You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Jose María Zaragoza <de...@gmail.com> on 2013/06/18 20:16:09 UTC
NullPointerException when redeploy webapp, possible WSS4J leak
Hello:
I've crossposted this email to WSS4J mailist, but I know a lot of CXF users
use WSS4J for WS-Security implementation, so I hope someone can help me.
I'm using WSS4J with Apache CXF 2.7.3, for signing SOAP messages
So, I'm using WSS4J 1.6.9
These SOAP messages are sent by my WAR application to a remote webservice
When I redeploy my WAR into Tomcat server *without restart it* , I always
get the next exception:
Caused by: org.apache.ws.security.WSSecurityException: Error during
Signature:
at
org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:105)
~[wss4j-1.6.9.jar:1.6.9]
at
org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:230)
~[wss4j-1.6.9.jar:1.6.9]
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:52)
~[cxf-rt-ws-security-2.7.3.jar:2.7.3]
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:260)
~[cxf-rt-ws-security-2.7.3.jar:2.7.3]
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:136)
~[cxf-rt-ws-security-2.7.3.jar:2.7.3]
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
[cxf-api-2.7.3.jar:2.7.3]
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530)
~[cxf-api-2.7.3.jar:2.7.3]
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)
~[cxf-api-2.7.3.jar:2.7.3]
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366)
~[cxf-api-2.7.3.jar:2.7.3]
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319)
~[cxf-api-2.7.3.jar:2.7.3]
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
~[cxf-rt-frontend-simple-2.7.3.jar:2.7.3]
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:133)
~[cxf-rt-frontend-jaxws-2.7.3.jar:2.7.3]
... 41 common frames omitted
Caused by: org.apache.ws.security.WSSecurityException: Signature creation
failed
at
org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:558)
~[wss4j-1.6.9.jar:1.6.9]
at
org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:99)
~[wss4j-1.6.9.jar:1.6.9]
... 52 common frames omitted
Caused by: java.lang.NullPointerException: null
at
org.apache.jcp.xml.dsig.internal.dom.DOMReference.marshal(DOMReference.java:297)
~[xmlsec-1.5.3.jar:1.5.3]
at
org.apache.jcp.xml.dsig.internal.dom.DOMSignedInfo.marshal(DOMSignedInfo.java:268)
~[xmlsec-1.5.3.jar:1.5.3]
at
org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.marshal(DOMXMLSignature.java:216)
~[xmlsec-1.5.3.jar:1.5.3]
at
org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:329)
~[xmlsec-1.5.3.jar:1.5.3]
at
org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:553)
~[wss4j-1.6.9.jar:1.6.9]
... 53 common frames omitted
Any idea ?
I've to restart Tomcat server and all works fine again
Looks like a leak
When fails, if I enable debug logging level, I don't see the the log
message in DOMReference.java , line 297
if (log.isDebugEnabled())
{
log.debug("Marshalling Reference");
}
When I restart Tomcat, this log message is shown
My CXF client configuration is
<http-conf:conduit name="https://.*">
<http-conf:tlsClientParameters>
<sec:trustManagers>
<sec:keyStore type="JKS" password="xxx"
resource="truststore.jks"/>
</sec:trustManagers>
</http-conf:tlsClientParameters>
<http-conf:client ConnectionTimeout="5000" ReceiveTimeout="10000" />
</http-conf:conduit>
<jaxws:outInterceptors>
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<constructor-arg>
<map>
<entry key="action" value="Signature"/>
<entry key="user" value="xxx"/>
<entry key="signatureUser" value="xxxx"/>
<entry key="passwordCallbackClass"
value="com.test.KeystorePasswordCallback"/>
<entry key="signaturePropFile" value="keystore.properties"/>
<entry key="signatureKeyIdentifier"
value="DirectReference"/>
<entry key="signatureAlgorithm" value="
http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<entry key="sigCanonicalization" value="
http://www.w3.org/2001/10/xml-exc-c14n#"/>
<entry key="signatureDigestAlgorithm" value="
http://www.w3.org/2000/09/xmldsig#sha1"/>
</map>
</constructor-arg>
</bean>
</jaxws:outInterceptors>
</jaxws:client>
Re: NullPointerException when redeploy webapp, possible WSS4J leak
Posted by Jose María Zaragoza <de...@gmail.com>.
FYI
I don't have found the solution but if I upgrade to last Tomcat release (
7.0.41 ), the error is fixed.
Last release for Tomcat 6.x branch doesn't work.
