Hi Jason,
Are you running on WebLogic by any chance? When I configured the properties
in the deployment to point to the WebLogic default key store and trust store, I
get a java.security.UnrecoverableKeyException while trying to deploy my
application. Did you encounter this problem?
Here's my config:
<constructor-arg>
<list>
<bean
class="com.pellcorp.server.jetty.JettyHttpEngineConfig">
<property name="uri"
value="https://localhost:7002"; />
<property name="keyStoreFile"
value="/opt/weblogic_11/wlserver_10.3/server/lib/DemoIdentity.jks" />
<property name="keyStorePassword"
value="DemoIdentityKeyStorePassPhrase" />
<property name="trustStoreFile"
value="/opt/weblogic_11/wlserver_10.3/server/lib/DemoTrust.jks" />
<property name="trustStorePassword"
value="DemoTrustKeyStorePassPhrase" />
<property name="secureSocketProtocol"
value="TLSv1" />
</bean>
<bean
class="com.pellcorp.server.jetty.JettyHttpEngineConfig">
<property name="uri"
value="https://localhost:7002"; />
<property name="keyStoreFile"
value="/opt/weblogic_11/wlserver_10.3/server/lib/DemoIdentity.jks" />
<property name="keyStorePassword"
value="DemoIdentityKeyStorePassPhrase" />
<property name="secureSocketProtocol"
value="TLSv1" />
</bean>
</list>
</constructor-arg>
David
-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf Of Jason Pell
Sent: Monday, October 27, 2014 7:23 AM
To: [email protected]
Subject: Re: How to Disable SSLv2 client hello in CXF?
Hi,
Here is a sample of using your own custom version of the jetty factory in your
spring context. It is pretty invasive, so its actually better to wait for
2.7.14 and take advantage of the code already there. I use this code for other
reasons though, as it allows me to configure the trust / key stores via spring
properties.
https://github.com/pellcorp/cxf/tree/master/JavaFirst/src/main/java/com/pellcorp/server/jetty
A sample spring context:
https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/main/resources/META-INF/samlApplicationContext.xml
On Mon, Oct 27, 2014 at 9:44 PM, Jason Pell <[email protected]> wrote:
> That setting won't actually control what protocols jetty will actually
> use. I think it just controls what the highest protocol is used.
>
> The excluded protocols list needs to include the sslv2 setting.
>
> we actually overrode the jetty factory jetty engine and one other
> class to get access to the SSL context to configure the excluded
> protocols. Not pretty but we can't wait for 2.7.14.
>
> If you are interested I shall post our classes to my git repo.
>
> Let me know
> On 27/10/2014 8:14 PM, "Andrei Shakirin" <[email protected]> wrote:
>
>> Hi,
>>
>> I guess you mean TLSClientParameters.secureSocketProtocol in Conduit.
>>
>> As far as I can see this parameter is used for creating
>> java.net.ssl.SSLContext:
>> String protocol = parameters.getSecureSocketProtocol() != null ?
>> parameters
>> .getSecureSocketProtocol() : "TLS";
>>
>> The setting should work. How you apply conduit settings:
>> programmatically or via spring configuration?
>> Could you past the code snapshot?
>>
>> Regards,
>> Andrei.
>>
>> > -----Original Message-----
>> > From: David Roytenberg (Consultant)
>> > [mailto:[email protected]]
>> > Sent: Freitag, 24. Oktober 2014 17:46
>> > To: [email protected]
>> > Subject: RE: How to Disable SSLv2 client hello in CXF?
>> >
>> > Hello again.
>> >
>> > I've dug further into the CXF documentation and found that it is
>> possible to
>> > programmatically set the SSL protocols on the TLSProperties object
>> > of
>> the
>> > Conduit.
>> >
>> > I've created the TLS properties and set the SSL protocols to TLS1,
>> > but
>> this does
>> > not change the SSL behavior, which still starts with TLSv1.2 then
>> > sends
>> the hello
>> > with SSLv2 which is then dropped on the client end. Is there
>> > another
>> switch that
>> > has to be set to over-ride the default SSL behavior?
>> >
>> > David
>> >
>> > -----Original Message-----
>> > From: David Roytenberg (Consultant)
>> > [mailto:[email protected]]
>> > Sent: Thursday, October 23, 2014 4:57 PM
>> > To: [email protected]
>> > Subject: How to Disable SSLv2 client hello in CXF?
>> >
>> > I'm having an SSL problem and I wonder if there is a way to fix it
>> within CXF
>> >
>> > We have our CXF 2.7.6 based integration deployed on Weblogic 11.
