Hi,
I guess you mean TLSClientParameters.secureSocketProtocol in Conduit.
As far as I can see this parameter is used for creating java.net.ssl.SSLContext:
String protocol = parameters.getSecureSocketProtocol() != null ?
parameters
.getSecureSocketProtocol() : "TLS";
The setting should work. How you apply conduit settings: programmatically or
via spring configuration?
Could you past the code snapshot?
Regards,
Andrei.
> -----Original Message-----
> From: David Roytenberg (Consultant)
> [mailto:[email protected]]
> Sent: Freitag, 24. Oktober 2014 17:46
> To: [email protected]
> Subject: RE: How to Disable SSLv2 client hello in CXF?
>
> Hello again.
>
> I've dug further into the CXF documentation and found that it is possible to
> programmatically set the SSL protocols on the TLSProperties object of the
> Conduit.
>
> I've created the TLS properties and set the SSL protocols to TLS1, but this
> does
> not change the SSL behavior, which still starts with TLSv1.2 then sends the
> hello
> with SSLv2 which is then dropped on the client end. Is there another switch
> that
> has to be set to over-ride the default SSL behavior?
>
> David
>
> -----Original Message-----
> From: David Roytenberg (Consultant)
> [mailto:[email protected]]
> Sent: Thursday, October 23, 2014 4:57 PM
> To: [email protected]
> Subject: How to Disable SSLv2 client hello in CXF?
>
> I'm having an SSL problem and I wonder if there is a way to fix it within CXF
>
> We have our CXF 2.7.6 based integration deployed on Weblogic 11. We are
> using JDK 1.7_065
>
> When we connect to our remote client via SSL we get the following trace with
> lots of SSL debugging turned on
>
> What appears to be happening is that the Hello message is sent with an SSLV2
> protocol, which our partner's server does not like. Apparently sending the
> Hello at this level is a common behavior and apparently it sometimes causes
> the remote server to fail. I found a suggestion on line that this can be
> fixed by
> removing the SSLv2 from the allowed protocols. I am wondering if I can do
> that
> through CFX configuration?
>
> This is a reference to the article that suggests that removing the protocol
> is the
> solution to this problem:
>
> http://stackoverflow.com/questions/4682957/why-does-javas-sslsocket-send-a-
> version-2-client-hello
>
> The protocols are apparently set on the SSLContext in JSSE by calling
> setEnabledProtocols(String[] protocols)
>
> Is there a way to set the enabled protocols on the SSLContext via CXF
> configuration?
>
> If not, is there a way to get hold of the SSLContext programmatically in a CXF
> interceptor?
>
> We can't fix this problem at the WebLogic level because of side-effects on
> other apps. Thanks in advance for any suggestions or guidance!
>
> WebLogic SSL debug trace follows:
>
> %% No cached client session
> *** ClientHello, TLSv1.2
> RandomCookie: GMT: 1414096267 bytes = { 183, 209, 47, 148, 54, 202, 98, 8,
> 191, 222, 122, 248, 80, 190, 53, 88, 128, 130, 126, 108, 100, 82, 100, 197,
> 213,
> 31, 89, 96 } Session ID: {} Cipher Suites:
> [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
> TLS_RSA_WITH_AES_256_CBC_SHA256,
> TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
> TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
> TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS
> _WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_RSA_WITH_AES_256_CBC_SHA,
> TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
> TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AE
> S_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
> TLS_RSA_WITH_AES_128_CBC_SHA256,
> TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
> TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_
> WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
> TLS_RSA_WITH_AES_128_CBC_SHA,
> TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES
> _128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
> TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA,
> TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA,
> TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_W
> ITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
> TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5,
> TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
> Compression Methods: { 0 }
> Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2,
> secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1,
> sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1,
> secp160r2, sect163r1, secp1 92k1, sect193r1, sect193r2, secp224k1, sect239k1,
> secp256k1} Extension ec_point_formats, formats: [uncompressed] Extension
> signature_algorithms, signature_algorithms: SHA512withECDSA,
> SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA,
> SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA,
> SHA1withRSA, SHA1withDSA, MD5withRSA
> ***
> [write] MD5 and SHA1 hashes: len = 221
> 0000: 01 00 00 D9 03 03 54 49 66 8B B7 D1 2F 94 36 CA ......TIf.../.6.
