Ah, no. It looks like at some point in our upgrade path, EhCache got
added as a cxf dependency but it didn't get added to our project's
deploy settings. This is for a very low-volume service, so we're not
overly concerned about performance. Are there any other issues with
keeping EhCache out?
Lucas
On 6/27/12 2:05 AM, Colm O hEigeartaigh wrote:
For the record, this is fixed by WSS-396:
https://issues.apache.org/jira/browse/WSS-396
I'm curious as to why the EhCache ReplayCache is not getting picked up -
are you explicitly excluding EhCache as a dependency in your project?
Colm.
On Wed, Jun 27, 2012 at 1:44 AM, Lucas Madar <[email protected]> wrote:
I'm not sure if this is an issue with CXF or with WSS4J, but I don't know
enough about what's going on behind the scenes to diagnose it.
cxf: 2.6.1
wss4j: 1.6.6
This is a SOAP call with WS-UserNameToken enabled, via an
AbstractUsernameTokenAuthentic**atingInterceptor.
Anyone seen something similar?
WARNING: Interceptor for {http://xxxx/}XXXXXXXX#{http:/**
/xxxx/xxx}XXXXXXXX <http://xxxx/%7DXXXXXXXX#%7Bhttp://xxxx/xxx%7DXXXXXXXX>has
thrown exception, unwinding now
java.util.**ConcurrentModificationExceptio**n
at java.util.HashMap$**HashIterator.nextEntry(**HashMap.java:793)
at java.util.HashMap$KeyIterator.**next(HashMap.java:828)
at org.apache.ws.security.cache.**MemoryReplayCache.**
processTokenExpiry(**MemoryReplayCache.java:89)
at org.apache.ws.security.cache.**MemoryReplayCache.contains(**
MemoryReplayCache.java:76)
at org.apache.ws.security.**processor.**UsernameTokenProcessor.**
handleUsernameToken(**UsernameTokenProcessor.java:**139)
at org.apache.ws.security.**processor.**UsernameTokenProcessor.**
handleToken(**UsernameTokenProcessor.java:**66)
at org.apache.ws.security.**WSSecurityEngine.**
processSecurityHeader(**WSSecurityEngine.java:396)
at org.apache.cxf.ws.security.**wss4j.WSS4JInInterceptor.**
handleMessage(**WSS4JInInterceptor.java:289)
at org.apache.cxf.ws.security.**wss4j.**
AbstractUsernameTokenAuthentic**atingInterceptor.**handleMessage(**
AbstractUsernameToken
AuthenticatingInterceptor.**java:91)
at org.apache.cxf.ws.security.**wss4j.**
AbstractUsernameTokenAuthentic**atingInterceptor.**handleMessage(**
AbstractUsernameToken
AuthenticatingInterceptor.**java:62)
at org.apache.cxf.phase.**PhaseInterceptorChain.**doIntercept(**
PhaseInterceptorChain.java:**262)
at org.apache.cxf.transport.**ChainInitiationObserver.**onMessage(*
*ChainInitiationObserver.java:**122)
at org.apache.cxf.transport.http.**AbstractHTTPDestination.**
invoke(**AbstractHTTPDestination.java:**211)
at org.apache.cxf.transport.**servlet.ServletController.**
invokeDestination(**ServletController.java:213)
at org.apache.cxf.transport.**servlet.ServletController.**
invoke(ServletController.java:**193)
at org.apache.cxf.transport.**servlet.CXFNonSpringServlet.**
invoke(CXFNonSpringServlet.**java:129)
at org.apache.cxf.transport.**servlet.AbstractHTTPServlet.**
handleRequest(**AbstractHTTPServlet.java:187)
at org.apache.cxf.transport.**servlet.AbstractHTTPServlet.**
doPost(AbstractHTTPServlet.**java:110)
at javax.servlet.http.**HttpServlet.service(**HttpServlet.java:641)
at org.apache.cxf.transport.**servlet.AbstractHTTPServlet.**
service(AbstractHTTPServlet.**java:166)
at org.apache.catalina.core.**ApplicationFilterChain.**
internalDoFilter(**ApplicationFilterChain.java:**304)