>> > We are using JDK 1.7_065
>> >
>> > When we connect to our remote client via SSL we get the following
>> > trace
>> with
>> > lots of SSL debugging turned on
>> >
>> > What appears to be happening is that the Hello message is sent with
>> > an
>> SSLV2
>> > protocol, which our partner's server does not like. Apparently
>> > sending
>> the
>> > Hello at this level is a common behavior and apparently it
>> > sometimes
>> causes
>> > the remote server to fail. I found a suggestion on line that this
>> > can
>> be fixed by
>> > removing the SSLv2 from the allowed protocols. I am wondering if I
>> > can
>> do that
>> > through CFX configuration?
>> >
>> > This is a reference to the article that suggests that removing the
>> protocol is the
>> > solution to this problem:
>> >
>> >
>> http://stackoverflow.com/questions/4682957/why-does-javas-sslsocket-s
>> end-a-
>> > version-2-client-hello
>> >
>> > The protocols are apparently set on the SSLContext in JSSE by
>> > calling setEnabledProtocols(String[] protocols)
>> >
>> > Is there a way to set the enabled protocols on the SSLContext via
>> > CXF configuration?
>> >
>> > If not, is there a way to get hold of the SSLContext
>> > programmatically
>> in a CXF
>> > interceptor?
>> >
>> > We can't fix this problem at the WebLogic level because of
>> > side-effects
>> on
>> > other apps. Thanks in advance for any suggestions or guidance!
>> >
>> > WebLogic SSL debug trace follows:
>> >
>> > %% No cached client session
>> > *** ClientHello, TLSv1.2
>> > RandomCookie: GMT: 1414096267 bytes = { 183, 209, 47, 148, 54,
>> > 202,
>> 98, 8,
>> > 191, 222, 122, 248, 80, 190, 53, 88, 128, 130, 126, 108, 100, 82,
>> > 100,
>> 197, 213,
>> > 31, 89, 96 } Session ID: {} Cipher Suites:
>> > [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
>> > TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
>> > TLS_RSA_WITH_AES_256_CBC_SHA256,
>> > TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
>> > TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
>> > TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS
>> > _WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
>> > TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
>> > TLS_RSA_WITH_AES_256_CBC_SHA,
>> > TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
>> > TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
>> > TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AE
>> > S_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
>> > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
>> > TLS_RSA_WITH_AES_128_CBC_SHA256,
>> > TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
>> > TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
>> > TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_
>> > WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
>> > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
>> > TLS_RSA_WITH_AES_128_CBC_SHA,
>> > TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
>> > TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
>> > TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES
>> > _128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
>> > TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA,
>> > TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA,
>> > TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
>> > TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_W
>> > ITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
>> > TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
>> > SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
>> > SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5,
>> > TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
>> > Compression Methods: { 0 }
>> > Extension elliptic_curves, curve names: {secp256r1, sect163k1,
>> sect163r2,
>> > secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1,
>> secp384r1,
>> > sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1,
>> secp160r1,
>> > secp160r2, sect163r1, secp1 92k1, sect193r1, sect193r2, secp224k1,
>> sect239k1,
>> > secp256k1} Extension ec_point_formats, formats: [uncompressed]
>> > Extension signature_algorithms, signature_algorithms:
>> > SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA,
>> > SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA,
>> > SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
>> > ***
>> > [write] MD5 and SHA1 hashes: len = 221
>> > 0000: 01 00 00 D9 03 03 54 49 66 8B B7 D1 2F 94 36 CA
>> ......TIf.../.6.
>> > 0010: 62 08 BF DE 7A F8 50 BE 35 58 80 82 7E 6C 64 52
>> b...z.P.5X...ldR
>> > 0020: 64 C5 D5 1F 59 60 00 00 54 C0 24 C0 28 00 3D C0
>> d...Y`..T.$.(.=.
>> > 0030: 26 C0 2A 00 6B 00 6A C0 0A C0 14 00 35 C0 05 C0
>> &.*.k.j.....5...
>> > 0040: 0F 00 39 00 38 C0 23 C0 27 00 3C C0 25 C0 29 00
>> ..9.8.#.'.<.%.).
>> > 0050: 67 00 40 C0 09 C0 13 00 2F C0 04 C0 0E 00 33 00 g.@
>> ...../.....3.
>> > 0060: 32 C0 07 C0 11 00 05 C0 02 C0 0C C0 08 C0 12 00
>> 2...............
>> > 0070: 0A C0 03 C0 0D 00 16 00 13 00 04 00 FF 01 00 00
>> ................
