Xws-security est-il incompatible avec Java 8?
J'ai implémenté un serveur et un client de service Web SOAP (basé sur http://spring.io/guides/gs/producing-web-service/). La communication est chiffrée avec une clé DESede symétrique de 24 bits.
Lorsque le client est compilé avec JAVA target runtime 1.7, il peut échanger des messages avec le serveur. Cependant, après avoir changé le runtime en 1.8, l'exception suivante est levée:
. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v1.2.4.RELEASE)
2015-06-22 11:14:48.557 INFO 5556 --- [ main] demo.ConsumerApplication : Starting ConsumerApplication on CSDM-20140014 with PID 5556 (C:\Users\Schwalowskis\development\local\consumer\target\classes started by Schwalowskis in C:\Users\Schwalowskis\development\local\consumer)
2015-06-22 11:14:48.652 INFO 5556 --- [ main] s.c.a.AnnotationConfigApplicationContext : Refreshing org.springframework.context.annotation.AnnotationConfigApplicationContext@bdb505: startup date [Mon Jun 22 11:14:48 CEST 2015]; root of context hierarchy
2015-06-22 11:14:48.917 INFO 5556 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'webServiceConfiguration' of type [class demo.WebServiceConfiguration$$EnhancerBySpringCGLIB$$30e25ba2] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2015-06-22 11:14:48.932 INFO 5556 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.ws.config.annotation.DelegatingWsConfiguration' of type [class org.springframework.ws.config.annotation.DelegatingWsConfiguration$$EnhancerBySpringCGLIB$$7398a572] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2015-06-22 11:14:49.042 INFO 5556 --- [ main] .w.s.a.s.AnnotationActionEndpointMapping : Supporting [WS-Addressing August 2004, WS-Addressing 1.0]
2015-06-22 11:14:49.619 WARN 5556 --- [ main] o.s.w.s.s.support.KeyStoreFactoryBean : Creating empty key store
2015-06-22 11:14:49.620 INFO 5556 --- [ main] o.s.w.s.s.support.KeyStoreFactoryBean : Loading key store from file [C:\Program Files\Java\jdk1.8.0\jre\lib\security\cacerts]
2015-06-22 11:14:49.776 INFO 5556 --- [ main] o.s.w.s.s.xwss.XwsSecurityInterceptor : Loading policy configuration from from 'class path resource [securityPolicy.xml]'
2015-06-22 11:14:50.337 INFO 5556 --- [ main] o.s.oxm.jaxb.Jaxb2Marshaller : Creating JAXBContext with context path [countries.wsdl]
2015-06-22 11:14:50.540 INFO 5556 --- [ main] o.s.ws.soap.saaj.SaajSoapMessageFactory : Creating SAAJ 1.3 MessageFactory with SOAP 1.1 Protocol
2015-06-22 11:14:50.649 INFO 5556 --- [ main] demo.ConsumerApplication : Started ConsumerApplication in 2.576 seconds (JVM running for 3.105)
Requesting country Poland
Exception in thread "main" 2015-06-22 11:14:52.429 INFO 5556 --- [ Thread-1] s.c.a.AnnotationConfigApplicationContext : Closing org.springframework.context.annotation.AnnotationConfigApplicationContext@bdb505: startup date [Mon Jun 22 11:14:48 CEST 2015]; root of context hierarchy
java.lang.NoSuchMethodError: com.sun.org.apache.xml.internal.security.encryption.XMLCipher.getInstance(Ljava/lang/String;Ljavax/crypto/Cipher;)Lcom/sun/org/apache/xml/internal/security/encryption/XMLCipher;
at com.sun.xml.wss.impl.apachecrypto.EncryptionProcessor.encrypt(EncryptionProcessor.java:1053)
at com.sun.xml.wss.impl.filter.EncryptionFilter.encrypt(EncryptionFilter.java:430)
at com.sun.xml.wss.impl.filter.EncryptionFilter.process(EncryptionFilter.java:389)
at com.sun.xml.wss.impl.HarnessUtil.processWSSPolicy(HarnessUtil.java:81)
at com.sun.xml.wss.impl.HarnessUtil.processDeep(HarnessUtil.java:252)
at com.sun.xml.wss.impl.SecurityAnnotator.processMessagePolicy(SecurityAnnotator.java:172)
at com.sun.xml.wss.impl.SecurityAnnotator.secureMessage(SecurityAnnotator.java:133)
at com.sun.xml.wss.impl.misc.XWSSProcessor2_0Impl.secureOutboundMessage(XWSSProcessor2_0Impl.java:94)
at org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor.secureMessage(XwsSecurityInterceptor.java:138)
at org.springframework.ws.soap.security.AbstractWsSecurityInterceptor.handleRequest(AbstractWsSecurityInterceptor.java:210)
at org.springframework.ws.client.core.WebServiceTemplate.doSendAndReceive(WebServiceTemplate.java:597)
at org.springframework.ws.client.core.WebServiceTemplate.sendAndReceive(WebServiceTemplate.java:555)
at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:390)
at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:383)
at demo.client.CountriesClient.getCountry(CountriesClient.java:20)
at demo.ConsumerApplication.main(ConsumerApplication.java:24)
(dépendances Maven) POM:
<!-- XWSS::start -->
<dependency>
<groupId>org.springframework.ws</groupId>
<artifactId>spring-ws-security</artifactId>
</dependency>
<dependency>
<groupId>com.sun.xml.wss</groupId>
<artifactId>xws-security</artifactId>
<version>3.0</version>
<exclusions>
<exclusion>
<artifactId>xmldsig</artifactId>
<groupId>javax.xml.crypto</groupId>
</exclusion>
<exclusion>
<artifactId>activation</artifactId>
<groupId>javax.activation</groupId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.sun.xml.messaging.saaj</groupId>
<artifactId>saaj-impl</artifactId>
<version>1.3.25</version>
</dependency>
<!-- XWSS::end -->
EncryptionProcessor.Java (xws-sécurité-3.0.jar http://mvnrepository.com/artifact/com.sun.xml.wss/xws-security/3.0):
// line=1050
String dataAlgorithm = JCEMapper.translateURItoJCEID(dataEncAlgo); // 1051
_dataCipher = Cipher.getInstance(dataAlgorithm); // 1052
_dataEncryptor = XMLCipher.getInstance(dataEncAlgo,_dataCipher); //1053
_dataCipher.init(XMLCipher.ENCRYPT_MODE, _symmetricKey); //1054
_dataEncryptor.init(XMLCipher.ENCRYPT_MODE, _symmetricKey); // 1055
// 1056
La classe XMLCipher est chargée à partir de:
%java_home%\jre\lib\rt.jar!com.sun.org.apache.xml.internal.security.encryption.XMLCipher
Est-ce un bogue dans Java 8 ou dois-je mettre à jour les dépendances?
2 answers
Je peux en effet confirmer que xws-sécurité-3.0.jar est incompatible avec Java 8.
J'ai donc fini par devoir réparer la classe dans la dépendance. Voir: Comment remplacez-vous la classe d'une dépendance Maven?
Avez-vous essayé de supprimer l'exclusion
<exclusion>
<artifactId>activation</artifactId>
<groupId>javax.activation</groupId>
</exclusion>
De la com.soleil.XML.dépendance wss?
Cordialement