Hi, The code for poodle was added for server side.
The conduit config that you use should have set the enabled protocols on the jdk SSL context. I only checked cxf 2.7.12 not 2.7.6. I would expect they are the same but will check real quick and reply to this email. Can you attach a debugger to weblogic and put a break point in the SSL context factory wrapper class? You can make sure its executing the enabled protocols bit. If it is perhaps it's a jdk issue On 28/10/2014 6:50 AM, "David Roytenberg (Consultant)" < david.roytenb...@optimalpayments.com> wrote: > Thanks Jason, Since you've worked on Poodle, maybe you are aware of > whether the CXF client has changed its behavior since 2.7.6 as far as > SSLv2Hello protocol is concerned. I have two identical CXF configurations, > using the default protocol setting which looks to be TLS. With the SSL > debugging turned on, I see that the SSLv2Hello is being used to wrap the > client hello packet in each case. In my first integration all is well > while in the current integration, the server appears to drop the connection > as soon as it receives the SSLV2Hello packet. > > What I'd like to do is prevent the client from using that SSLv2Hello > protocol for the handshake Hello packet. > > None of the settings on this page: > http://cxf.apache.org/docs/tls-configuration.html seem to allow me to > control the Protocols directly, but I am still learning all the ins and > outs of how SSL is configured under the hood. > > From what you wrote it sounds like SSLv2Hello protocol is going to be > removed in the client in CXF 2.7.14. Is that right? > > Thanks, > > David > > > -----Original Message----- > From: jasonmp...@gmail.com [mailto:jasonmp...@gmail.com] On Behalf Of > Jason Pell > Sent: Monday, October 27, 2014 2:07 PM > To: users@cxf.apache.org > Subject: Re: How to Disable SSLv2 client hello in CXF? > > Here is the actual page which deals with the config for tls > > http://cxf.apache.org/docs/tls-configuration.html > > > > On Tue, Oct 28, 2014 at 5:06 AM, Jason Pell <ja...@pellcorp.com> wrote: > > > See, but note that the secureSocketProtocol is missing from the examples. > > (Search in the page for Configuring SSL Support) > > > > http://cxf.apache.org/docs/client-http-transport-including-ssl-support > > .html > > > > On Tue, Oct 28, 2014 at 5:02 AM, Jason Pell <ja...@pellcorp.com> wrote: > > > >> So I did some digging to remind myself of how it works on the client > >> and I was dead wrong. > >> > >> I was thinking about how the server works (having just done the > >> poodle > >> changes) > >> > >> Anyway, what Andrei was absolutely correct. > >> > >> You can see it applied in > >> org.apache.cxf.transport.https.SSLSocketFactoryWrapper. The > >> SSLSocketFactoryWrapper is called from the > >> org.apache.cxf.transport.https.HttpsURLConnectionFactory > >> > >> It results in the Socket Factory setEnabledProtocols to the actual > >> protocol you listed in the tls client parameters (see below) > >> > >> <http:tlsClientParameters disableCNCheck="true" > >> secureSocketProtocol="TLSv1"> > >> > >> You need to make sure that your conduit configuration is being > >> applied correctly in web logic, perhaps its not being picked up. > >> > >> > >> > >> > >> > >> > >> > >> On Tue, Oct 28, 2014 at 4:36 AM, Jason Pell <ja...@pellcorp.com> wrote: > >> > >>> Hi, > >>> > >>> I run embedded jetty container > >>> > >>> Sorry I forgot that you were running weblogic when I responded. In > that > >>> case do you even use the embedded jetty container? I am guessing > no. If > >>> not, then you would need to use the standard weblogic ssl > configuration. > >>> > >>> I don't believe CXF is responsible for any of the ssl config in that > >>> case. But then I am not very knowledgeable of cxf deployed to a > >>> j2ee container sorry. > >>> > >>> Sorry for the runaround and wasting your time > >>> > >>> Regards > >>> Jason > >>> > >>> > >>> On Tue, Oct 28, 2014 at 2:33 AM, David Roytenberg (Consultant) < > >>> david.roytenb...@optimalpayments.com> wrote: > >>> > >>>> Hi Jason, > >>>> > >>>> Are you running on WebLogic by any chance? When I configured > >>>> the properties in the deployment to point to the WebLogic default > >>>> key store and trust store, I get a > >>>> java.security.UnrecoverableKeyException while trying to deploy my > application. Did you encounter this problem? > >>>> > >>>> Here's my config: > >>>> > >>>> <constructor-arg> > >>>> <list> > >>>> <bean > >>>> class="com.pellcorp.server.jetty.JettyHttpEngineConfig"> > >>>> <property name="uri" value=" > >>>> https://localhost:7002" /> > >>>> <property name="keyStoreFile" > >>>> value="/opt/weblogic_11/wlserver_10.3/server/lib/DemoIdentity.jks" /> > >>>> <property > >>>> name="keyStorePassword" value="DemoIdentityKeyStorePassPhrase" /> > >>>> <property > name="trustStoreFile" > >>>> value="/opt/weblogic_11/wlserver_10.3/server/lib/DemoTrust.jks" /> > >>>> <property > >>>> name="trustStorePassword" value="DemoTrustKeyStorePassPhrase" /> > >>>> <property > >>>> name="secureSocketProtocol" value="TLSv1" /> > >>>> </bean> > >>>> > >>>> <bean > >>>> class="com.pellcorp.server.jetty.JettyHttpEngineConfig"> > >>>> <property name="uri" value=" > >>>> https://localhost:7002" /> > >>>> <property name="keyStoreFile" > >>>> value="/opt/weblogic_11/wlserver_10.3/server/lib/DemoIdentity.jks" /> > >>>> <property > >>>> name="keyStorePassword" value="DemoIdentityKeyStorePassPhrase" /> > >>>> <property > >>>> name="secureSocketProtocol" value="TLSv1" /> > >>>> </bean> > >>>> </list> > >>>> </constructor-arg> > >>>> > >>>> David > >>>> > >>>> -----Original Message----- > >>>> From: jasonmp...@gmail.com [mailto:jasonmp...@gmail.com] On Behalf > >>>> Of Jason Pell > >>>> Sent: Monday, October 27, 2014 7:23 AM > >>>> To: users@cxf.apache.org > >>>> Subject: Re: How to Disable SSLv2 client hello in CXF? > >>>> > >>>> Hi, > >>>> > >>>> Here is a sample of using your own custom version of the jetty > >>>> factory in your spring context. It is pretty invasive, so its > >>>> actually better to wait for 2.7.14 and take advantage of the code > >>>> already there. I use this code for other reasons though, as it > >>>> allows me to configure the trust / key stores via spring properties. > >>>> > >>>> > >>>> https://github.com/pellcorp/cxf/tree/master/JavaFirst/src/main/java > >>>> /com/pellcorp/server/jetty > >>>> > >>>> > >>>> > >>>> A sample spring context: > >>>> > >>>> > >>>> https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/main/reso > >>>> urces/META-INF/samlApplicationContext.xml > >>>> > >>>> > >>>> > >>>> > >>>> On Mon, Oct 27, 2014 at 9:44 PM, Jason Pell <ja...