[jira] [Commented] (WSS-282) STRTransform JCE provider throws java.lang.ClassCastException: org.jcp.xml.dsig.internal.dom.DOMSubTreeData incompatible with javax.xml.crypto.OctetStreamData in Websphere

sureshkumar (Commented) (JIRA) Fri, 18 Nov 2011 11:13:21 -0800

    [ 
https://issues.apache.org/jira/browse/WSS-282?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13153055#comment-13153055
 ]


sureshkumar commented on WSS-282:
---------------------------------

I tired using wss4j-1.6.4-SNAPSHOT and xmlsec-1.5.0-SNAPSHOT and i got the 
below exception 

Server : WAS7.0
JDK 1.6.29

Jars Used
----------------
bcprov-jdk15-1.46.jar
commons-logging-1.1.1.jar
joda-time-1.6.2.jar
jul-to-slf4j-1.6.1.jar
log4j-1.2.16.jar
log4j-over-slf4j-1.6.1.jar
opensaml-2.5.1-1.jar
openws-1.4.2-1.jar
serializer-2.7.1.jar
slf4j-api-1.6.1.jar
slf4j-log4j12-1.6.1.jar
wss4j-1.6.4-SNAPSHOT.jar
xalan-2.7.1.jar
xercesImpl-2.9.1.jar
xml-apis-1.3.04.jar
xmlsec-1.5.0-SNAPSHOT.jar
xmltooling-1.3.2-1.jar


org.apache.ws.security.message.WSSecSignature prepare 
                                 java.lang.ClassCastException: 
org.apache.jcp.xml.dsig.internal.dom.DOMExcC14NMethod incompatible with 
javax.xml.crypto.dsig.CanonicalizationMethod
        at 
com.ibm.xml.crypto.dsig.dom.FactoryImpl.newCanonicalizationMethod(FactoryImpl.java:197)
        at 
org.apache.ws.security.message.WSSecSignature.prepare(WSSecSignature.java:178)
        at 
org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:362)
        at 
com.bcbssc.wms.security.handler.WSSecurityHandlerUtil.insertSecurityElement(WSSecurityHandlerUtil.java:110)
        at 
com.bcbssc.wms.security.handler.WSSecurityHandler.handleMessage(WSSecurityHandler.java:56)
        at 
com.bcbssc.wms.security.handler.WSSecurityHandler.handleMessage(WSSecurityHandler.java:1)
        at 
org.apache.axis2.jaxws.handler.HandlerChainProcessor.callHandleMessageWithTracker(HandlerChainProcessor.java:832)
        at 
org.apache.axis2.jaxws.handler.HandlerChainProcessor.handleMessage(HandlerChainProcessor.java:494)
        at 
org.apache.axis2.jaxws.handler.HandlerChainProcessor.callGenericHandlers(HandlerChainProcessor.java:256)
        at 
org.apache.axis2.jaxws.handler.HandlerChainProcessor.processChain(HandlerChainProcessor.java:206)
        at 
org.apache.axis2.jaxws.handler.HandlerInvokerUtils.invokeOutboundHandlers(HandlerInvokerUtils.java:139)
        at 
org.apache.axis2.jaxws.core.controller.impl.InvocationControllerImpl.invoke(InvocationControllerImpl.java:81)