>> > 0080: 5C 00 0A 00 34 00 32 00 17 00 01 00 03 00 13 00
>> \...4.2.........
>> > 0090: 15 00 06 00 07 00 09 00 0A 00 18 00 0B 00 0C 00
>> ................
>> > 00A0: 19 00 0D 00 0E 00 0F 00 10 00 11 00 02 00 12 00
>> ................
>> > 00B0: 04 00 05 00 14 00 08 00 16 00 0B 00 02 01 00 00
>> ................
>> > 00C0: 0D 00 1A 00 18 06 03 06 01 05 03 05 01 04 03 04
>> ................
>> > 00D0: 01 03 03 03 01 02 03 02 01 02 02 01 01 .............
>> > [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default
>> (self-tuning)',
>> > WRITE: TLSv1.2 Handshake, length = 221 [write] MD5 and SHA1 hashes:
>> len =
>> > 188
>> > 0000: 01 03 03 00 93 00 00 00 20 00 C0 24 00 C0 28 00 ........
>> ..$..(.
>> > 0010: 00 3D 00 C0 26 00 C0 2A 00 00 6B 00 00 6A 00 C0
>> .=..&..*..k..j..
>> > 0020: 0A 07 00 C0 00 C0 14 00 00 35 00 C0 05 00 C0 0F
>> .........5......
>> > 0030: 00 00 39 00 00 38 00 C0 23 00 C0 27 00 00 3C 00
>> ..9..8..#..'..<.
>> > 0040: C0 25 00 C0 29 00 00 67 00 00 40 00 C0 09 06 00 .%..)..g..@
>> .....
>> > 0050: 40 00 C0 13 00 00 2F 00 C0 04 01 00 80 00 C0 0E
>> @...../.........
>> > 0060: 00 00 33 00 00 32 00 C0 07 05 00 80 00 C0 11 00
>> ..3..2..........
>> > 0070: 00 05 00 C0 02 00 C0 0C 00 C0 08 00 C0 12 00 00
>> ................
>> > 0080: 0A 07 00 C0 00 C0 03 02 00 80 00 C0 0D 00 00 16
>> ................
>> > 0090: 00 00 13 00 00 04 01 00 80 00 00 FF 54 49 66 8B
>> ............TIf.
>> > 00A0: B7 D1 2F 94 36 CA 62 08 BF DE 7A F8 50 BE 35 58
>> ../.6.b...z.P.5X
>> > 00B0: 80 82 7E 6C 64 52 64 C5 D5 1F 59 60 ...ldRd...Y`
>> > [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default
>> (self-tuning)',
>> > WRITE: SSLv2 client hello message, length = 188 [Raw write]: length
>> > =
>> 190
>> > 0000: 80 BC 01 03 03 00 93 00 00 00 20 00 C0 24 00 C0 ..........
>> ..$..
>> > 0010: 28 00 00 3D 00 C0 26 00 C0 2A 00 00 6B 00 00 6A
>> (..=..&..*..k..j
>> > 0020: 00 C0 0A 07 00 C0 00 C0 14 00 00 35 00 C0 05 00
>> ...........5....
>> > 0030: C0 0F 00 00 39 00 00 38 00 C0 23 00 C0 27 00 00
>> ....9..8..#..'..
>> > 0040: 3C 00 C0 25 00 C0 29 00 00 67 00 00 40 00 C0 09 <..%..)..g..@
>> ...
>> > 0050: 06 00 40 00 C0 13 00 00 2F 00 C0 04 01 00 80 00
>> ..@...../.......
>> > 0060: C0 0E 00 00 33 00 00 32 00 C0 07 05 00 80 00 C0
>> ....3..2........
>> > 0070: 11 00 00 05 00 C0 02 00 C0 0C 00 C0 08 00 C0 12
>> ................
>> > 0080: 00 00 0A 07 00 C0 00 C0 03 02 00 80 00 C0 0D 00
>> ................
>> > 0090: 00 16 00 00 13 00 00 04 01 00 80 00 00 FF 54 49
>> ..............TI
>> > 00A0: 66 8B B7 D1 2F 94 36 CA 62 08 BF DE 7A F8 50 BE
>> f.../.6.b...z.P.