@pellcorp.com> > wrote: > >>>> > >>>> > That setting won't actually control what protocols jetty will > >>>> > actually use. I think it just controls what the highest protocol is > used. > >>>> > > >>>> > The excluded protocols list needs to include the sslv2 setting. > >>>> > > >>>> > we actually overrode the jetty factory jetty engine and one other > >>>> > class to get access to the SSL context to configure the excluded > >>>> > protocols. Not pretty but we can't wait for 2.7.14. > >>>> > > >>>> > If you are interested I shall post our classes to my git repo. > >>>> > > >>>> > Let me know > >>>> > On 27/10/2014 8:14 PM, "Andrei Shakirin" <ashaki...@talend.com> > >>>> wrote: > >>>> > > >>>> >> Hi, > >>>> >> > >>>> >> I guess you mean TLSClientParameters.secureSocketProtocol in > Conduit. > >>>> >> > >>>> >> As far as I can see this parameter is used for creating > >>>> >> java.net.ssl.SSLContext: > >>>> >> String protocol = parameters.getSecureSocketProtocol() > >>>> >> != > >>>> null ? > >>>> >> parameters > >>>> >> .getSecureSocketProtocol() : "TLS"; > >>>> >> > >>>> >> The setting should work. How you apply conduit settings: > >>>> >> programmatically or via spring configuration? > >>>> >> Could you past the code snapshot? > >>>> >> > >>>> >> Regards, > >>>> >> Andrei. > >>>> >> > >>>> >> > -----Original Message----- > >>>> >> > From: David Roytenberg (Consultant) > >>>> >> > [mailto:david.roytenb...@optimalpayments.com] > >>>> >> > Sent: Freitag, 24. Oktober 2014 17:46 > >>>> >> > To: users@cxf.apache.org > >>>> >> > Subject: RE: How to Disable SSLv2 client hello in CXF? > >>>> >> > > >>>> >> > Hello again. > >>>> >> > > >>>> >> > I've dug further into the CXF documentation and found that it > >>>> >> > is > >>>> >> possible to > >>>> >> > programmatically set the SSL protocols on the TLSProperties > >>>> >> > object of > >>>> >> the > >>>> >> > Conduit. > >>>> >> > > >>>> >> > I've created the TLS properties and set the SSL protocols to > >>>> >> > TLS1, but > >>>> >> this does > >>>> >> > not change the SSL behavior, which still starts with TLSv1.2 > >>>> >> > then sends > >>>> >> the hello > >>>> >> > with SSLv2 which is then dropped on the client end. Is there > >>>> >> > another > >>>> >> switch that > >>>> >> > has to be set to over-ride the default SSL behavior? > >>>> >> > > >>>> >> > David > >>>> >> > > >>>> >> > -----Original Message----- > >>>> >> > From: David Roytenberg (Consultant) > >>>> >> > [mailto:david.roytenb...@optimalpayments.com] > >>>> >> > Sent: Thursday, October 23, 2014 4:57 PM > >>>> >> > To: users@cxf.apache.org > >>>> >> > Subject: How to Disable SSLv2 client hello in CXF? > >>>> >> > > >>>> >> > I'm having an SSL problem and I wonder if there is a way to > >>>> >> > fix it > >>>> >> within CXF > >>>> >> > > >>>> >> > We have our CXF 2.7.6 based integration deployed on Weblogic 11. > >>>> >> > We are using JDK 1.7_065 > >>>> >> > > >>>> >> > When we connect to our remote client via SSL we get the > >>>> >> > following trace > >>>> >> with > >>>> >> > lots of SSL debugging turned on > >>>> >> > > >>>> >> > What appears to be happening is that the Hello message is sent > >>>> >> > with an > >>>> >> SSLV2 > >>>> >> > protocol, which our partner's server does not like. > >>>> >> > Apparently sending > >>>> >> the > >>>> >> > Hello at this level is a common behavior and apparently it > >>>> >> > sometimes > >>>> >> causes > >>>> >> > the remote server to fail. I found a suggestion on line that > >>>> >> > this can > >>>> >> be fixed by > >>>> >> > removing the SSLv2 from the allowed protocols. I am wondering > >>>> >> > if I can > >>>> >> do that > >>>> >> > through CFX configuration? > >>>> >> > > >>>> >> > This is a reference to the article that suggests that removing > >>>> >> > the > >>>> >> protocol is the > >>>> >> > solution to this problem: > >>>> >> > > >>>> >> > > >>>> >> > >>>> http://stackoverflow.com/questions/4682957/why-does-javas-sslsocket > >>>> -s > >>>> >> end-a- > >>>> >> > version-2-client-hello > >>>> >> > > >>>> >> > The protocols are apparently set on the SSLContext in JSSE by > >>>> >> > calling setEnabledProtocols(String[] protocols) > >>>> >> > > >>>> >> > Is there a way to set the enabled protocols on the SSLContext > >>>> >> > via CXF configuration? > >>>> >> > > >>>> >> > If not, is there a way to get hold of the SSLContext > >>>> >> > programmatically > >>>> >> in a CXF > >>>> >> > interceptor? > >>>> >> > > >>>> >> > We can't fix this problem at the WebLogic level because of > >>>> >> > side-effects > >>>> >> on > >>>> >> > other apps. Thanks in advance for any suggestions or guidance! > >>>> >> > > >>>> >> > WebLogic SSL debug trace follows: > >>>> >> > > >>>> >> > %% No cached client session > >>>> >> > *** ClientHello, TLSv1.2 > >>>> >> > RandomCookie: GMT: 1414096267 bytes = { 183, 209, 47, 148, > >>>> >> > 54, 202, > >>>> >> 98, 8, > >>>> >> > 191, 222, 122, 248, 80, 190, 53, 88, 128, 130, 126, 108, 100, > >>>> >> > 82, 100, > >>>> >> 197, 213, > >>>> >> > 31, 89, 96 } Session ID: {} Cipher Suites: > >>>> >> > [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, > >>>> >> > TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, > >>>> >> > TLS_RSA_WITH_AES_256_CBC_SHA256, > >>>> >> > TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, > >>>> >> > TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, > >>>> >> > TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS > >>>> >> > _WITH_AES_256_CBC_SHA256, > >>>> >> > TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, > >>>> >> > TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, > >>>> >> > TLS_RSA_WITH_AES_256_CBC_SHA, > >>>> >> > TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, > >>>> >> > TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, > >>>> >> > TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AE > >>>> >> > S_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, > >>>> >> > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, > >>>> >> > TLS_RSA_WITH_AES_128_CBC_SHA256, > >>>> >> > TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, > >>>> >> > TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, > >>>> >> > TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_ > >>>> >> > WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, > >>>> >> > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, > >>>> >> > TLS_RSA_WITH_AES_128_CBC_SHA, > >>>> >> > TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, > >>>> >> > TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, > >>>> >> > TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES > >>>> >> > _128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, > >>>> >> > TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, > >>>> >> > TLS_ECDH_ECDSA_WITH_RC4_128_SHA, > >>>> >> > TLS_ECDH_RSA_WITH_RC4_128_SHA, > >>>> >> > TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, > >>>> >> > TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_W > >>>> >> > ITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, > >>>> >> > TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, > >>>> >> > SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, > >>>> >> > SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, > >>>> >> > TLS_EMPTY_RENEGOTIATION_INFO_SCSV] > >>>> >> > Compression Methods: { 0 } > >>>> >> > Extension elliptic_curves, curve names: {secp256r1, sect163k1, > >>>> >> sect163r2, > >>>> >> > secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, > >>>> >> > sect283r1, > >>>> >> secp384r1, > >>>> >> > sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, > >>>> >> > secp160k1, > >>>> >> secp160r1, > >>>> >> > secp160r2, sect163r1, secp1 92k1, sect193r1, sect193r2, > >>>> >> > secp224k1, > >>>> >> sect239k1, > >>>> >> > secp256k1} Extension ec_point_formats, formats: [uncompressed] > >>>> >> > Extension signature_algorithms, signature_algorithms: > >>>> >> > SHA512withECDSA, SHA512withRSA, SHA384withECDSA, > >>>> >> > SHA384withRSA, SHA256withECDSA, SHA256withRSA, > >>>> >> > SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, > >>>> >> > SHA1withDSA, MD5withRSA > >>>> >> > *** > >>>> >> > [write] MD5 and SHA1 hashes: len = 221 > >>>> >> > 0000: 01 00 00 D9 03 03 54 49 66 8B B7 D1 2F 94 36 CA > >>>> >> ......TIf.../.6. > >>>> >> > 0010: 62 08 BF DE 7A F8 50 BE 35 58 80 82 7E 6C 64 52 > >>>> >> b...z.P.5X...ldR > >>>> >> > 0020: 64 C5 D5 1F 59 60 00 00 54 C0 24 C0 28 00 3D C0 > >>>> >> d...Y`..T.$.(.=. > >>>> >> > 0030: 26 C0 2A 00 6B 00 6A C0 0A C0 14 00 35 C0 05 C0 > >>>> >> &.*.k.j.....5... > >>>> >> > 0040: 0F 00 39 00 38 C0 23 C0 27 00 3C C0 25 C0 29 00 > >>>> >> ..9.8.#.'.<.%.). > >>>> >> > 0050: 67 00 40 C0 09 C0 13 00 2F C0 04 C0 0E 00 33 00 g.@ > >>>> >> ...../.....3. > >>>> >> > 0060: 32 C0 07 C0 11 00 05 C0 02 C0 0C C0 08 C0 12 00 > >>>> >> 2............... > >>>> >> > 0070: 0A C0 03 C0 0D 00 16 00 13 00 04 00 FF 01 00 00 > >>>> >> ................ > >>>> >> > 0080: 5C 00 0A 00 34 00 32 00 17 00 01 00 03 00 13 00 > >>>> >> \...4.2......... > >>>> >> > 0090: 15 00 06 00 07 00 09 00 0A 00 18 00 0B 00 0C 00 > >>>> >> ................ > >>>> >> > 00A0: 19 00 0D 00 0E 00 0F 00 10 00 11 00 02 00 12 00 > >>>> >> ................ > >>>> >> > 00B0: 04 00 05 00 14 00 08 00 16 00 0B 00 02 01 00 00 > >>>> >> ................ > >>>> >> > 00C0: 0D 00 1A 00 18 06 03 06 01 05 03 05 01 04 03 04 > >>>> >> ................ > >>>> >> > 00D0: 01 03 03 03 01 02 03 02 01 02 02 01 01 > >>>> ............. > >>>> >> > [ACTIVE] ExecuteThread: '0' for queue: > >>>> >> > 'weblogic.kernel.Default > >>>> >> (self-tuning)', > >>>> >> > WRITE: TLSv1.2 Handshake, length = 221 [write] MD5 and SHA1 > hashes: > >>>> >> len = > >>>> >> > 188 > >>>> >> > 0000: 01 03 03 00 93 00 00 00 20 00 C0 24 00 C0 28 00 ........ > >>>> >> ..$..(. > >>>> >> > 0010: 00 3D 00 C0 26 00 C0 2A 00 00 6B 00 00 6A 00 C0 > >>>> >> .=..&..*..k..j.. > >>>> >> > 0020: 0A 07 00 C0 00 C0 14 00 00 35 00 C0 05 00 C0 0F > >>>> >> .........5...... > >>>> >> > 0030: 00 00 39 00 00 38 00 C0 23 00 C0 27 00 00 3C 00 > >>>> >> ..9..8..#..'..<. > >>>> >> > 0040: C0 25 00 C0 29 00 00 67 00 00 40 00 C0 09 06 00 > >>>> .%..)..g..@ > >>>> >> ..... > >>>> >> > 0050: 40 00 C0 13 00 00 2F 00 C0 04 01 00 80 00 C0 0E > >>>> >> @...../......... > >>>> >> > 0060: 00 00 33 00 00 32 00 C0 07 05 00 80 00 C0 11 00 > >>>> >> ..3..2.......... > >>>> >> > 0070: 00 05 00 C0 02 00 C0 0C 00 C0 08 00 C0 12 00 00 > >>>> >> ................ > >>>> >> > 0080: 0A 07 00 C0 00 C0 03 02 00 80 00 C0 0D 00 00 16 > >>>> >> ................ > >>>> >> > 0090: 00 00 13 00 00 04 01 00 80 00 00 FF 54 49 66 8B > >>>> >> ............TIf. > >>>> >> > 00A0: B7 D1 2F 94 36 CA 62 08 BF DE 7A F8 50 BE 35 58 > >>>> >> ../.6.b...z.P.5X > >>>> >> > 00B0: 80 82 7E 6C 64 52 64 C5 D5 1F 59 60 > >>>> ...ldRd...Y` > >>>> >> > [ACTIVE] ExecuteThread: '0' for queue: > >>>> >> > 'weblogic.kernel.Default > >>>> >> (self-tuning)', > >>>> >> > WRITE: SSLv2 client hello message, length = 188 [Raw write]: > >>>> >> > length = > >>>> >> 190 > >>>> >> > 0000: 80 BC 01 03 03 00 93 00 00 00 20 00 C0 24 00 C0 > .......... > >>>> >> ..$.. > >>>> >> > 0010: 28 00 00 3D 00 C0 26 00 C0 2A 00 00 6B 00 00 6A > >>>> >> (..=..&..*..k..j > >>>> >> > 0020: 00 C0 0A 07 00 C0 00 C0 14 00 00 35 00 C0 05 00 > >>>> >> ...........5.... > >>>> >> > 0030: C0 0F 00 00 39 00 00 38 00 C0 23 00 C0 27 00 00 > >>>> >> ....9..8..#..'.. > >>>> >> > 0040: 3C 00 C0 25 00 C0 29 00 00 67 00 00 40 00 C0 09 > >>>> <..%..)..g..@ > >>>> >> ... > >>>> >> > 0050: 06 00 40 00 C0 13 00 00 2F 00 C0 04 01 00 80 00 > >>>> >> ..@...../....... > >>>> >> > 0060: C0 0E 00 00 33 00 00 32 00 C0 07 05 00 80 00 C0 > >>>> >> ....3..2........ > >>>> >> > 0070: 11 00 00 05 00 C0 02 00 C0 0C 00 C0 08 00 C0 12 > >>>> >> ................ > >>>> >> > 0080: 00 00 0A 07 00 C0 00 C0 03 02 00 80 00 C0 0D 00 > >>>> >> ................ > >>>> >> > 0090: 00 16 00 00 13 00 00 04 01 00 80 00 00 FF 54 49 > >>>> >> ..............TI > >>>> >> > 00A0: 66 8B B7 D1 2F 94 36 CA 62 08 BF DE 7A F8 50 BE > >>>> >> f.../.6.b...z.P. > >>>> >> > 00B0: 35 58 80 82 7E 6C 64 52 64 C5 D5 1F 59 60 > >>>> 5X...ldRd...Y` > >>>> >> > <Oct 23, 2014 4:35:23 PM EDT> <Debug> <SecuritySSL> > >>>> >> > <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: '0' for queue: > >>>> >> 'weblogic.kernel.Default (self- > >>>> >> > tuning)',5,Pooled Threads]]weblogic.security.SSL.jsseadapter: > >>>> SSLENGINE: > >>>> >> > SSLEngine.wrap(ByteBuffer,ByteBuffer) > >>>> >> > called: result=Status = OK HandshakeStatus = NEED_UNWRAP > >>>> >> > bytesConsumed = > >>>> >> > 0 bytesProduced = 190.