Hi, I run embedded jetty container
Sorry I forgot that you were running weblogic when I responded. In that case do you even use the embedded jetty container? I am guessing no. If not, then you would need to use the standard weblogic ssl configuration. I don't believe CXF is responsible for any of the ssl config in that case. But then I am not very knowledgeable of cxf deployed to a j2ee container sorry. Sorry for the runaround and wasting your time Regards Jason On Tue, Oct 28, 2014 at 2:33 AM, David Roytenberg (Consultant) < [email protected]> wrote: > Hi Jason, > > Are you running on WebLogic by any chance? When I configured the > properties in the deployment to point to the WebLogic default key store and > trust store, I get a java.security.UnrecoverableKeyException while trying > to deploy my application. Did you encounter this problem? > > Here's my config: > > <constructor-arg> > <list> > <bean > class="com.pellcorp.server.jetty.JettyHttpEngineConfig"> > <property name="uri" value=" > https://localhost:7002"; /> > <property name="keyStoreFile" > value="/opt/weblogic_11/wlserver_10.3/server/lib/DemoIdentity.jks" /> > <property name="keyStorePassword" > value="DemoIdentityKeyStorePassPhrase" /> > <property name="trustStoreFile" > value="/opt/weblogic_11/wlserver_10.3/server/lib/DemoTrust.jks" /> > <property > name="trustStorePassword" value="DemoTrustKeyStorePassPhrase" /> > <property > name="secureSocketProtocol" value="TLSv1" /> > </bean> > > <bean > class="com.pellcorp.server.jetty.JettyHttpEngineConfig"> > <property name="uri" value=" > https://localhost:7002"; /> > <property name="keyStoreFile" > value="/opt/weblogic_11/wlserver_10.3/server/lib/DemoIdentity.jks" /> > <property name="keyStorePassword" > value="DemoIdentityKeyStorePassPhrase" /> > <property > name="secureSocketProtocol" value="TLSv1" /> > </bean> > </list> > </constructor-arg> > > David > > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Jason Pell > Sent: Monday, October 27, 2014 7:23 AM > To: [email protected] > Subject: Re: How to Disable SSLv2 client hello in CXF? > > Hi, > > Here is a sample of using your own custom version of the jetty factory in > your spring context. It is pretty invasive, so its actually better to wait > for 2.7.14 and take advantage of the code already there. I use this code > for other reasons though, as it allows me to configure the trust / key > stores via spring properties. > > > https://github.com/pellcorp/cxf/tree/master/JavaFirst/src/main/java/com/pellcorp/server/jetty > > > > A sample spring context: > > > https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/main/resources/META-INF/samlApplicationContext.xml > > > > > On Mon, Oct 27, 2014 at 9:44 PM, Jason Pell <[email protected]> wrote: > > > That setting won't actually control what protocols jetty will actually > > use. I think it just controls what the highest protocol is used. > > > > The excluded protocols list needs to include the sslv2 setting. > > > > we actually overrode the jetty factory jetty engine and one other > > class to get access to the SSL context to configure the excluded > > protocols. Not pretty but we can't wait for 2.7.14. > > > > If you are interested I shall post our classes to my git repo. > > > > Let me know > > On 27/10/2014 8:14 PM, "Andrei Shakirin" <[email protected]> wrote: > > > >> Hi, > >> > >> I guess you mean TLSClientParameters.secureSocketProtocol in Conduit. > >> > >> As far as I can see this parameter is used for creating > >> java.net.ssl.SSLContext: > >> String protocol = parameters.getSecureSocketProtocol() != null ? > >> parameters > >> .getSecureSocketProtocol() : "TLS"; > >> > >> The setting should work. How you apply conduit settings: > >> programmatically or via