>> > 00B0: 35 58 80 82 7E 6C 64 52 64 C5 D5 1F 59 60 5X...ldRd...Y`
>> > <Oct 23, 2014 4:35:23 PM EDT> <Debug> <SecuritySSL> <BEA-000000>
>> > <[Thread[[ACTIVE] ExecuteThread: '0' for queue:
>> 'weblogic.kernel.Default (self-
>> > tuning)',5,Pooled Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE:
>> > SSLEngine.wrap(ByteBuffer,ByteBuffer)
>> > called: result=Status = OK HandshakeStatus = NEED_UNWRAP
>> > bytesConsumed =
>> > 0 bytesProduced = 190.> <Oct 23, 2014 4:35:23 PM EDT> <Debug>
>> > <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: '0' for
>> queue:
>> > 'weblogic.kernel.Default (self-tuning)',5,Pooled
>> > Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE:
>> > SSLEngine.unwrap(ByteBuffer,ByteBuffer
>> > []) called: result=Status = BUFFER_UNDERFLOW HandshakeStatus =
>> > NEED_UNWRAP bytesConsumed = 0 bytesProduced = 0.> [Raw read]: length = 5
>> > 0000: 15 03 03 00 02 .....
>> > [Raw read]: length = 2
>> > 0000: 02 28 .(
>> > [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default
>> (self-tuning)',
>> > READ: TLSv1.2 Alert, length = 2 [ACTIVE] ExecuteThread: '0' for queue:
>> > 'weblogic.kernel.Default (self-tuning)', RECV TLSv1 ALERT: fatal,
>> > handshake_failure [ACTIVE] ExecuteThread: '0' for queue:
>> > 'weblogic.kernel.Default (self-tuning)', fatal: engine already closed.
>> > Rethrowing javax.net.ssl.SSLException: Received fatal alert:
>> handshake_failure
>> > [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default
>> (self-tuning)',
>> > fatal: engine already closed. Rethrowing javax.net.ssl.SSLException:
>> Received
>> > fatal alert: handshake_failure <Oct 23, 2014 4:35:23 PM EDT>
>> > <Debug> <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE] ExecuteThread:
>> > '0' for
>> queue:
>> > 'weblogic.kernel.Default (self-tuning)',5,Pooled
>> > Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE: Exception
>> occurred
>> > during SSLEngine.un wrap(ByteBuffer,ByteBuffer[]).
>> > javax.net.ssl.SSLException: Received fatal alert: handshake_failure
>> > at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
>> > at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1619)
>> > at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1587)
>> > at
>> sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1756)
>> > at
>> sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1060)
>> > at
>> sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:884)
>> > at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758)
>> > at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:664)
>> > at
>> >
>> weblogic.security.SSL.jsseadapter.JaSSLEngine$5.run(JaSSLEngine.java:
>> 134)
>> > at
>> >
>> weblogic.security.SSL.jsseadapter.JaSSLEngine.doAction(JaSSLEngine.ja
>> va:732)
>> > at
>> >
>> weblogic.security.SSL.jsseadapter.JaSSLEngine.unwrap(JaSSLEngine.java
>> :132)
>> > at
>> weblogic.socket.JSSEFilterImpl.unwrap(JSSEFilterImpl.java:505)
>> > at
>> >
>> weblogic.socket.JSSEFilterImpl.unwrapAndHandleResults(JSSEFilterImpl.
>> java:44
>> > 8)
>> > at
>> weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:80)
>> > at
>> weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:64)
>> > at
>> weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:59)
>> > at weblogic.socket.JSSEFilterImpl.write(JSSEFilterImpl.java:390)
>> > at
>> > weblogic.socket.JSSESocket$JSSEOutputStream.write(JSSESocket.java:89)
>> > at
>> > java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
>> > at
>> java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
>> > at java.io.FilterOutputStream.flush(FilterOutputStream.java:140)
>> > at
>> >
>> weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.j
>> ava:1
>> > 86)
>> > at
>> >
>> weblogic.net.http.HttpURLConnection.getOutputStream(HttpURLConnection
>> .jav
>> > a:280)
>> > at
>> > org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectio
>> > nWra
>> > ppedOutputStream.setupWrappedStream(URLConnectionHTTPConduit.java:1
>> > 68
>> > )
>> > at
>> > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handl
>> > eHea
>> > dersTrustCaching(HTTPConduit.java:1278)
>> > at
>> >
>> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirst
>> Writ
>> > e(HTTPConduit.java:1234)
>> > at
>> > org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectio
>> > nWra
>> > ppedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:195)
>> > at
>> > org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrapped
>> > Outpu
>> > tStream.java:47)
>> > at
>> >
>> org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresho
>> ldOutp
>> > utStream.java:69)
>> > at
>> > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close
>> > (HTTP
>> > Conduit.java:1291)
>> > at
>> org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:5
>> 6)
>> > at
>> org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:623)
>> > at
>> > org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEn
>> > dingI
>> > nterceptor.handleMessage(MessageSenderInterceptor.java:62)
>> > at
>> >
>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseIntercept
>> orChai
>> > n.java:271)
>> > at
>> org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:541)
>> > at
>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:474)
>> > at
>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:377)
>> > at
>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:330)
>> > at
>> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
>> > at
>> > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134)
>> > at com.sun.proxy.$Proxy258.startTransaction(Unknown Source)
>> > at
>> >
>> com.optimal.identity.gateway.equifax.eidverify.VerifyClient.initiateV
>> erification(
>> > VerifyClient.java:87)
>> > at
>> >
>> com.optimal.identity.gateway.equifax.eidverify.VerifyGateway.submitIn
>> itial(Ve
>> > rifyGateway.java:24)
>> > at
>> >
>> com.optimal.identity.service.IdentificationServiceImpl.submitInitial(
>> Identificatio
>> > nServiceImpl.java:147)
>> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> > at
>> >
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:
>> > 57)
>> > at
>> >
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
>> sorI
>> > mpl.java:43)
>> > at java.lang.reflect.Method.invoke(Method.java:606)
>> > at
>> >
>> org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflecti
>> on(Aop
>> > Utils.java:317)
>> > at
>> >
>> org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJo
>> inpo
>> > int(ReflectiveMethodInvocation.java:183)
>> > at
>> >
>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
>> Refl
>> > ectiveMethodInvocation.java:150)
>> > at
>> >
>> org.springframework.transaction.interceptor.TransactionInterceptor.in
>> voke(Tra
>> > nsactionInterceptor.java:110)
>> > at
>> >
>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
>> Refl
>> > ectiveMethodInvocation.java:172)
>> > at
>> > org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDyna
>> > mic
>> > AopProxy.java:204)
>> > at com.sun.proxy.$Proxy211.submitInitial(Unknown Source)
>> > at
>> >
>> com.optimal.identity.web.rest.IdentificationController.create(Identif
>> icationCont
>> > roller.java:133)
>> > at
>> >
>> com.optimal.identity.web.rest.IdentificationController$$FastClassByCG
>> LIB$$95f
>> > 388d3.invoke(<generated>)
>> > at
>> > org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
>> > at
>> > org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocati
>> > on.in
>> > vokeJoinpoint(CglibAopProxy.java:698)
>> > at
>> >
>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
>> Refl
>> > ectiveMethodInvocation.java:150)
>> > at
>> >
>> org.springframework.security.access.intercept.aopalliance.MethodSecur
>> ityInter
>> > ceptor.invoke(MethodSecurityInterceptor.java:64)
>> > at
>> >
>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
>> Refl
>> > ectiveMethodInvocation.java:172)
>> > at
>> > org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInter
>> > cept
>> > or.intercept(CglibAopProxy.java:631)
>> > at
>> >
>> com.optimal.identity.web.rest.IdentificationController$$EnhancerByCGL
>> IB$$36
>> > b7b48f.create(<generated>)
>> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> > at
>> >
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:
>> > 57)
>> > at
>> >
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
>> sorI
>> > mpl.java:43)
>> > at java.lang.reflect.Method.invoke(Method.java:606)
>> > at
>> > org.springframework.web.method.support.InvocableHandlerMethod.invok
>> > e(Inv
>> > ocableHandlerMethod.java:219)
>> > at
>> > org.springframework.web.method.support.InvocableHandlerMethod.invok
>> > eFor
>> > Request(InvocableHandlerMethod.java:132)
>> > at
>> >
>> org.springframework.web.servlet.mvc.method.annotation.ServletInvocabl
>> eHan
>> > dlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:104)
>> > at
>> > org.springframework.web.servlet.mvc.method.annotation.RequestMappin
>> > gHan
>> > dlerAdapter.invokeHandleMethod(RequestMappingHandlerAdapter.java:745)
>> > at
>> > org.springframework.web.servlet.mvc.method.annotation.RequestMappin
>> > gHan
>> > dlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:686)
>> > at
>> > org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.
>> > handle(AbstractHandlerMethodAdapter.java:80)
>> > at
>> >
>> org.springframework.web.servlet.DispatcherServlet.doDispatch(Dispatch
>> erServl
>> > et.java:925)
>> > at
>> >
>> org.springframework.web.servlet.DispatcherServlet.doService(Dispatche
>> rServle
>> > t.java:856)
>> > at
>> > org.springframework.web.servlet.FrameworkServlet.processRequest(Fra
>> > mewor
>> > kServlet.java:920)
>> > at
>> >
>> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServ
>> let.j
>> > ava:827)
>> > at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
>> > at
>> >
>> org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.