> <Oct 23, 2014 4:35:23 PM EDT> <Debug> > >>>> >> > <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: > >>>> >> > '0' for > >>>> >> queue: > >>>> >> > 'weblogic.kernel.Default (self-tuning)',5,Pooled > >>>> >> > Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE: > >>>> >> > SSLEngine.unwrap(ByteBuffer,ByteBuffer > >>>> >> > []) called: result=Status = BUFFER_UNDERFLOW HandshakeStatus = > >>>> >> > NEED_UNWRAP bytesConsumed = 0 bytesProduced = 0.> [Raw read]: > >>>> length = 5 > >>>> >> > 0000: 15 03 03 00 02 ..... > >>>> >> > [Raw read]: length = 2 > >>>> >> > 0000: 02 28 .( > >>>> >> > [ACTIVE] ExecuteThread: '0' for queue: > >>>> >> > 'weblogic.kernel.Default > >>>> >> (self-tuning)', > >>>> >> > READ: TLSv1.2 Alert, length = 2 [ACTIVE] ExecuteThread: '0' > >>>> >> > for > >>>> queue: > >>>> >> > 'weblogic.kernel.Default (self-tuning)', RECV TLSv1 ALERT: > >>>> >> > fatal, handshake_failure [ACTIVE] ExecuteThread: '0' for queue: > >>>> >> > 'weblogic.kernel.Default (self-tuning)', fatal: engine already > >>>> closed. > >>>> >> > Rethrowing javax.net.ssl.SSLException: Received fatal alert: > >>>> >> handshake_failure > >>>> >> > [ACTIVE] ExecuteThread: '0' for queue: > >>>> >> > 'weblogic.kernel.Default > >>>> >> (self-tuning)', > >>>> >> > fatal: engine already closed. Rethrowing > >>>> javax.net.ssl.SSLException: > >>>> >> Received > >>>> >> > fatal alert: handshake_failure <Oct 23, 2014 4:35:23 PM EDT> > >>>> >> > <Debug> <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE] > ExecuteThread: > >>>> >> > '0' for > >>>> >> queue: > >>>> >> > 'weblogic.kernel.Default (self-tuning)',5,Pooled > >>>> >> > Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE: > >>>> >> > Exception > >>>> >> occurred > >>>> >> > during SSLEngine.un wrap(ByteBuffer,ByteBuffer[]). > >>>> >> > javax.net.ssl.SSLException: Received fatal alert: > handshake_failure > >>>> >> > at > sun.security.ssl.Alerts.getSSLException(Alerts.java:208) > >>>> >> > at > >>>> sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1619) > >>>> >> > at > >>>> sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1587) > >>>> >> > at > >>>> >> sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1756 > >>>> >> ) > >>>> >> > at > >>>> >> sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:106 > >>>> >> 0) > >>>> >> > at > >>>> >> sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java: > >>>> >> 884) > >>>> >> > at > >>>> sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758) > >>>> >> > at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:664) > >>>> >> > at > >>>> >> > > >>>> >> > weblogic.security.SSL.jsseadapter.JaSSLEngine$5.run(JaSSLEngine.java: > >>>> >> 134) > >>>> >> > at > >>>> >> > > >>>> >> weblogic.security.SSL.jsseadapter.JaSSLEngine.doAction(JaSSLEngi > >>>> >> ne.ja > >>>> >> va:732) > >>>> >> > at > >>>> >> > > >>>> >> weblogic.security.SSL.jsseadapter.JaSSLEngine.unwrap(JaSSLEngine > >>>> >> .java > >>>> >> :132) > >>>> >> > at > >>>> >> weblogic.socket.JSSEFilterImpl.unwrap(JSSEFilterImpl.java:505) > >>>> >> > at > >>>> >> > > >>>> >> > weblogic.socket.JSSEFilterImpl.unwrapAndHandleResults(JSSEFilterImpl. > >>>> >> java:44 > >>>> >> > 8) > >>>> >> > at > >>>> >> weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:8 > >>>> >> 0) > >>>> >> > at > >>>> >> weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:6 > >>>> >> 4) > >>>> >> > at > >>>> >> weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:5 > >>>> >> 9) > >>>> >> > at > >>>> weblogic.socket.JSSEFilterImpl.write(JSSEFilterImpl.java:390) > >>>> >> > at > >>>> >> > > >>>> weblogic.socket.JSSESocket$JSSEOutputStream.write(JSSESocket.java:8 > >>>> 9) > >>>> >> > at > >>>> >> > > >>>> java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java: > >>>> 82) > >>>> >> > at > >>>> >> java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140 > >>>> >> ) > >>>> >> > at > >>>> java.io.FilterOutputStream.flush(FilterOutputStream.java:140) > >>>> >> > at > >>>> >> > > >>>> >> weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnect > >>>> >> ion.j > >>>> >> ava:1 > >>>> >> > 86) > >>>> >> > at > >>>> >> > > >>>> >> weblogic.net.http.HttpURLConnection.getOutputStream(HttpURLConne > >>>> >> ction > >>>> >> .jav > >>>> >> > a:280) > >>>> >> > at > >>>> >> > org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConn > >>>> >> > ectio > >>>> >> > nWra > >>>> >> > ppedOutputStream.setupWrappedStream(URLConnectionHTTPConduit.j > >>>> >> > ava:1 > >>>> >> > 68 > >>>> >> > ) > >>>> >> > at > >>>> >> > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream. > >>>> >> > handl > >>>> >> > eHea > >>>> >> > dersTrustCaching(HTTPConduit.java:1278) > >>>> >> > at > >>>> >> > > >>>> >> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.on > >>>> >> First > >>>> >> Writ > >>>> >> > e(HTTPConduit.java:1234) > >>>> >> > at > >>>> >> > org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConn > >>>> >> > ectio > >>>> >> > nWra > >>>> >> > ppedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:195) > >>>> >> > at > >>>> >> > org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWr > >>>> >> > apped > >>>> >> > Outpu > >>>> >> > tStream.java:47) > >>>> >> > at > >>>> >> > > >>>> >> org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractTh > >>>> >> resho > >>>> >> ldOutp > >>>> >> > utStream.java:69) > >>>> >> > at > >>>> >> > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream. > >>>> >> > close > >>>> >> > (HTTP > >>>> >> > Conduit.java:1291) > >>>> >> > at > >>>> >> org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.j > >>>> >> ava:5 > >>>> >> 6) > >>>> >> > at > >>>> >> org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java > >>>> >> :623) > >>>> >> > at > >>>> >> > org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSen > >>>> >> > derEn > >>>> >> > dingI > >>>> >> > nterceptor.handleMessage(MessageSenderInterceptor.java:62) > >>>> >> > at > >>>> >> > > >>>> >> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInte > >>>> >> rcept > >>>> >> orChai > >>>> >> > n.java:271) > >>>> >> > at > >>>> >> org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:541) > >>>> >> > at > >>>> >> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:474) > >>>> >> > at > >>>> >> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:377) > >>>> >> > at > >>>> >> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:330) > >>>> >> > at > >>>> >> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java: > >>>> >> 96) > >>>> >> > at > >>>> >> > > >>>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java: > >>>> 134) > >>>> >> > at com.sun.proxy.