spring configuration? > >> Could you past the code snapshot? > >> > >> Regards, > >> Andrei. > >> > >> > -----Original Message----- > >> > From: David Roytenberg (Consultant) > >> > [mailto:[email protected]] > >> > Sent: Freitag, 24. Oktober 2014 17:46 > >> > To: [email protected] > >> > Subject: RE: How to Disable SSLv2 client hello in CXF? > >> > > >> > Hello again. > >> > > >> > I've dug further into the CXF documentation and found that it is > >> possible to > >> > programmatically set the SSL protocols on the TLSProperties object > >> > of > >> the > >> > Conduit. > >> > > >> > I've created the TLS properties and set the SSL protocols to TLS1, > >> > but > >> this does > >> > not change the SSL behavior, which still starts with TLSv1.2 then > >> > sends > >> the hello > >> > with SSLv2 which is then dropped on the client end. Is there > >> > another > >> switch that > >> > has to be set to over-ride the default SSL behavior? > >> > > >> > David > >> > > >> > -----Original Message----- > >> > From: David Roytenberg (Consultant) > >> > [mailto:[email protected]] > >> > Sent: Thursday, October 23, 2014 4:57 PM > >> > To: [email protected] > >> > Subject: How to Disable SSLv2 client hello in CXF? > >> > > >> > I'm having an SSL problem and I wonder if there is a way to fix it > >> within CXF > >> > > >> > We have our CXF 2.7.6 based integration deployed on Weblogic 11. > >> > We are using JDK 1.7_065 > >> > > >> > When we connect to our remote client via SSL we get the following > >> > trace > >> with > >> > lots of SSL debugging turned on > >> > > >> > What appears to be happening is that the Hello message is sent with > >> > an > >> SSLV2 > >> > protocol, which our partner's server does not like. Apparently > >> > sending > >> the > >> > Hello at this level is a common behavior and apparently it > >> > sometimes > >> causes > >> > the remote server to fail. I found a suggestion on line that this > >> > can > >> be fixed by > >> > removing the SSLv2 from the allowed protocols. I am wondering if I > >> > can > >> do that > >> > through CFX configuration? > >> > > >> > This is a reference to the article that suggests that removing the > >> protocol is the > >> > solution to this problem: > >> > > >> > > >> http://stackoverflow.com/questions/4682957/why-does-javas-sslsocket-s > >> end-a- > >> > version-2-client-hello > >> > > >> > The protocols are apparently set on the SSLContext in JSSE by > >> > calling setEnabledProtocols(String[] protocols) > >> > > >> > Is there a way to set the enabled protocols on the SSLContext via > >> > CXF configuration? > >> > > >> > If not, is there a way to get hold of the SSLContext > >> > programmatically > >> in a CXF > >> > interceptor? > >> > > >> > We can't fix this problem at the WebLogic level because of > >> > side-effects > >> on > >> > other apps. Thanks in advance for any suggestions or guidance! > >> > > >> > WebLogic SSL debug trace follows: > >> > > >> > %% No cached client session > >> > *** ClientHello, TLSv1.2 > >> > RandomCookie: GMT: 1414096267 bytes = { 183, 209, 47, 148, 54, > >> > 202, > >> 98, 8, > >> > 191, 222, 122, 248, 80, 190, 53, 88, 128, 130, 126, 108, 100, 82, > >> > 100, > >> 197, 213, > >> > 31, 89, 96 } Session ID: {} Cipher Suites: > >> > [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, > >> > TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, > >> > TLS_RSA_WITH_AES_256_CBC_SHA256, > >> > TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, > >> > TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, > >> > TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS > >> > _WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, > >> > TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, > >> > TLS_RSA_WITH_AES_256_CBC_SHA, > >> > TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, > >> > TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, > >> > TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AE > >> > S_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, > >> > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, > >> > TLS_RSA_WITH_AES_128_CBC_SHA256, > >> > TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, > >> > TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, > >> > TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_ > >> > WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, > >> > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, > >> > TLS_RSA_WITH_AES_128_CBC_SHA, > >> > TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, > >> > TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, > >> > TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES > >> > _128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, > >> > TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, > >> > TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, > >> > TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, > >> > TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_W > >> > ITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, > >> > TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, > >> > SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, > >> > SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, > >> > TLS_EMPTY_RENEGOTIATION_INFO_SCSV] > >> > Compression Methods: { 0 } > >> > Extension elliptic_curves, curve names: {secp256r1, sect163k1, > >> sect163r2, > >> > secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, > >> secp384r1, > >> > sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, > >> secp160r1, > >> > secp160r2, sect163r1, secp1 92k1, sect193r1, sect193r2, secp224k1, > >> sect239k1, > >> > secp256k1} Extension ec_point_formats, formats: [uncompressed] > >> > Extension signature_algorithms, signature_algorithms: > >> > SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, > >> > SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, > >> > SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA > >> > *** > >> > [write] MD5 and SHA1 hashes: len = 221 > >> > 0000: 01 00 00 D9 03 03 54 49 66 8B B7 D1 2F 94 36 CA > >> ......TIf.../.6. > >> > 0010: 62 08 BF DE 7A F8 50 BE 35 58 80 82 7E 6C 64 52 > >> b...z.P.5X...ldR > >> > 0020: 64 C5 D5 1F 59 60 00 00 54 C0 24 C0 28 00 3D C0 > >> d...Y`..T.$.(.=. > >> > 0030: 26 C0 2A 00 6B 00 6A C0 0A C0 14 00 35 C0 05 C0 > >> &.*.k.j.....5... > >> > 0040: 0F 00 39 00 38 C0 23 C0 27 00 3C C0 25 C0 29 00 > >> ..9.8.#.'.<.%.). > >> > 0050: 67 00 40 C0 09 C0 13 00 2F C0 04 C0 0E 00 33 00 g.@ > >> ...../.....3. > >> > 0060: 32 C0 07 C0 11 00 05 C0 02 C0 0C C0 08 C0 12 00 > >> 2............... > >> > 0070: 0A C0 03 C0 0D 00 16 00 13 00 04 00 FF 01 00 00 > >> ................ > >> > 0080: 5C 00 0A 00 34 00 32 00 17 00 01 00 03 00 13 00 > >> \...4.2......... > >> > 0090: 15 00 06 00 07 00 09 00 0A 00 18 00 0B 00 0C 00 > >> ................ > >> > 00A0: 19 00 0D 00 0E 00 0F 00 10 00 11 00 02 00 12 00 > >> ................ > >> > 00B0: 04 00 05 00 14 00 08 00 16 00 0B 00 02 01 00 00 > >> ................ > >> > 00C0: 0D 00 1A 00 18 06 03 06 01 05 03 05 01 04 03 04 > >> ................ > >> > 00D0: 01 03 03 03 01 02 03 02 01 02 02 01 01 ............. > >> > [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default > >> (self-tuning)', > >> > WRITE: TLSv1.2 Handshake, length = 221 [write] MD5 and SHA1 hashes: > >> len = > >> > 188 > >> > 0000: 01 03 03 00 93 00 00 00 20 00 C0 24 00 C0 28 00 ........ > >> ..$..(. > >> > 0010: 00 3D 00 C0 26 00 C0 2A 00 00 6B 00 00 6A 00 C0 > >> .