>> > java:801)
>> > at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
>> > at
>> >
>> weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run
>> (StubSecu
>> > rityHelper.java:227)
>> > at
>> >
>> weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecuri
>> tyHelper.j
>> > ava:125)
>> > at
>> >
>> weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.jav
>> a:301)
>> > at
>> weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
>> > at
>> >
>> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
>> va:56)
>> > at
>> >
>> org.springframework.web.filter.ShallowEtagHeaderFilter.doFilterIntern
>> al(Shallo
>> > wEtagHeaderFilter.java:73)
>> > at
>> >
>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerR
>> equest
>> > Filter.java:107)
>> > at
>> >
>> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(D
>> elegati
>> > ngFilterProxy.java:346)
>> > at
>> >
>> org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegat
>> ingFilter
>> > Proxy.java:259)
>> > at
>> >
>> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
>> va:56)
>> > at
>> >
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
>> doFilter(
>> > FilterChainProxy.java:330)
>> > at
>> >
>> org.springframework.security.web.access.intercept.FilterSecurityInter
>> ceptor.inv
>> > oke(FilterSecurityInterceptor.java:118)
>> > at
>> >
>> org.springframework.security.web.access.intercept.FilterSecurityInter
>> ceptor.do
>> > Filter(FilterSecurityInterceptor.java:84)
>> > at
>> >
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
>> doFilter(
>> > FilterChainProxy.java:342)
>> > at
>> >
>> org.springframework.security.web.access.ExceptionTranslationFilter.do
>> Filter(Ex
>> > ceptionTranslationFilter.java:113)
>> > at
>> >
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
>> doFilter(
>> > FilterChainProxy.java:342)
>> > at
>> >
>> org.springframework.security.web.authentication.AnonymousAuthenticati
>> onFilt
>> > er.doFilter(AnonymousAuthenticationFilter.java:113)
>> > at
>> >
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
>> doFilter(
>> > FilterChainProxy.java:342)
>> > at
>> >
>> org.springframework.security.web.servletapi.SecurityContextHolderAwar
>> eRequ
>> > estFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
>> > at
>> >
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
>> doFilter(
>> > FilterChainProxy.java:342)
>> > at
>> >
>> org.springframework.security.web.authentication.www.BasicAuthenticati
>> onFilt
>> > er.doFilter(BasicAuthenticationFilter.java:201)
>> > at
>> >
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
>> doFilter(
>> > FilterChainProxy.java:342)
>> > at
>> >
>> org.springframework.security.web.context.SecurityContextPersistenceFi
>> lter.doF
>> > ilter(SecurityContextPersistenceFilter.java:87)
>> > at
>> >
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
>> doFilter(
>> > FilterChainProxy.java:342)
>> > at
>> >
>> org.springframework.security.web.FilterChainProxy.doFilterInternal(Fi
>> lterChain
>> > Proxy.java:192)
>> > at
>> >
>> org.springframework.security.web.FilterChainProxy.doFilter(FilterChai
>> nProxy.ja
>> > va:160)
>> > at
>> >
>> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(D
>> elegati
>> > ngFilterProxy.java:346)
>> > at
>> >
>> org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegat
>> ingFilter
>> > Proxy.java:259)
>> > at
>> >
>> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
>> va:56)
>> > at
>> >
>> com.optimal.rest.loggerfilter.LoggerFilter.doFilterInternal(LoggerFil
>> ter.java:16
>> > 9)
>> > at
>> >
>> com.optimal.rest.loggerfilter.LoggerFilter.doFilter(LoggerFilter.java
>> :123)
>> > at
>> >
>> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(D
>> elegati
>> > ngFilterProxy.java:346)
>> > at
>> >
>> org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegat
>> ingFilter
>> > Proxy.java:259)
>> > at
>> >
>> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
>> va:56)
>> > at
>> >
>> com.optimal.web.spring.filter.ApplicationUidFilter.doFilterInternal(A
>> pplicationU
>> > idFilter.java:51)
>> > at
>> >
>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerR
>> equest
>> > Filter.java:107)
>> > at
>> >
>> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(D
>> elegati
>> > ngFilterProxy.java:346)
>> > at
>> >
>> org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegat
>> ingFilter
>> > Proxy.java:259)
>> > at
>> >
>> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
>> va:56)
>> > at
>> >
>> weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
>> n.wrap
>> > Run(WebAppServletContext.java:3730)
>> > at
>> >
>> weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
>> n.run(
>> > WebAppServletContext.java:3696)
>> > at
>> >
>> weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
>> dSubject.j
>> > ava:321)
>> > at
>> >
>> weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
>> 120)
>> > at
>> >
>> weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppS
>> ervl
>> > etContext.java:2273)
>> > at
>> >
>> weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletC
>> onte
>> > xt.java:2179)
>> > at
>> >
>> weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.j
>> ava:1490
>> > )
>> > at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
>> > at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
>> > >
>> > AVIS IMPORTANT
>> >
>> > WARNING
>> >
>> >
>> > Ce message ?lectronique et ses pi?ces jointes peuvent contenir des
>> > renseignements confidentiels, exclusifs ou l?galement privil?gi?s
>> destin?s au
>> > seul usage du destinataire vis?. L'exp?diteur original ne renonce ?