                
> STRTransform JCE provider throws  java.lang.ClassCastException: 
> org.jcp.xml.dsig.internal.dom.DOMSubTreeData incompatible with 
> javax.xml.crypto.OctetStreamData in Websphere
> ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: WSS-282
>                 URL: https://issues.apache.org/jira/browse/WSS-282
>             Project: WSS4J
>          Issue Type: Bug
>          Components: WSS4J Core
>    Affects Versions: 1.6
>         Environment: WebSphere 7.0.0.15
>            Reporter: Jeremy Tadman
>            Assignee: Colm O hEigeartaigh
>         Attachments: wss4j-1.6.4-SNAPSHOT.jar, xmlsec-1.5.0-SNAPSHOT.jar
>
>
> When using WSS4J to generate signed sender-vouches SAML tokens involving an 
> STRTransform I get the below exception (right at the end). It only happens 
> when there are multiple applications using WSS4J or the application is 
> restarted.
> Seems to be related to the fact that the STRTransformProvider is added to 
> WebSphere's JCE provider list using Security.addProvider(provider) but is 
> loaded using the WAR module's classloader. When an app is restarted, this 
> classloader hangs around and causes  issues because 
> org.jcp.xml.dsig.internal.dom.DOMSubTreeData loaded by the new module 
> instance's classloader is not considered an instance of the 
> org.jcp.xml.dsig.internal.dom.DOMSubTreeData class loaded by the STRTransform 
> instance. I tested this by modifying the source code and printing out which 
> classloader had loaded the class. In the case where things work (first 
> startup of the first application to use WSS4J) the classloaders are the same. 
> In cases where things don't work the classloader of the DOMSubTreeData 
> instance passed into the transform is different to the classloader of the 
> DOMSubTreeData class itself. Similar result when trying from one application 
> then another.
> This seems loosely related to https://issues.apache.org/jira/browse/WSS-82 
> and 
> http://bouncy-castle.1462172.n4.nabble.com/Bug-in-Cipher-class-td1465452.html.
> Seems there are problems running custom JCE providers on WebSphere (and IBM 
> say they don't support custom JCE providers). 
> Adding WSS4j to a higher level classloader causes all kinds of other errors 
> to come up.
> Is there any way we can get this to work or are we WebSphere users out of 
> luck? (Or am I just doing something horrible wrong?). I've already applied 
> the fixes shown in https://issues.apache.org/jira/browse/WSS-273 (I got those 
> errors before I got this one).
> [5/4/11 16:41:04:379 EST] 00000029 SystemErr     R 
> org.apache.ws.security.WSSecurityException: Signature creation failed; nested 
> exception is: 
>       javax.xml.crypto.dsig.XMLSignatureException: 
> javax.xml.crypto.dsig.TransformException: 
> javax.xml.crypto.dsig.TransformException: java.lang.ClassCastException: 
> org.jcp.xml.dsig.internal.dom.DOMSubTreeData incompatible with 
> javax.xml.crypto.OctetStreamData
> [5/4/11 16:41:04:379 EST] 00000029 SystemErr     R    at 
> org.apache.ws.security.saml.WSSecSignatureSAML.computeSignature(WSSecSignatureSAML.java:529)
> [5/4/11 16:41:04:379 EST] 00000029 SystemErr     R    at 
> org.apache.ws.security.saml.WSSecSignatureSAML.build(WSSecSignatureSAML.java:155)
> ... servlet stack trace components ....
> [5/4/11 16:41:04:392 EST] 00000029 SystemErr     R Caused by: 
> javax.xml.crypto.dsig.XMLSignatureException: 
> javax.xml.crypto.dsig.TransformException: 
> javax.xml.crypto.dsig.TransformException: java.lang.ClassCastException: 
> org.jcp.xml.dsig.internal.dom.DOMSubTreeData incompatible with 
> javax.xml.crypto.OctetStreamData
> [5/4/11 16:41:04:393 EST] 00000029 SystemErr     R    at 
> org.jcp.xml.dsig.internal.dom.DOMReference.transform(DOMReference.java:412)
> [5/4/11 16:41:04:393 EST] 00000029 SystemErr     R    at 
> org.jcp.xml.dsig.internal.dom.DOMReference.digest(DOMReference.java:304)
> [5/4/11 16:41:04:393 EST] 00000029 SystemErr     R    at 
> org.jcp.xml.dsig.internal.dom.DOMXMLSignature.digestReference(DOMXMLSignature.java:467)
> [5/4/11 16:41:04:393 EST] 00000029 SystemErr     R    at 
> org.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:361)
> [5/4/11 16:41:04:393 EST] 00000029 SystemErr     R    at 
> org.apache.ws.security.saml.WSSecSignatureSAML.computeSignature(WSSecSignatureSAML.java:524)
> [5/4/11 16:41:04:393 EST] 00000029 SystemErr     R    ... 66 more
> [5/4/11 16:41:04:394 EST] 00000029 SystemErr     R Caused by: 
> javax.xml.crypto.dsig.TransformException: 
> javax.xml.crypto.dsig.TransformException: java.lang.ClassCastException: 
> org.jcp.xml.dsig.internal.dom.DOMSubTreeData incompatible with 
> javax.xml.crypto.OctetStreamData
> [5/4/11 16:41:04:394 EST] 00000029 SystemErr     R    at 
> org.apache.ws.security.transform.STRTransform.transformIt(STRTransform.java:267)
> [5/4/11 16:41:04:394 EST] 00000029 SystemErr     R    at 
> org.apache.ws.security.transform.STRTransform.transform(STRTransform.java:122)
> [5/4/11 16:41:04:395 EST] 00000029 SystemErr     R    at 
> org.jcp.xml.dsig.internal.dom.DOMTransform.transform(DOMTransform.java:147)
> [5/4/11 16:41:04:395 EST] 00000029 SystemErr     R    at 
> org.jcp.xml.dsig.internal.dom.DOMReference.transform(DOMReference.java:409)
> [5/4/11 16:41:04:395 EST] 00000029 SystemErr     R    ... 70 more
> [5/4/11 16:41:04:395 EST] 00000029 SystemErr     R Caused by: 
> javax.xml.crypto.dsig.TransformException: java.lang.ClassCastException: 
> org.jcp.xml.dsig.internal.dom.DOMSubTreeData incompatible with 
> javax.xml.crypto.OctetStreamData
> [5/4/11 16:41:04:395 EST] 00000029 SystemErr     R    at 
> org.apache.ws.security.transform.STRTransform.transformIt(STRTransform.java:163)
> [5/4/11 16:41:04:396 EST] 00000029 SystemErr     R    ... 73 more
> [5/4/11 16:41:04:396 EST] 00000029 SystemErr     R Caused by: 
> java.lang.ClassCastException: org.jcp.xml.dsig.internal.dom.DOMSubTreeData 
> incompatible with javax.xml.crypto.OctetStreamData
> [5/4/11 16:41:04:397 EST] 00000029 SystemErr     R    at 
> org.apache.ws.security.transform.STRTransform.transformIt(STRTransform.java:160)
> [5/4/11 16:41:04:397 EST] 00000029 SystemErr     R    ... 73 more

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Commented] (WSS-282) STRTransform JCE provider throws java.lang.ClassCastException: org.jcp.xml.dsig.internal.dom.DOMSubTreeData incompatible with javax.xml.crypto.OctetStreamData in Websphere

Reply via email to