[jira] [Commented] (WSS-282) STRTransform JCE provider throws java.lang.ClassCastException: org.jcp.xml.dsig.internal.dom.DOMSubTreeData incompatible with javax.xml.crypto.OctetStreamData in Websphere

Colm O hEigeartaigh (Commented) (JIRA) Fri, 04 Nov 2011 04:55:27 -0700

    [ 
https://issues.apache.org/jira/browse/WSS-282?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13143937#comment-13143937
 ]


Colm O hEigeartaigh commented on WSS-282:
-----------------------------------------


If someone could try again with the attached SNAPSHOT jars 
(wss4j-1.6.4-SNAPSHOT and xmlsec-1.5.0-SNAPSHOT) that would be great. If it 
doesn't work then please attach a stacktrace.

Colm.
                
> STRTransform JCE provider throws  java.lang.ClassCastException: 
> org.jcp.xml.dsig.internal.dom.DOMSubTreeData incompatible with 
> javax.xml.crypto.OctetStreamData in Websphere
> ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: WSS-282
>                 URL: https://issues.apache.org/jira/browse/WSS-282
>             Project: WSS4J
>          Issue Type: Bug
>          Components: WSS4J Core
>    Affects Versions: 1.6
>         Environment: WebSphere 7.0.0.15
>            Reporter: Jeremy Tadman
>            Assignee: Colm O hEigeartaigh
>         Attachments: wss4j-1.6.4-SNAPSHOT.jar, xmlsec-1.5.0-SNAPSHOT.jar
>
>
> When using WSS4J to generate signed sender-vouches SAML tokens involving an 
> STRTransform I get the below exception (right at the end). It only happens 
> when there are multiple applications using WSS4J or the application is 
> restarted.
> Seems to be related to the fact that the STRTransformProvider is added to 
> WebSphere's JCE provider list using Security.addProvider(provider) but is 
> loaded using the WAR module's classloader. When an app is restarted, this 
> classloader hangs around and causes  issues because 
> org.jcp.xml.dsig.internal.dom.DOMSubTreeData loaded by the new module 
> instance's classloader is not considered an instance of the 
> org.jcp.xml.dsig.internal.dom.DOMSubTreeData class loaded by the STRTransform 
> instance. I tested this by modifying the source code and printing out which 
> classloader had loaded the class. In the case where things work (first 
> startup of the first application to use WSS4J) the classloaders are the same. 
> In cases where things don't work the classloader of the DOMSubTreeData 
> instance passed into the transform is different to the classloader of the 
> DOMSubTreeData class itself. Similar result when trying from one application 
> then another.
> This seems loosely related to https://issues.apache.org/jira/browse/WSS-82 
> and 
> http://bouncy-castle.1462172.n4.nabble.com/Bug-in-Cipher-class-td1465452.html.
> Seems there are problems running custom JCE providers on WebSphere (and IBM 
> say they don't support custom JCE providers). 
> Adding WSS4j to a higher level classloader causes all kinds of other errors 
> to come up.
> Is there any way we can get this to work or are we WebSphere users out of 
> luck? (Or am I just doing something horrible wrong?). I've already applied 
> the fixes shown in https://issues.apache.org/jira/browse/WSS-273 (I got those 
> errors before I got this one).
> [5/4/11 16:41:04:379 EST] 00000029 SystemErr     R 
> org.apache.ws.security.WSSecurityException: Signature creation failed; nested 
> exception is: 
>       javax.xml.crypto.dsig.XMLSignatureException: 
> javax.xml.crypto.dsig.TransformException: 
> javax.xml.crypto.dsig.TransformException: java.lang.ClassCastException: 