> 0010: 62 08 BF DE 7A F8 50 BE 35 58 80 82 7E 6C 64 52 b...z.P.5X...ldR
> 0020: 64 C5 D5 1F 59 60 00 00 54 C0 24 C0 28 00 3D C0 d...Y`..T.$.(.=.
> 0030: 26 C0 2A 00 6B 00 6A C0 0A C0 14 00 35 C0 05 C0 &.*.k.j.....5...
> 0040: 0F 00 39 00 38 C0 23 C0 27 00 3C C0 25 C0 29 00 ..9.8.#.'.<.%.).
> 0050: 67 00 40 C0 09 C0 13 00 2F C0 04 C0 0E 00 33 00 g.@...../.....3.
> 0060: 32 C0 07 C0 11 00 05 C0 02 C0 0C C0 08 C0 12 00 2...............
> 0070: 0A C0 03 C0 0D 00 16 00 13 00 04 00 FF 01 00 00 ................
> 0080: 5C 00 0A 00 34 00 32 00 17 00 01 00 03 00 13 00 \...4.2.........
> 0090: 15 00 06 00 07 00 09 00 0A 00 18 00 0B 00 0C 00 ................
> 00A0: 19 00 0D 00 0E 00 0F 00 10 00 11 00 02 00 12 00 ................
> 00B0: 04 00 05 00 14 00 08 00 16 00 0B 00 02 01 00 00 ................
> 00C0: 0D 00 1A 00 18 06 03 06 01 05 03 05 01 04 03 04 ................
> 00D0: 01 03 03 03 01 02 03 02 01 02 02 01 01 .............
> [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default
> (self-tuning)',
> WRITE: TLSv1.2 Handshake, length = 221 [write] MD5 and SHA1 hashes: len =
> 188
> 0000: 01 03 03 00 93 00 00 00 20 00 C0 24 00 C0 28 00 ........ ..$..(.
> 0010: 00 3D 00 C0 26 00 C0 2A 00 00 6B 00 00 6A 00 C0 .=..&..*..k..j..
> 0020: 0A 07 00 C0 00 C0 14 00 00 35 00 C0 05 00 C0 0F .........5......
> 0030: 00 00 39 00 00 38 00 C0 23 00 C0 27 00 00 3C 00 ..9..8..#..'..<.
> 0040: C0 25 00 C0 29 00 00 67 00 00 40 00 C0 09 06 00 .%..)..g..@.....
> 0050: 40 00 C0 13 00 00 2F 00 C0 04 01 00 80 00 C0 0E @...../.........
> 0060: 00 00 33 00 00 32 00 C0 07 05 00 80 00 C0 11 00 ..3..2..........
> 0070: 00 05 00 C0 02 00 C0 0C 00 C0 08 00 C0 12 00 00 ................
> 0080: 0A 07 00 C0 00 C0 03 02 00 80 00 C0 0D 00 00 16 ................
> 0090: 00 00 13 00 00 04 01 00 80 00 00 FF 54 49 66 8B ............TIf.
> 00A0: B7 D1 2F 94 36 CA 62 08 BF DE 7A F8 50 BE 35 58 ../.6.b...z.P.5X
> 00B0: 80 82 7E 6C 64 52 64 C5 D5 1F 59 60 ...ldRd...Y`
> [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default
> (self-tuning)',
> WRITE: SSLv2 client hello message, length = 188 [Raw write]: length = 190
> 0000: 80 BC 01 03 03 00 93 00 00 00 20 00 C0 24 00 C0 .......... ..$..
> 0010: 28 00 00 3D 00 C0 26 00 C0 2A 00 00 6B 00 00 6A (..=..&..*..k..j
> 0020: 00 C0 0A 07 00 C0 00 C0 14 00 00 35 00 C0 05 00 ...........5....
> 0030: C0 0F 00 00 39 00 00 38 00 C0 23 00 C0 27 00 00 ....9..8..#..'..
> 0040: 3C 00 C0 25 00 C0 29 00 00 67 00 00 40 00 C0 09 <..%..)..g..@...
