> [5/4/11 16:41:04:396 EST] 00000029 SystemErr     R Caused by: java.lang.ClassCastException:
org.jcp.xml.dsig.internal.dom.DOMSubTreeData incompatible with javax.xml.crypto.OctetStreamData
> [5/4/11 16:41:04:397 EST] 00000029 SystemErr     R 	at org.apache.ws.security.transform.STRTransform.transformIt(STRTransform.java:160)
> [5/4/11 16:41:04:397 EST] 00000029 SystemErr     R 	... 73 more

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


Mime
View raw message