$Proxy258.startTransaction(Unknown > Source) > >>>> >> > at > >>>> >> > > >>>> >> com.optimal.identity.gateway.equifax.eidverify.VerifyClient.init > >>>> >> iateV > >>>> >> erification( > >>>> >> > VerifyClient.java:87) > >>>> >> > at > >>>> >> > > >>>> >> com.optimal.identity.gateway.equifax.eidverify.VerifyGateway.sub > >>>> >> mitIn > >>>> >> itial(Ve > >>>> >> > rifyGateway.java:24) > >>>> >> > at > >>>> >> > > >>>> >> com.optimal.identity.service.IdentificationServiceImpl.submitIni > >>>> >> tial( > >>>> >> Identificatio > >>>> >> > nServiceImpl.java:147) > >>>> >> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > >>>> Method) > >>>> >> > at > >>>> >> > > >>>> >> > >>>> > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java: > >>>> >> > 57) > >>>> >> > at > >>>> >> > > >>>> >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethod > >>>> >> Acces > >>>> >> sorI > >>>> >> > mpl.java:43) > >>>> >> > at java.lang.reflect.Method.invoke(Method.java:606) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.aop.support.AopUtils.invokeJoinpointUsingRef > >>>> >> lecti > >>>> >> on(Aop > >>>> >> > Utils.java:317) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.aop.framework.ReflectiveMethodInvocation.inv > >>>> >> okeJo > >>>> >> inpo > >>>> >> > int(ReflectiveMethodInvocation.java:183) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.aop.framework.ReflectiveMethodInvocation.pro > >>>> >> ceed( > >>>> >> Refl > >>>> >> > ectiveMethodInvocation.java:150) > >>>> >> > at > >>>> >> > > >>>> >> > >>>> org.springframework.transaction.interceptor.TransactionInterceptor. > >>>> in > >>>> >> voke(Tra > >>>> >> > nsactionInterceptor.java:110) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.aop.framework.ReflectiveMethodInvocation.pro > >>>> >> ceed( > >>>> >> Refl > >>>> >> > ectiveMethodInvocation.java:172) > >>>> >> > at > >>>> >> > org.springframework.aop.framework.JdkDynamicAopProxy.invoke(Jd > >>>> >> > kDyna > >>>> >> > mic > >>>> >> > AopProxy.java:204) > >>>> >> > at com.sun.proxy.$Proxy211.submitInitial(Unknown Source) > >>>> >> > at > >>>> >> > > >>>> >> com.optimal.identity.web.rest.IdentificationController.create(Id > >>>> >> entif > >>>> >> icationCont > >>>> >> > roller.java:133) > >>>> >> > at > >>>> >> > > >>>> >> com.optimal.identity.web.rest.IdentificationController$$FastClas > >>>> >> sByCG > >>>> >> LIB$$95f > >>>> >> > 388d3.invoke(<generated>) > >>>> >> > at > >>>> >> > > >>>> org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java > >>>> :204) > >>>> >> > at > >>>> >> > org.springframework.aop.framework.CglibAopProxy$CglibMethodInv > >>>> >> > ocati > >>>> >> > on.in > >>>> >> > vokeJoinpoint(CglibAopProxy.java:698) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.aop.framework.ReflectiveMethodInvocation.pro > >>>> >> ceed( > >>>> >> Refl > >>>> >> > ectiveMethodInvocation.java:150) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.security.access.intercept.aopalliance.Method > >>>> >> Secur > >>>> >> ityInter > >>>> >> > ceptor.invoke(MethodSecurityInterceptor.java:64) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.aop.framework.ReflectiveMethodInvocation.pro > >>>> >> ceed( > >>>> >> Refl > >>>> >> > ectiveMethodInvocation.java:172) > >>>> >> > at > >>>> >> > org.springframework.aop.framework.CglibAopProxy$DynamicAdvised > >>>> >> > Inter > >>>> >> > cept > >>>> >> > or.intercept(CglibAopProxy.java:631) > >>>> >> > at > >>>> >> > > >>>> >> com.optimal.identity.web.rest.IdentificationController$$Enhancer > >>>> >> ByCGL > >>>> >> IB$$36 > >>>> >> > b7b48f.create(<generated>) > >>>> >> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > >>>> Method) > >>>> >> > at > >>>> >> > > >>>> >> > >>>> > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java: > >>>> >> > 57) > >>>> >> > at > >>>> >> > > >>>> >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethod > >>>> >> Acces > >>>> >> sorI > >>>> >> > mpl.java:43) > >>>> >> > at java.lang.reflect.Method.invoke(Method.java:606) > >>>> >> > at > >>>> >> > org.springframework.web.method.support.InvocableHandlerMethod. > >>>> >> > invok > >>>> >> > e(Inv > >>>> >> > ocableHandlerMethod.java:219) > >>>> >> > at > >>>> >> > org.springframework.web.method.support.InvocableHandlerMethod. > >>>> >> > invok > >>>> >> > eFor > >>>> >> > Request(InvocableHandlerMethod.java:132) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.web.servlet.mvc.method.annotation.ServletInv > >>>> >> ocabl > >>>> >> eHan > >>>> >> > > dlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:104) > >>>> >> > at > >>>> >> > org.springframework.web.servlet.mvc.method.annotation.RequestM > >>>> >> > appin > >>>> >> > gHan > >>>> >> > > >>>> dlerAdapter.invokeHandleMethod(RequestMappingHandlerAdapter.java:74 > >>>> 5) > >>>> >> > at > >>>> >> > org.springframework.web.servlet.mvc.method.annotation.RequestM > >>>> >> > appin > >>>> >> > gHan > >>>> >> > dlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:686) > >>>> >> > at > >>>> >> > > >>>> > org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter. > >>>> >> > handle(AbstractHandlerMethodAdapter.java:80) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.web.servlet.DispatcherServlet.doDispatch(Dis > >>>> >> patch > >>>> >> erServl > >>>> >> > et.java:925) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.web.servlet.DispatcherServlet.doService(Disp > >>>> >> atche > >>>> >> rServle > >>>> >> > t.java:856) > >>>> >> > at > >>>> >> > org.springframework.web.servlet.FrameworkServlet.processReques > >>>> >> > t(Fra > >>>> >> > mewor > >>>> >> > kServlet.java:920) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.web.servlet.FrameworkServlet.doPost(Framewor > >>>> >> kServ > >>>> >> let.j > >>>> >> > ava:827) > >>>> >> > at > >>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:727) > >>>> >> > at > >>>> >> > > >>>> >> > >>>> > org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet. > >>>> >> > java:801) > >>>> >> > at > >>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:820) > >>>> >> > at > >>>> >> > > >>>> >> weblogic.servlet.internal.StubSecurityHelper$ServletServiceActio > >>>> >> n.run > >>>> >> (StubSecu > >>>> >> > rityHelper.java:227) > >>>> >> > at > >>>> >> > > >>>> >> weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubS > >>>> >> ecuri > >>>> >> tyHelper.j > >>>> >> > ava:125) > >>>> >> > at > >>>> >> > > >>>> >> weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImp > >>>> >> l.jav > >>>> >> a:301) > >>>> >> > at > >>>> >> weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26 > >>>> >> ) > >>>> >> > at > >>>> >> > > >>>> >> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainIm > >>>> >> pl.ja > >>>> >> va:56) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.web.filter.ShallowEtagHeaderFilter.doFilterI > >>>> >> ntern > >>>> >> al(Shallo > >>>> >> > wEtagHeaderFilter.java:73) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.web.filter.OncePerRequestFilter.doFilter(Onc > >>>> >> ePerR > >>>> >> equest > >>>> >> > Filter.java:107) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.web.filter.DelegatingFilterProxy.invokeDeleg > >>>> >> ate(D > >>>> >> elegati > >>>> >> > ngFilterProxy.java:346) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.web.filter.DelegatingFilterProxy.doFilter(De > >>>> >> legat > >>>> >> ingFilter > >>>> >> > Proxy.java:259) > >>>> >> > at > >>>> >> > > >>>> >> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainIm > >>>> >> pl.ja > >>>> >> va:56) > >>>> >> > at > >>>> >> > > >>>> >> > org.springframework.security.web.FilterChainProxy$VirtualFilterChain. > >>>> >> doFilter( > >>>> >> > FilterChainProxy.java:330) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.security.web.access.intercept.FilterSecurity > >>>> >> Inter > >>>> >> ceptor.inv > >>>> >> > oke(FilterSecurityInterceptor.java:118) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.security.web.access.intercept.FilterSecurity > >>>> >> Inter > >>>> >> ceptor.do > >>>> >> > Filter(FilterSecurityInterceptor.java:84) > >>>> >> > at > >>>> >> > > >>>> >> > org.springframework.security.web.FilterChainProxy$VirtualFilterChain. > >>>> >> doFilter( > >>>> >> > FilterChainProxy.java:342) > >>>> >> > at > >>>> >> > > >>>> >> > >>>> org.springframework.security.web.access.ExceptionTranslationFilter. > >>>> do > >>>> >> Filter(Ex > >>>> >> > ceptionTranslationFilter.java:113) > >>>> >> > at > >>>> >> > > >>>> >> > org.springframework.security.web.FilterChainProxy$VirtualFilterChain. > >>>> >> doFilter( > >>>> >> > FilterChainProxy.java:342) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.security.web.authentication.AnonymousAuthent > >>>> >> icati > >>>> >> onFilt > >>>> >> > er.doFilter(AnonymousAuthenticationFilter.java:113) > >>>> >> > at > >>>> >> > > >>>> >> > org.springframework.security.web.FilterChainProxy$VirtualFilterChain. > >>>> >> doFilter( > >>>> >> > FilterChainProxy.java:342) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.security.web.servletapi.SecurityContextHolde > >>>> >> rAwar > >>>> >> eRequ > >>>> >> > > estFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54) > >>>> >> > at > >>>> >> > > >>>> >> > org.springframework.security.web.FilterChainProxy$VirtualFilterChain. > >>>> >> doFilter( > >>>> >> > FilterChainProxy.java:342) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.security.web.authentication.www.BasicAuthent > >>>> >> icati > >>>> >> onFilt > >>>> >> > er.doFilter(BasicAuthenticationFilter.java:201) > >>>> >> > at > >>>> >> > > >>>> >> > org.springframework.security.web.FilterChainProxy$VirtualFilterChain. > >>>> >> doFilter( > >>>> >> > FilterChainProxy.java:342) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.security.web.context.SecurityContextPersiste > >>>> >> nceFi > >>>> >> lter.doF > >>>> >> > ilter(SecurityContextPersistenceFilter.java:87) > >>>> >> > at > >>>> >> > > >>>> >> > org.springframework.security.web.FilterChainProxy$VirtualFilterChain. > >>>> >> doFilter( > >>>> >> > FilterChainProxy.java:342) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.security.web.FilterChainProxy.doFilterIntern > >>>> >> al(Fi > >>>> >> lterChain > >>>> >> > Proxy.java:192) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.security.web.FilterChainProxy.doFilter(Filte > >>>> >> rChai > >>>> >> nProxy.ja > >>>> >> > va:160) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.web.filter.DelegatingFilterProxy.invokeDeleg > >>>> >> ate(D > >>>> >> elegati > >>>> >> > ngFilterProxy.java:346) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.web.filter.DelegatingFilterProxy.doFilter(De > >>>> >> legat > >>>> >> ingFilter > >>>> >> > Proxy.java:259) > >>>> >> > at > >>>> >> > > >>>> >> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainIm > >>>> >> pl.ja > >>>> >> va:56) > >>>> >> > at > >>>> >> > > >>>> >> com.optimal.rest.loggerfilter.LoggerFilter.doFilterInternal(Logg > >>>> >> erFil > >>>> >> ter.java:16 > >>>> >> > 9) > >>>> >> > at > >>>> >> > > >>>> >> com.optimal.rest.loggerfilter.LoggerFilter.doFilter(LoggerFilter > >>>> >> .java > >>>> >> :123) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.web.filter.DelegatingFilterProxy.invokeDeleg > >>>> >> ate(D > >>>> >> elegati > >>>> >> > ngFilterProxy.java:346) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.web.filter.DelegatingFilterProxy.doFilter(De > >>>> >> legat > >>>> >> ingFilter > >>>> >> > Proxy.java:259) > >>>> >> > at > >>>> >> > > >>>> >> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainIm > >>>> >> pl.ja > >>>> >> va:56) > >>>> >> > at > >>>> >> > > >>>> >> com.optimal.web.spring.filter.ApplicationUidFilter.doFilterInter > >>>> >> nal(A > >>>> >> pplicationU > >>>> >> > idFilter.java:51) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.web.filter.OncePerRequestFilter.doFilter(Onc > >>>> >> ePerR > >>>> >> equest > >>>> >> > Filter.java:107) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.web.filter.DelegatingFilterProxy.invokeDeleg > >>>> >> ate(D > >>>> >> elegati > >>>> >> > ngFilterProxy.java:346) > >>>> >> > at > >>>> >> > > >>>> >> org.springframework.web.filter.DelegatingFilterProxy.doFilter(De > >>>> >> legat > >>>> >> ingFilter > >>>> >> > Proxy.java:259) > >>>> >> > at > >>>> >> > > >>>> >> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainIm > >>>> >> pl.ja > >>>> >> va:56) > >>>> >> > at > >>>> >> > > >>>> >> weblogic.servlet.internal.WebAppServletContext$ServletInvocation > >>>> >> Actio > >>>> >> n.wrap > >>>> >> > Run(WebAppServletContext.java:3730) > >>>> >> > at > >>>> >> > > >>>> >> weblogic.servlet.internal.WebAppServletContext$ServletInvocation > >>>> >> Actio > >>>> >> n.run( > >>>> >> > WebAppServletContext.java:3696) > >>>> >> > at > >>>> >> > > >>>> >> weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authent > >>>> >> icate > >>>> >> dSubject.j > >>>> >> > ava:321) > >>>> >> > at > >>>> >> > > >>>> >> > weblogic.security.service.SecurityManager.runAs(SecurityManager.java: > >>>> >> 120) > >>>> >> > at > >>>> >> > > >>>> >> weblogic.servlet.internal.WebAppServletContext.securedExecute(We > >>>> >> bAppS > >>>> >> ervl > >>>> >> > etContext.java:2273) > >>>> >> > at > >>>> >> > > >>>> >> weblogic.servlet.internal.WebAppServletContext.execute(WebAppSer > >>>> >> vletC > >>>> >> onte > >>>> >> > xt.java:2179) > >>>> >> > at > >>>> >> > > >>>> >> weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestI > >>>> >> mpl.j > >>>> >> ava:1490 > >>>> >> > ) > >>>> >> > at > >>>> weblogic.work.ExecuteThread.execute(ExecuteThread.java:256) > >>>> >> > at > >>>> >> > weblogic.work.ExecuteThread.run(ExecuteThread.java:221) > >>>> >> > > > >>>> >> > AVIS IMPORTANT > >>>> >> > > >>>> >> > WARNING > >>>> >> > > >>>> >> > > >>>> >> > Ce message ?lectronique et ses pi?ces jointes peuvent contenir > >>>> >> > des renseignements confidentiels, exclusifs ou l?galement > >>>> >> > privil?gi?s > >>>> >> destin?s au > >>>> >> > seul usage du destinataire vis?. L'exp?diteur original ne > renonce ? > >>>> >> aucun > >>>> >> > privil?ge ou ? aucun autre droit si le pr?sent message a ?t? > >>>> >> > transmis involontairement ou s'il est retransmis sans son > >>>> >> > autorisation. Si vous > >>>> >> n'?tes pas > >>>> >> > le destinataire vis? du pr?sent message ou si vous l'avez re?u > >>>> >> > par > >>>> >> erreur, > >>>> >> > veuillez cesser imm?diatement de le lire et le supprimer, > >>>> >> > ainsi que > >>>> >> toutes ses > >>>> >> > pi?ces jointes, de votre syst?me. La lecture, la distribution, > >>>> >> > la copie > >>>> >> ou tout > >>>> >> > autre usage du pr?sent message ou de ses pi?ces jointes par > >>>> >> > des > >>>> >> personnes > >>>> >> > autres que le destinataire vis? ne sont pas autoris?s et > >>>> >> > pourraient > >>>> >> ?tre ill?gaux. > >>>> >> > Si vous avez re?u ce courrier ?lectronique par erreur, > >>>> >> > veuillez en > >>>> >> aviser > >>>> >> > l'exp?diteur. > >>>> >> > > >>>> >> > > >>>> >> > This electronic message and its attachments may contain > >>>> >> > confidential, proprietary or legally privileged information, > >>>> >> > which is solely for the > >>>> >> use of the > >>>> >> > intended recipient. No privilege or other rights are waived by > >>>> >> > any > >>>> >> unintended > >>>> >> > transmission or unauthorized retransmission of this message. > >>>> >> > If you are > >>>> >> not the > >>>> >> > intended recipient of this message, or if you have received it > >>>> >> > in > >>>> >> error, you > >>>> >> > should immediately stop reading this message and delete it and > >>>> >> > all attachments from your system. The reading, distribution, > >>>> >> > copying or > >>>> >> other use > >>>> >> > of this message or its attachments by unintended recipients is > >>>> >> unauthorized and > >>>> >> > may be unlawful. If you have received this e-mail in error, > >>>> >> > please > >>>> >> notify the > >>>> >> > sender. > >>>> >> > > >>>> >> > -- > >>>> >> > WARNING > >>>> >> > ------- > >>>> >> > This electronic message and its attachments may contain > >>>> >> > confidential, proprietary or legally privileged information, > >>>> >> > which is solely for the > >>>> >> use of the > >>>> >> > intended recipient. No privilege or other rights are waived > >>>> >> > by any > >>>> >> unintended > >>>> >> > transmission or unauthorized retransmission of this message. > >>>> >> > If you > >>>> >> are not the > >>>> >> > intended recipient of this message, or if you have received it > >>>> >> > in > >>>> >> error, you > >>>> >> > should immediately stop reading this message and delete it and > >>>> >> > all attachments from your system. The reading, distribution, > >>>> >> > copying or > >>>> >> other use > >>>> >> > of this message or its attachments by unintended recipients is > >>>> >> unauthorized and > >>>> >> > may be unlawful. If you have received this e-mail in error, > >>>> >> > please > >>>> >> notify the > >>>> >> > sender. > >>>> >> > > >>>> >> > AVIS IMPORTANT > >>>> >> > -------------- > >>>> >> > Ce message electronique et ses pieces jointes peuvent contenir > >>>> >> > des renseignements confidentiels, exclusifs ou legalement > >>>> >> > privilegies > >>>> >> destines au > >>>> >> > seul usage du destinataire vise. L'expediteur original ne > >>>> >> > renonce a > >>>> >> aucun > >>>> >> > privilege ou a aucun autre droit si le present message a ete > >>>> >> > transmis involontairement ou s'il est retransmis sans son > >>>> >> > autorisation. Si vous > >>>> >> n'etes pas > >>>> >> > le destinataire vise du present message ou si vous l'avez recu > >>>> >> > par > >>>> >> erreur, > >>>> >> > veuillez cesser immediatement de le lire et le supprimer, > >>>> >> > ainsi que > >>>> >> toutes ses > >>>> >> > pieces jointes, de votre systeme. La lecture, la > >>>> >> > distribution, la > >>>> >> copie ou tout > >>>> >> > autre usage du present message ou de ses pieces jointes par > >>>> >> > des > >>>> >> personnes > >>>> >> > autres que le destinataire vise ne sont pas autorises et > >>>> >> > pourraient > >>>> >> etre illegaux. > >>>> >> > Si vous avez recu ce courrier electronique par erreur, > >>>> >> > veuillez en > >>>> >> aviser > >>>> >> > l'expediteur. > >>>> >> > > >>>> >> > > >>>> >> > -- > >>>> >> > WARNING > >>>> >> > ------- > >>>> >> > This electronic message and its