> 0050: 06 00 40 00 C0 13 00 00 2F 00 C0 04 01 00 80 00 ..@...../.......
> 0060: C0 0E 00 00 33 00 00 32 00 C0 07 05 00 80 00 C0 ....3..2........
> 0070: 11 00 00 05 00 C0 02 00 C0 0C 00 C0 08 00 C0 12 ................
> 0080: 00 00 0A 07 00 C0 00 C0 03 02 00 80 00 C0 0D 00 ................
> 0090: 00 16 00 00 13 00 00 04 01 00 80 00 00 FF 54 49 ..............TI
> 00A0: 66 8B B7 D1 2F 94 36 CA 62 08 BF DE 7A F8 50 BE f.../.6.b...z.P.
> 00B0: 35 58 80 82 7E 6C 64 52 64 C5 D5 1F 59 60 5X...ldRd...Y`
> <Oct 23, 2014 4:35:23 PM EDT> <Debug> <SecuritySSL> <BEA-000000>
> <[Thread[[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default
> (self-
> tuning)',5,Pooled Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE:
> SSLEngine.wrap(ByteBuffer,ByteBuffer)
> called: result=Status = OK HandshakeStatus = NEED_UNWRAP bytesConsumed =
> 0 bytesProduced = 190.> <Oct 23, 2014 4:35:23 PM EDT> <Debug>
> <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: '0' for queue:
> 'weblogic.kernel.Default (self-tuning)',5,Pooled
> Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE:
> SSLEngine.unwrap(ByteBuffer,ByteBuffer
> []) called: result=Status = BUFFER_UNDERFLOW HandshakeStatus =
> NEED_UNWRAP bytesConsumed = 0 bytesProduced = 0.> [Raw read]: length = 5
> 0000: 15 03 03 00 02 .....
> [Raw read]: length = 2
> 0000: 02 28 .(
> [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default
> (self-tuning)',
> READ: TLSv1.2 Alert, length = 2 [ACTIVE] ExecuteThread: '0' for queue:
> 'weblogic.kernel.Default (self-tuning)', RECV TLSv1 ALERT: fatal,
> handshake_failure [ACTIVE] ExecuteThread: '0' for queue:
> 'weblogic.kernel.Default (self-tuning)', fatal: engine already closed.
> Rethrowing javax.net.ssl.SSLException: Received fatal alert: handshake_failure
> [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default
> (self-tuning)',
> fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Received
> fatal alert: handshake_failure <Oct 23, 2014 4:35:23 PM EDT> <Debug>
> <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: '0' for queue:
> 'weblogic.kernel.Default (self-tuning)',5,Pooled
> Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE: Exception occurred
> during SSLEngine.un wrap(ByteBuffer,ByteBuffer[]).
> javax.net.ssl.SSLException: Received fatal alert: handshake_failure
> at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
> at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1619)
> at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1587)
> at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1756)
> at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1060)
> at
> sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:884)
> at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758)
> at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:664)
> at
> weblogic.security.SSL.jsseadapter.JaSSLEngine$5.run(JaSSLEngine.java:134)
> at
> weblogic.security.SSL.jsseadapter.JaSSLEngine.doAction(JaSSLEngine.java:732)
> at
> weblogic.security.SSL.jsseadapter.JaSSLEngine.unwrap(JaSSLEngine.java:132)
> at weblogic.socket.JSSEFilterImpl.unwrap(JSSEFilterImpl.java:505)
> at
> weblogic.socket.JSSEFilterImpl.unwrapAndHandleResults(JSSEFilterImpl.java:44
> 8)
> at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:80)
> at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:64)
> at weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:59)
> at weblogic.socket.JSSEFilterImpl.write(JSSEFilterImpl.java:390)
> at
> weblogic.socket.JSSESocket$JSSEOutputStream.write(JSSESocket.java:89)
> at
> java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
> at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
> at java.io.FilterOutputStream.flush(FilterOutputStream.java:140)
> at
> weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:1
> 86)
> at
> weblogic.net.http.HttpURLConnection.getOutputStream(HttpURLConnection.jav
> a:280)
> at
> org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWra
> ppedOutputStream.setupWrappedStream(URLConnectionHTTPConduit.java:168
> )
> at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHea
> dersTrustCaching(HTTPConduit.java:1278)
> at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrit
> e(HTTPConduit.java:1234)
> at
> org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWra
> ppedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:195)
> at