>> aucun
>> > privil?ge ou ? aucun autre droit si le pr?sent message a ?t?
>> > transmis involontairement ou s'il est retransmis sans son
>> > autorisation. Si vous
>> n'?tes pas
>> > le destinataire vis? du pr?sent message ou si vous l'avez re?u par
>> erreur,
>> > veuillez cesser imm?diatement de le lire et le supprimer, ainsi que
>> toutes ses
>> > pi?ces jointes, de votre syst?me. La lecture, la distribution, la
>> > copie
>> ou tout
>> > autre usage du pr?sent message ou de ses pi?ces jointes par des
>> personnes
>> > autres que le destinataire vis? ne sont pas autoris?s et pourraient
>> ?tre ill?gaux.
>> > Si vous avez re?u ce courrier ?lectronique par erreur, veuillez en
>> aviser
>> > l'exp?diteur.
>> >
>> >
>> > This electronic message and its attachments may contain
>> > confidential, proprietary or legally privileged information, which
>> > is solely for the
>> use of the
>> > intended recipient. No privilege or other rights are waived by any
>> unintended
>> > transmission or unauthorized retransmission of this message. If you
>> > are
>> not the
>> > intended recipient of this message, or if you have received it in
>> error, you
>> > should immediately stop reading this message and delete it and all
>> > attachments from your system. The reading, distribution, copying or
>> other use
>> > of this message or its attachments by unintended recipients is
>> unauthorized and
>> > may be unlawful. If you have received this e-mail in error, please
>> notify the
>> > sender.
>> >
>> > --
>> > WARNING
>> > -------
>> > This electronic message and its attachments may contain
>> > confidential, proprietary or legally privileged information, which
>> > is solely for the
>> use of the
>> > intended recipient. No privilege or other rights are waived by any
>> unintended
>> > transmission or unauthorized retransmission of this message. If
>> > you
>> are not the
>> > intended recipient of this message, or if you have received it in
>> error, you
>> > should immediately stop reading this message and delete it and all
>> > attachments from your system. The reading, distribution, copying
>> > or
>> other use
>> > of this message or its attachments by unintended recipients is
>> unauthorized and
>> > may be unlawful. If you have received this e-mail in error, please
>> notify the
>> > sender.
>> >
>> > AVIS IMPORTANT
>> > --------------
>> > Ce message electronique et ses pieces jointes peuvent contenir des
>> > renseignements confidentiels, exclusifs ou legalement privilegies
>> destines au
>> > seul usage du destinataire vise. L'expediteur original ne renonce
>> > a
>> aucun
>> > privilege ou a aucun autre droit si le present message a ete
>> > transmis involontairement ou s'il est retransmis sans son
>> > autorisation. Si vous
>> n'etes pas
>> > le destinataire vise du present message ou si vous l'avez recu par
>> erreur,
>> > veuillez cesser immediatement de le lire et le supprimer, ainsi que
>> toutes ses
>> > pieces jointes, de votre systeme. La lecture, la distribution, la
>> copie ou tout
>> > autre usage du present message ou de ses pieces jointes par des
>> personnes
>> > autres que le destinataire vise ne sont pas autorises et pourraient
>> etre illegaux.
>> > Si vous avez recu ce courrier electronique par erreur, veuillez en
>> aviser
>> > l'expediteur.
>> >
>> >
>> > --
>> > WARNING
>> > -------
>> > This electronic message and its attachments may contain
>> > confidential, proprietary or legally privileged information, which
>> > is solely for the
>> use of the
>> > intended recipient. No privilege or other rights are waived by any
>> unintended
>> > transmission or unauthorized retransmission of this message. If
>> > you
>> are not the
>> > intended recipient of this message, or if you have received it in
>> error, you
>> > should immediately stop reading this message and delete it and all
>> > attachments from your system. The reading, distribution, copying
>> > or
>> other use
>> > of this message or its attachments by unintended recipients is
>> unauthorized and
>> > may be unlawful. If you have received this e-mail in error, please
>> notify the
>> > sender.