attachments may contain > >>>> >> > confidential, proprietary or legally privileged information, > >>>> >> > which is solely for the > >>>> >> use of the > >>>> >> > intended recipient. No privilege or other rights are waived > >>>> >> > by any > >>>> >> unintended > >>>> >> > transmission or unauthorized retransmission of this message. > >>>> >> > If you > >>>> >> are not the > >>>> >> > intended recipient of this message, or if you have received it > >>>> >> > in > >>>> >> error, you > >>>> >> > should immediately stop reading this message and delete it and > >>>> >> > all attachments from your system. The reading, distribution, > >>>> >> > copying or > >>>> >> other use > >>>> >> > of this message or its attachments by unintended recipients is > >>>> >> unauthorized and > >>>> >> > may be unlawful. If you have received this e-mail in error, > >>>> >> > please > >>>> >> notify the > >>>> >> > sender. > >>>> >> > > >>>> >> > AVIS IMPORTANT > >>>> >> > -------------- > >>>> >> > Ce message ?lectronique et ses pi?ces jointes peuvent contenir > >>>> >> > des renseignements confidentiels, exclusifs ou l?galement > >>>> >> > privil?gi?s > >>>> >> destin?s au > >>>> >> > seul usage du destinataire vis?. L'exp?diteur original ne > >>>> >> > renonce > >>>> ? > >>>> >> aucun > >>>> >> > privil?ge ou ? aucun autre droit si le pr?sent message a ?t? > >>>> >> > transmis involontairement ou s'il est retransmis sans son > >>>> >> > autorisation. Si vous > >>>> >> n'?tes pas > >>>> >> > le destinataire vis? du pr?sent message ou si vous l'avez re?u > >>>> >> > par > >>>> >> erreur, > >>>> >> > veuillez cesser imm?diatement de le lire et le supprimer, > >>>> >> > ainsi que > >>>> >> toutes ses > >>>> >> > pi?ces jointes, de votre syst?me. La lecture, la > >>>> >> > distribution, la > >>>> >> copie ou tout > >>>> >> > autre usage du pr?sent message ou de ses pi?ces jointes par > >>>> >> > des > >>>> >> personnes > >>>> >> > autres que le destinataire vis? ne sont pas autoris?s et > >>>> >> > pourraient > >>>> >> ?tre ill?gaux. > >>>> >> > Si vous avez re?u ce courrier ?lectronique par erreur, > >>>> >> > veuillez en > >>>> >> aviser > >>>> >> > l'exp?diteur. > >>>> >> > > >>>> >> > -- > >>>> >> > WARNING > >>>> >> > ------- > >>>> >> > This electronic message and its attachments may contain > >>>> >> > confidential, proprietary or legally privileged information, > >>>> >> > which is solely for the > >>>> >> use of the > >>>> >> > intended recipient. No privilege or other rights are waived > >>>> >> > by any > >>>> >> unintended > >>>> >> > transmission or unauthorized retransmission of this message. > >>>> >> > If you > >>>> >> are not the > >>>> >> > intended recipient of this message, or if you have received it > >>>> >> > in > >>>> >> error, you > >>>> >> > should immediately stop reading this message and delete it and > >>>> >> > all attachments from your system. The reading, distribution, > >>>> >> > copying or > >>>> >> other use > >>>> >> > of this message or its attachments by unintended recipients is > >>>> >> unauthorized and > >>>> >> > may be unlawful. If you have received this e-mail in error, > >>>> >> > please > >>>> >> notify the > >>>> >> > sender. > >>>> >> > > >>>> >> > AVIS IMPORTANT > >>>> >> > -------------- > >>>> >> > Ce message electronique et ses pieces jointes peuvent contenir > >>>> >> > des renseignements confidentiels, exclusifs ou legalement > >>>> >> > privilegies > >>>> >> destines au > >>>> >> > seul usage du destinataire vise. L'expediteur original ne > >>>> >> > renonce a > >>>> >> aucun > >>>> >> > privilege ou a aucun autre droit si le present message a ete > >>>> >> > transmis involontairement ou s'il est retransmis sans son > >>>> >> > autorisation. Si vous > >>>> >> n'etes pas > >>>> >> > le destinataire vise du present message ou si vous l'avez recu > >>>> >> > par > >>>> >> erreur, > >>>> >> > veuillez cesser immediatement de le lire et le supprimer, > >>>> >> > ainsi que > >>>> >> toutes ses > >>>> >> > pieces jointes, de votre systeme. La lecture, la > >>>> >> > distribution, la > >>>> >> copie ou tout > >>>> >> > autre usage du present message ou de ses pieces jointes par > >>>> >> > des > >>>> >> personnes > >>>> >> > autres que le destinataire vise ne sont pas autorises et > >>>> >> > pourraient > >>>> >> etre illegaux. > >>>> >> > Si vous avez recu ce courrier electronique par erreur, > >>>> >> > veuillez en > >>>> >> aviser > >>>> >> > l'expediteur. > >>>> >> > >>>> >> > >>>> > >>>> -- > >>>> WARNING > >>>> ------- > >>>> This electronic message and its attachments may contain > >>>> confidential, proprietary or legally privileged information, which > >>>> is solely for the use of the intended recipient. No privilege or > >>>> other rights are waived by any unintended transmission or > >>>> unauthorized retransmission of this message. If you are not the > >>>> intended recipient of this message, or if you have received it in > >>>> error, you should immediately stop reading this message and delete > >>>> it and all attachments from your system. The reading, > >>>> distribution, copying or other use of this message or its > >>>> attachments by unintended recipients is unauthorized and may be > unlawful. If you have received this e-mail in error, please notify the > sender. > >>>> > >>>> AVIS IMPORTANT > >>>> -------------- > >>>> Ce message électronique et ses pièces jointes peuvent contenir des > >>>> renseignements confidentiels, exclusifs ou légalement privilégiés > >>>> destinés au seul usage du destinataire visé. L’expéditeur original > >>>> ne renonce à aucun privilège ou à aucun autre droit si le présent > >>>> message a été transmis involontairement ou s’il est retransmis sans > >>>> son autorisation. Si vous n’êtes pas le destinataire visé du > >>>> présent message ou si vous l’avez reçu par erreur, veuillez cesser > >>>> immédiatement de le lire et le supprimer, ainsi que toutes ses > >>>> pièces jointes, de votre système. La lecture, la distribution, la > >>>> copie ou tout autre usage du présent message ou de ses pièces > >>>> jointes par des personnes autres que le destinataire visé ne sont > >>>> pas autorisés et pourraient être illégaux. Si vous avez reçu ce > courrier électronique par erreur, veuillez en aviser l’expéditeur. > >>>> > >>>> > >>> > >> > > >