> org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutpu
> tStream.java:47)
> at
> org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutp
> utStream.java:69)
> at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTP
> Conduit.java:1291)
> at
> org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
> at
> org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:623)
> at
> org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingI
> nterceptor.handleMessage(MessageSenderInterceptor.java:62)
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
> n.java:271)
> at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:541)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:474)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:377)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:330)
> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
> at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134)
> at com.sun.proxy.$Proxy258.startTransaction(Unknown Source)
> at
> com.optimal.identity.gateway.equifax.eidverify.VerifyClient.initiateVerification(
> VerifyClient.java:87)
> at
> com.optimal.identity.gateway.equifax.eidverify.VerifyGateway.submitInitial(Ve
> rifyGateway.java:24)
> at
> com.optimal.identity.service.IdentificationServiceImpl.submitInitial(Identificatio
> nServiceImpl.java:147)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:
> 57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorI
> mpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(Aop
> Utils.java:317)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpo
> int(ReflectiveMethodInvocation.java:183)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(Refl
> ectiveMethodInvocation.java:150)
> at
> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(Tra
> nsactionInterceptor.java:110)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(Refl
> ectiveMethodInvocation.java:172)
> at
> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamic
> AopProxy.java:204)
> at com.sun.proxy.$Proxy211.submitInitial(Unknown Source)
> at
> com.optimal.identity.web.rest.IdentificationController.create(IdentificationCont
> roller.java:133)
> at
> com.optimal.identity.web.rest.IdentificationController$$FastClassByCGLIB$$95f
> 388d3.invoke(<generated>)
> at
> org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
> at
> org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.in
> vokeJoinpoint(CglibAopProxy.java:698)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(Refl
> ectiveMethodInvocation.java:150)
> at
> org.springframework.security.access.intercept.aopalliance.MethodSecurityInter
> ceptor.invoke(MethodSecurityInterceptor.java:64)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(Refl
> ectiveMethodInvocation.java:172)
> at
> org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedIntercept
> or.intercept(CglibAopProxy.java:631)
> at
> com.optimal.identity.web.rest.IdentificationController$$EnhancerByCGLIB$$36
> b7b48f.create(<generated>)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:
> 57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorI
> mpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> org.springframework.web.method.support.InvocableHandlerMethod.invoke(Inv
> ocableHandlerMethod.java:219)
> at
> org.springframework.web.method.support.InvocableHandlerMethod.invokeFor
> Request(InvocableHandlerMethod.java:132)
> at
> org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHan
> dlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:104)
> at
> org.springframework.web.servlet.mvc.method.annotation.RequestMappingHan
> dlerAdapter.invokeHandleMethod(RequestMappingHandlerAdapter.java:745)
> at
> org.springframework.web.servlet.mvc.method.annotation.RequestMappingHan
> dlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:686)
> at
> org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.
> handle(AbstractHandlerMethodAdapter.java:80)
> at
> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServl
> et.java:925)
> at
> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServle
> t.java:856)
> at
> org.springframework.web.servlet.FrameworkServlet.processRequest(Framewor
> kServlet.java:920)
> at
> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.j
> ava:827)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
> at
> org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.