> org.jcp.xml.dsig.internal.dom.DOMSubTreeData incompatible with 
> javax.xml.crypto.OctetStreamData
> [5/4/11 16:41:04:379 EST] 00000029 SystemErr     R    at 
> org.apache.ws.security.saml.WSSecSignatureSAML.computeSignature(WSSecSignatureSAML.java:529)
> [5/4/11 16:41:04:379 EST] 00000029 SystemErr     R    at 
> org.apache.ws.security.saml.WSSecSignatureSAML.build(WSSecSignatureSAML.java:155)
> ... servlet stack trace components ....
> [5/4/11 16:41:04:392 EST] 00000029 SystemErr     R Caused by: 
> javax.xml.crypto.dsig.XMLSignatureException: 
> javax.xml.crypto.dsig.TransformException: 
> javax.xml.crypto.dsig.TransformException: java.lang.ClassCastException: 
> org.jcp.xml.dsig.internal.dom.DOMSubTreeData incompatible with 
> javax.xml.crypto.OctetStreamData
> [5/4/11 16:41:04:393 EST] 00000029 SystemErr     R    at 
> org.jcp.xml.dsig.internal.dom.DOMReference.transform(DOMReference.java:412)
> [5/4/11 16:41:04:393 EST] 00000029 SystemErr     R    at 
> org.jcp.xml.dsig.internal.dom.DOMReference.digest(DOMReference.java:304)
> [5/4/11 16:41:04:393 EST] 00000029 SystemErr     R    at 
> org.jcp.xml.dsig.internal.dom.DOMXMLSignature.digestReference(DOMXMLSignature.java:467)
> [5/4/11 16:41:04:393 EST] 00000029 SystemErr     R    at 
> org.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:361)
> [5/4/11 16:41:04:393 EST] 00000029 SystemErr     R    at 
> org.apache.ws.security.saml.WSSecSignatureSAML.computeSignature(WSSecSignatureSAML.java:524)
> [5/4/11 16:41:04:393 EST] 00000029 SystemErr     R    ... 66 more
> [5/4/11 16:41:04:394 EST] 00000029 SystemErr     R Caused by: 
> javax.xml.crypto.dsig.TransformException: 
> javax.xml.crypto.dsig.TransformException: java.lang.ClassCastException: 
> org.jcp.xml.dsig.internal.dom.DOMSubTreeData incompatible with 
> javax.xml.crypto.OctetStreamData
> [5/4/11 16:41:04:394 EST] 00000029 SystemErr     R    at 
> org.apache.ws.security.transform.STRTransform.transformIt(STRTransform.java:267)
> [5/4/11 16:41:04:394 EST] 00000029 SystemErr     R    at 
> org.apache.ws.security.transform.STRTransform.transform(STRTransform.java:122)
> [5/4/11 16:41:04:395 EST] 00000029 SystemErr     R    at 
> org.jcp.xml.dsig.internal.dom.DOMTransform.transform(DOMTransform.java:147)
> [5/4/11 16:41:04:395 EST] 00000029 SystemErr     R    at 
> org.jcp.xml.dsig.internal.dom.DOMReference.transform(DOMReference.java:409)
> [5/4/11 16:41:04:395 EST] 00000029 SystemErr     R    ... 70 more
> [5/4/11 16:41:04:395 EST] 00000029 SystemErr     R Caused by: 
> javax.xml.crypto.dsig.TransformException: java.lang.ClassCastException: 
> org.jcp.xml.dsig.internal.dom.DOMSubTreeData incompatible with 
> javax.xml.crypto.OctetStreamData
> [5/4/11 16:41:04:395 EST] 00000029 SystemErr     R    at 
> org.apache.ws.security.transform.STRTransform.transformIt(STRTransform.java:163)
> [5/4/11 16:41:04:396 EST] 00000029 SystemErr     R    ... 73 more
> [5/4/11 16:41:04:396 EST] 00000029 SystemErr     R Caused by: 
> java.lang.ClassCastException: org.jcp.xml.dsig.internal.dom.DOMSubTreeData 
> incompatible with javax.xml.crypto.OctetStreamData
> [5/4/11 16:41:04:397 EST] 00000029 SystemErr     R    at 
> org.apache.ws.security.transform.STRTransform.transformIt(STRTransform.java:160)
> [5/4/11 16:41:04:397 EST] 00000029 SystemErr     R    ... 73 more

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Commented] (WSS-282) STRTransform JCE provider throws java.lang.ClassCastException: org.jcp.xml.dsig.internal.dom.DOMSubTreeData incompatible with javax.xml.crypto.OctetStreamData in Websphere

Reply via email to