It's not the best answer ( because sometimes it's impossible to upgrade
Tomcat server ), but it's the only one I have
Regards
2013/6/18 Jose María Zaragoza <de...@gmail.com>
>
> Hello:
>
> I've crossposted this email to WSS4J mailist, but I know a lot of CXF
> users use WSS4J for WS-Security implementation, so I hope someone can help
> me.
>
>
> I'm using WSS4J with Apache CXF 2.7.3, for signing SOAP messages
> So, I'm using WSS4J 1.6.9
>
> These SOAP messages are sent by my WAR application to a remote webservice
>
> When I redeploy my WAR into Tomcat server *without restart it* , I always
> get the next exception:
>
> Caused by: org.apache.ws.security.WSSecurityException: Error during
> Signature:
> at
> org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:105)
> ~[wss4j-1.6.9.jar:1.6.9]
> at
> org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:230)
> ~[wss4j-1.6.9.jar:1.6.9]
> at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:52)
> ~[cxf-rt-ws-security-2.7.3.jar:2.7.3]
> at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:260)
> ~[cxf-rt-ws-security-2.7.3.jar:2.7.3]
> at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:136)
> ~[cxf-rt-ws-security-2.7.3.jar:2.7.3]
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
> [cxf-api-2.7.3.jar:2.7.3]
> at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530)
> ~[cxf-api-2.7.3.jar:2.7.3]
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)
> ~[cxf-api-2.7.3.jar:2.7.3]
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366)
> ~[cxf-api-2.7.3.jar:2.7.3]
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319)
> ~[cxf-api-2.7.3.jar:2.7.3]
> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
> ~[cxf-rt-frontend-simple-2.7.3.jar:2.7.3]
> at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:133)
> ~[cxf-rt-frontend-jaxws-2.7.3.jar:2.7.3]
> ... 41 common frames omitted
> Caused by: org.apache.ws.security.WSSecurityException: Signature creation
> failed
> at
> org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:558)
> ~[wss4j-1.6.9.jar:1.6.9]
> at
> org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:99)
> ~[wss4j-1.6.9.jar:1.6.9]
> ... 52 common frames omitted
> Caused by: java.lang.NullPointerException: null
> at
> org.apache.jcp.xml.dsig.internal.dom.DOMReference.marshal(DOMReference.java:297)
> ~[xmlsec-1.5.3.jar:1.5.3]
> at
> org.apache.jcp.xml.dsig.internal.dom.DOMSignedInfo.marshal(DOMSignedInfo.java:268)
> ~[xmlsec-1.5.3.jar:1.5.3]
> at
> org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.marshal(DOMXMLSignature.java:216)
> ~[xmlsec-1.5.3.jar:1.5.3]
> at
> org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:329)
> ~[xmlsec-1.5.3.jar:1.5.3]
> at
> org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:553)
> ~[wss4j-1.6.9.jar:1.6.9]
> ... 53 common frames omitted
>
>
> Any idea ?
> I've to restart Tomcat server and all works fine again
> Looks like a leak
>
> When fails, if I enable debug logging level, I don't see the the log
> message in DOMReference.java , line 297
>
> if (log.isDebugEnabled())
> {
> log.debug("Marshalling Reference");
>
> }
>
> When I restart Tomcat, this log message is shown
>
> My CXF client configuration is
>
> <http-conf:conduit name="https://.*">
> <http-conf:tlsClientParameters>
> <sec:trustManagers>
> <sec:keyStore type="JKS" password="xxx"
> resource="truststore.jks"/>
> </sec:trustManagers>
> </http-conf:tlsClientParameters>
> <http-conf:client ConnectionTimeout="5000" ReceiveTimeout="10000" />
> </http-conf:conduit>
>
> <jaxws:outInterceptors>
> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
> <constructor-arg>
> <map>
> <entry key="action" value="Signature"/>
> <entry key="user" value="xxx"/>
> <entry key="signatureUser" value="xxxx"/>
> <entry key="passwordCallbackClass"
> value="com.test.KeystorePasswordCallback"/>
> <entry key="signaturePropFile"
> value="keystore.properties"/>
> <entry key="signatureKeyIdentifier"
> value="DirectReference"/>
> <entry key="signatureAlgorithm" value="
> http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
> <entry key="sigCanonicalization" value="
> http://www.w3.org/2001/10/xml-exc-c14n#"/>
> <entry key="signatureDigestAlgorithm" value="
> http://www.w3.org/2000/09/xmldsig#sha1"/>
> </map>
> </constructor-arg>
> </bean>
> </jaxws:outInterceptors>
>
> </jaxws:client>
>