> java:801)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
> at
> weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecu
> rityHelper.java:227)
> at
> weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.j
> ava:125)
> at
> weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)
> at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
> at
> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
> at
> org.springframework.web.filter.ShallowEtagHeaderFilter.doFilterInternal(Shallo
> wEtagHeaderFilter.java:73)
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequest
> Filter.java:107)
> at
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(Delegati
> ngFilterProxy.java:346)
> at
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilter
> Proxy.java:259)
> at
> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(
> FilterChainProxy.java:330)
> at
> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.inv
> oke(FilterSecurityInterceptor.java:118)
> at
> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.do
> Filter(FilterSecurityInterceptor.java:84)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(
> FilterChainProxy.java:342)
> at
> org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(Ex
> ceptionTranslationFilter.java:113)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(
> FilterChainProxy.java:342)
> at
> org.springframework.security.web.authentication.AnonymousAuthenticationFilt
> er.doFilter(AnonymousAuthenticationFilter.java:113)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(
> FilterChainProxy.java:342)
> at
> org.springframework.security.web.servletapi.SecurityContextHolderAwareRequ
> estFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(
> FilterChainProxy.java:342)
> at
> org.springframework.security.web.authentication.www.BasicAuthenticationFilt
> er.doFilter(BasicAuthenticationFilter.java:201)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(
> FilterChainProxy.java:342)
> at
> org.springframework.security.web.context.SecurityContextPersistenceFilter.doF
> ilter(SecurityContextPersistenceFilter.java:87)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(
> FilterChainProxy.java:342)
> at
> org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChain
> Proxy.java:192)
> at
> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.ja
> va:160)
> at
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(Delegati
> ngFilterProxy.java:346)
> at
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilter
> Proxy.java:259)
> at
> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
> at
> com.optimal.rest.loggerfilter.LoggerFilter.doFilterInternal(LoggerFilter.java:16
> 9)
> at
> com.optimal.rest.loggerfilter.LoggerFilter.doFilter(LoggerFilter.java:123)
> at
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(Delegati
> ngFilterProxy.java:346)
> at
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilter
> Proxy.java:259)
> at
> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
> at
> com.optimal.web.spring.filter.ApplicationUidFilter.doFilterInternal(ApplicationU
> idFilter.java:51)
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequest
> Filter.java:107)
> at
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(Delegati
> ngFilterProxy.java:346)
> at
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilter
> Proxy.java:259)
> at
> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
> at
> weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrap
> Run(WebAppServletContext.java:3730)
> at
> weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(
> WebAppServletContext.java:3696)
> at
> weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.j
> ava:321)
> at
> weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
> at
> weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServl
> etContext.java:2273)
> at
> weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletConte
> xt.java:2179)
> at
> weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490
> )
> at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
> at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
> >
> AVIS IMPORTANT
>
> WARNING
>
>
> Ce message ?lectronique et ses pi?ces jointes peuvent contenir des
> renseignements confidentiels, exclusifs ou l?galement privil?gi?s destin?s au
> seul usage du destinataire vis?. L'exp?diteur original ne renonce ? aucun
> privil?ge ou ? aucun autre droit si le pr?sent message a ?t? transmis
> involontairement ou s'il est retransmis sans son autorisation. Si vous n'?tes
> pas
> le destinataire vis? du pr?sent message ou si vous l'avez re?u par erreur,
> veuillez cesser imm?diatement de le lire et le supprimer, ainsi que toutes ses
> pi?ces jointes, de votre syst?me. La lecture, la distribution, la copie ou
> tout
> autre usage du pr?sent message ou de ses pi?ces jointes par des personnes
> autres que le destinataire vis? ne sont pas autoris?s et pourraient ?tre
> ill?gaux.
> Si vous avez re?u ce courrier ?lectronique par erreur, veuillez en aviser
> l'exp?diteur.
>
>
> This electronic message and its attachments may contain confidential,
> proprietary or legally privileged information, which is solely for the use of
> the
> intended recipient. No privilege or other rights are waived by any unintended
> transmission or unauthorized retransmission of this message. If you are not
> the
> intended recipient of this message, or if you have received it in error, you
> should immediately stop reading this message and delete it and all
> attachments from your system. The reading, distribution, copying or other use
> of this message or its attachments by unintended recipients is unauthorized
> and
> may be unlawful. If you have received this e-mail in error, please notify the
> sender.
>
> --
> WARNING
> -------
> This electronic message and its attachments may contain confidential,
> proprietary or legally privileged information, which is solely for the use of
> the
> intended recipient. No privilege or other rights are waived by any unintended
> transmission or unauthorized retransmission of this message. If you are not
> the
> intended recipient of this message, or if you have received it in error, you
> should immediately stop reading this message and delete it and all
> attachments from your system. The reading, distribution, copying or other use
> of this message or its attachments by unintended recipients is unauthorized
> and
> may be unlawful. If you have received this e-mail in error, please notify the
> sender.
