[jira] Created: (AXIS2-811) axis 2 class loader issue for loading security jar files from web-inf/lib folder

Anamitra Bhattacharyya (JIRA) Fri, 09 Jun 2006 07:54:36 -0700

axis 2 class loader issue for loading security jar files from web-inf/lib folder
--------------------------------------------------------------------------------


         Key: AXIS2-811
         URL: http://issues.apache.org/jira/browse/AXIS2-811
     Project: Apache Axis 2.0 (Axis2)
        Type: Bug

  Components: core  
    Versions: 1.0    
 Environment: Weblogic 9.1 with jdk 1.5 [sun]
    Reporter: Anamitra Bhattacharyya


I am trying to setup a security test with the rampart module and have deployed 
axis 2 as a web app in the weblogic server. I have modified the axis2.xml.path 
and the axis2.repository.path to point to a folder [say c:\myrepo] and have 
dropped the rampart module under the module folder under c:\myrepo. Now I have 
added the entry 

security.provider.7=org.bouncycastle.jce.provider.BouncyCastleProvider

in the java.security file for both the client and the server.
 
I try 2 scenarios

1>I put the bcprov-jdk15-133.jar in the axis2 web app web-inf/lib folder and I 
send the encrypted message from the cleint and I get an error which indicates 
the that the axis engine didnt find the crypto provider 
[org.bouncycastle.jce.provider.BouncyCastleProvider]. But If I put the 
bcprov-jdk15-133.jar in the system class path opf weblogic this works fine and 
the axis is able to find the crypto provider.

2>Ruchith asked me to test his service using the weblogic setup and that had 
the bcprov-jdk15-133.jar  in the service/lib folder and that also failed. 

- Invalid service  SimpleService.aar due to java.lang.ExceptionInInitializerErro
r
        at javax.crypto.Cipher.getInstance(DashoA12275)
        at SimpleService.<clinit>(SimpleService.java:24)
        at java.lang.Class.forName0(Native Method)
        at java.lang.Class.forName(Class.java:242)
        at org.apache.ws.java2wsdl.SchemaGenerator.<init>(SchemaGenerator.java:7
0)
        at org.apache.axis2.deployment.util.Utils.fillAxisService(Utils.java:209
)
        at org.apache.axis2.deployment.ServiceBuilder.populateService(ServiceBui
lder.java:149)
        at org.apache.axis2.deployment.repository.util.ArchiveReader.buildServic
eGroup(ArchiveReader.java:76)
        at org.apache.axis2.deployment.repository.util.ArchiveReader.processServ
iceGroup(ArchiveReader.java:118)
        at org.apache.axis2.deployment.DeploymentEngine.doDeploy(DeploymentEngin
e.java:620)
        at org.apache.axis2.deployment.repository.util.WSInfoList.update(WSInfoL
ist.java:195)
        at org.apache.axis2.deployment.RepositoryListener.update(RepositoryListe
ner.java:207)
        at org.apache.axis2.deployment.RepositoryListener.checkServices(Reposito
ryListener.java:155)
        at org.apache.axis2.deployment.RepositoryListener.startListener(Reposito
ryListener.java:199)
        at org.apache.axis2.deployment.scheduler.SchedulerTask.checkRepositary(S
chedulerTask.java:61)
        at org.apache.axis2.deployment.scheduler.SchedulerTask.run(SchedulerTask
.java:68)
        at org.apache.axis2.deployment.scheduler.Scheduler$SchedulerTimerTask.ru
n(Scheduler.java:76)
        at java.util.TimerThread.mainLoop(Timer.java:512)
        at java.util.TimerThread.run(Timer.java:462)
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
        at javax.crypto.SunJCE_b.<clinit>(DashoA12275)
        ... 19 more
Caused by: java.security.PrivilegedActionException: java.security.InvalidKeyExce
ption: Public key presented not for certificate signature
        at java.security.AccessController.doPrivileged(Native Method)
        ... 20 more
Caused by: java.security.InvalidKeyException: Public key presented not for certi
ficate signature
        at org.bouncycastle.jce.provider.X509CertificateObject.checkSignature(Un
known Source)
        at org.bouncycastle.jce.provider.X509CertificateObject.verify(Unknown So
urce)
        at javax.crypto.SunJCE_b.c(DashoA12275)
        at javax.crypto.SunJCE_b.b(DashoA12275)
        at javax.crypto.SunJCE_q.run(DashoA12275)
        ... 21 more

I more concerned for the first scenario as that would be the way I will deploy 
axis and not have to have the bcprov-jdk15-133.jar   for every individual 
service.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[jira] Created: (AXIS2-811) axis 2 class loader issue for loading security jar files from web-inf/lib folder

Reply via email to