>> >
>> > AVIS IMPORTANT
>> > --------------
>> > Ce message ?lectronique et ses pi?ces jointes peuvent contenir des
>> > renseignements confidentiels, exclusifs ou l?galement privil?gi?s
>> destin?s au
>> > seul usage du destinataire vis?. L'exp?diteur original ne renonce ?
>> aucun
>> > privil?ge ou ? aucun autre droit si le pr?sent message a ?t?
>> > transmis involontairement ou s'il est retransmis sans son
>> > autorisation. Si vous
>> n'?tes pas
>> > le destinataire vis? du pr?sent message ou si vous l'avez re?u par
>> erreur,
>> > veuillez cesser imm?diatement de le lire et le supprimer, ainsi que
>> toutes ses
>> > pi?ces jointes, de votre syst?me. La lecture, la distribution, la
>> copie ou tout
>> > autre usage du pr?sent message ou de ses pi?ces jointes par des
>> personnes
>> > autres que le destinataire vis? ne sont pas autoris?s et pourraient
>> ?tre ill?gaux.
>> > Si vous avez re?u ce courrier ?lectronique par erreur, veuillez en
>> aviser
>> > l'exp?diteur.
>> >
>> > --
>> > WARNING
>> > -------
>> > This electronic message and its attachments may contain
>> > confidential, proprietary or legally privileged information, which
>> > is solely for the
>> use of the
>> > intended recipient. No privilege or other rights are waived by any
>> unintended
>> > transmission or unauthorized retransmission of this message. If
>> > you
>> are not the
>> > intended recipient of this message, or if you have received it in
>> error, you
>> > should immediately stop reading this message and delete it and all
>> > attachments from your system. The reading, distribution, copying
>> > or
>> other use
>> > of this message or its attachments by unintended recipients is
>> unauthorized and
>> > may be unlawful. If you have received this e-mail in error, please
>> notify the
>> > sender.
>> >
>> > AVIS IMPORTANT
>> > --------------
>> > Ce message electronique et ses pieces jointes peuvent contenir des
>> > renseignements confidentiels, exclusifs ou legalement privilegies
>> destines au
>> > seul usage du destinataire vise. L'expediteur original ne renonce
>> > a
>> aucun
>> > privilege ou a aucun autre droit si le present message a ete
>> > transmis involontairement ou s'il est retransmis sans son
>> > autorisation. Si vous
>> n'etes pas
>> > le destinataire vise du present message ou si vous l'avez recu par
>> erreur,
>> > veuillez cesser immediatement de le lire et le supprimer, ainsi que
>> toutes ses
>> > pieces jointes, de votre systeme. La lecture, la distribution, la
>> copie ou tout
>> > autre usage du present message ou de ses pieces jointes par des
>> personnes
>> > autres que le destinataire vise ne sont pas autorises et pourraient
>> etre illegaux.
>> > Si vous avez recu ce courrier electronique par erreur, veuillez en
>> aviser
>> > l'expediteur.
>>
>>
--
WARNING
-------
This electronic message and its attachments may contain confidential,
proprietary or legally privileged information, which is solely for the use of
the intended recipient. No privilege or other rights are waived by any
unintended transmission or unauthorized retransmission of this message. If you
are not the intended recipient of this message, or if you have received it in
error, you should immediately stop reading this message and delete it and all
attachments from your system. The reading, distribution, copying or other use
of this message or its attachments by unintended recipients is unauthorized and
may be unlawful. If you have received this e-mail in error, please notify the
sender.
AVIS IMPORTANT
--------------
Ce message électronique et ses pièces jointes peuvent contenir des
renseignements confidentiels, exclusifs ou légalement privilégiés destinés au
seul usage du destinataire visé. L’expéditeur original ne renonce à aucun
privilège ou à aucun autre droit si le présent message a été transmis
involontairement ou s’il est retransmis sans son autorisation. Si vous n’êtes
pas le destinataire visé du présent message ou si vous l’avez reçu par erreur,
veuillez cesser immédiatement de le lire et le supprimer, ainsi que toutes ses
pièces jointes, de votre système. La lecture, la distribution, la copie ou
tout autre usage du présent message ou de ses pièces jointes par des personnes
autres que le destinataire visé ne sont pas autorisés et pourraient être
illégaux. Si vous avez reçu ce courrier électronique par erreur, veuillez en
aviser l’expéditeur.