>
> AVIS IMPORTANT
> --------------
> Ce message electronique et ses pieces jointes peuvent contenir des
> renseignements confidentiels, exclusifs ou legalement privilegies destines au
> seul usage du destinataire vise. L'expediteur original ne renonce a aucun
> privilege ou a aucun autre droit si le present message a ete transmis
> involontairement ou s'il est retransmis sans son autorisation. Si vous
> n'etes pas
> le destinataire vise du present message ou si vous l'avez recu par erreur,
> veuillez cesser immediatement de le lire et le supprimer, ainsi que toutes ses
> pieces jointes, de votre systeme. La lecture, la distribution, la copie ou
> tout
> autre usage du present message ou de ses pieces jointes par des personnes
> autres que le destinataire vise ne sont pas autorises et pourraient etre
> illegaux.
> Si vous avez recu ce courrier electronique par erreur, veuillez en aviser
> l'expediteur.
>
>
> --
> WARNING
> -------
> This electronic message and its attachments may contain confidential,
> proprietary or legally privileged information, which is solely for the use of
> the
> intended recipient. No privilege or other rights are waived by any unintended
> transmission or unauthorized retransmission of this message. If you are not
> the
> intended recipient of this message, or if you have received it in error, you
> should immediately stop reading this message and delete it and all
> attachments from your system. The reading, distribution, copying or other use
> of this message or its attachments by unintended recipients is unauthorized
> and
> may be unlawful. If you have received this e-mail in error, please notify the
> sender.
>
> AVIS IMPORTANT
> --------------
> Ce message ?lectronique et ses pi?ces jointes peuvent contenir des
> renseignements confidentiels, exclusifs ou l?galement privil?gi?s destin?s au
> seul usage du destinataire vis?. L'exp?diteur original ne renonce ? aucun
> privil?ge ou ? aucun autre droit si le pr?sent message a ?t? transmis
> involontairement ou s'il est retransmis sans son autorisation. Si vous
> n'?tes pas
> le destinataire vis? du pr?sent message ou si vous l'avez re?u par erreur,
> veuillez cesser imm?diatement de le lire et le supprimer, ainsi que toutes ses
> pi?ces jointes, de votre syst?me. La lecture, la distribution, la copie ou
> tout
> autre usage du pr?sent message ou de ses pi?ces jointes par des personnes
> autres que le destinataire vis? ne sont pas autoris?s et pourraient ?tre
> ill?gaux.
> Si vous avez re?u ce courrier ?lectronique par erreur, veuillez en aviser
> l'exp?diteur.
>
> --
> WARNING
> -------
> This electronic message and its attachments may contain confidential,
> proprietary or legally privileged information, which is solely for the use of
> the
> intended recipient. No privilege or other rights are waived by any unintended
> transmission or unauthorized retransmission of this message. If you are not
> the
> intended recipient of this message, or if you have received it in error, you
> should immediately stop reading this message and delete it and all
> attachments from your system. The reading, distribution, copying or other use
> of this message or its attachments by unintended recipients is unauthorized
> and
> may be unlawful. If you have received this e-mail in error, please notify the
> sender.
>
> AVIS IMPORTANT
> --------------
> Ce message electronique et ses pieces jointes peuvent contenir des
> renseignements confidentiels, exclusifs ou legalement privilegies destines au
> seul usage du destinataire vise. L'expediteur original ne renonce a aucun
> privilege ou a aucun autre droit si le present message a ete transmis
> involontairement ou s'il est retransmis sans son autorisation. Si vous
> n'etes pas
> le destinataire vise du present message ou si vous l'avez recu par erreur,
> veuillez cesser immediatement de le lire et le supprimer, ainsi que toutes ses
> pieces jointes, de votre systeme. La lecture, la distribution, la copie ou
> tout
> autre usage du present message ou de ses pieces jointes par des personnes
> autres que le destinataire vise ne sont pas autorises et pourraient etre
> illegaux.
> Si vous avez recu ce courrier electronique par erreur, veuillez en aviser
> l'expediteur.