=..&..*..k..j.. > >> > 0020: 0A 07 00 C0 00 C0 14 00 00 35 00 C0 05 00 C0 0F > >> .........5...... > >> > 0030: 00 00 39 00 00 38 00 C0 23 00 C0 27 00 00 3C 00 > >> ..9..8..#..'..<. > >> > 0040: C0 25 00 C0 29 00 00 67 00 00 40 00 C0 09 06 00 .%..)..g..@ > >> ..... > >> > 0050: 40 00 C0 13 00 00 2F 00 C0 04 01 00 80 00 C0 0E > >> @...../......... > >> > 0060: 00 00 33 00 00 32 00 C0 07 05 00 80 00 C0 11 00 > >> ..3..2.......... > >> > 0070: 00 05 00 C0 02 00 C0 0C 00 C0 08 00 C0 12 00 00 > >> ................ > >> > 0080: 0A 07 00 C0 00 C0 03 02 00 80 00 C0 0D 00 00 16 > >> ................ > >> > 0090: 00 00 13 00 00 04 01 00 80 00 00 FF 54 49 66 8B > >> ............TIf. > >> > 00A0: B7 D1 2F 94 36 CA 62 08 BF DE 7A F8 50 BE 35 58 > >> ../.6.b...z.P.5X > >> > 00B0: 80 82 7E 6C 64 52 64 C5 D5 1F 59 60 ...ldRd...Y` > >> > [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default > >> (self-tuning)', > >> > WRITE: SSLv2 client hello message, length = 188 [Raw write]: length > >> > = > >> 190 > >> > 0000: 80 BC 01 03 03 00 93 00 00 00 20 00 C0 24 00 C0 .......... > >> ..$.. > >> > 0010: 28 00 00 3D 00 C0 26 00 C0 2A 00 00 6B 00 00 6A > >> (..=..&..*..k..j > >> > 0020: 00 C0 0A 07 00 C0 00 C0 14 00 00 35 00 C0 05 00 > >> ...........5.... > >> > 0030: C0 0F 00 00 39 00 00 38 00 C0 23 00 C0 27 00 00 > >> ....9..8..#..'.. > >> > 0040: 3C 00 C0 25 00 C0 29 00 00 67 00 00 40 00 C0 09 <..%..)..g..@ > >> ... > >> > 0050: 06 00 40 00 C0 13 00 00 2F 00 C0 04 01 00 80 00 > >> ..@...../....... > >> > 0060: C0 0E 00 00 33 00 00 32 00 C0 07 05 00 80 00 C0 > >> ....3..2........ > >> > 0070: 11 00 00 05 00 C0 02 00 C0 0C 00 C0 08 00 C0 12 > >> ................ > >> > 0080: 00 00 0A 07 00 C0 00 C0 03 02 00 80 00 C0 0D 00 > >> ................ > >> > 0090: 00 16 00 00 13 00 00 04 01 00 80 00 00 FF 54 49 > >> ..............TI > >> > 00A0: 66 8B B7 D1 2F 94 36 CA 62 08 BF DE 7A F8 50 BE > >> f.../.6.b...z.P. > >> > 00B0: 35 58 80 82 7E 6C 64 52 64 C5 D5 1F 59 60 > 5X...ldRd...Y` > >> > <Oct 23, 2014 4:35:23 PM EDT> <Debug> <SecuritySSL> <BEA-000000> > >> > <[Thread[[ACTIVE] ExecuteThread: '0' for queue: > >> 'weblogic.kernel.Default (self- > >> > tuning)',5,Pooled Threads]]weblogic.security.SSL.jsseadapter: > SSLENGINE: > >> > SSLEngine.wrap(ByteBuffer,ByteBuffer) > >> > called: result=Status = OK HandshakeStatus = NEED_UNWRAP > >> > bytesConsumed = > >> > 0 bytesProduced = 190.> <Oct 23, 2014 4:35:23 PM EDT> <Debug> > >> > <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: '0' for > >> queue: > >> > 'weblogic.kernel.Default (self-tuning)',5,Pooled > >> > Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE: > >> > SSLEngine.unwrap(ByteBuffer,ByteBuffer > >> > []) called: result=Status = BUFFER_UNDERFLOW HandshakeStatus = > >> > NEED_UNWRAP bytesConsumed = 0 bytesProduced = 0.> [Raw read]: length > = 5 > >> > 0000: 15 03 03 00 02 ..... > >> > [Raw read]: length = 2 > >> > 0000: 02 28 .( > >> > [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default > >> (self-tuning)', > >> > READ: TLSv1.2 Alert, length = 2 [ACTIVE] ExecuteThread: '0' for queue: > >> > 'weblogic.kernel.Default (self-tuning)', RECV TLSv1 ALERT: fatal, > >> > handshake_failure [ACTIVE] ExecuteThread: '0' for queue: > >> > 'weblogic.kernel.Default (self-tuning)', fatal: engine already closed. > >> > Rethrowing javax.net.ssl.SSLException: Received fatal alert: > >> handshake_failure > >> > [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default > >> (self-tuning)', > >> > fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: > >> Received > >> > fatal alert: handshake_failure <Oct 23, 2014 4:35:23 PM EDT> > >> > <Debug> <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: > >> > '0' for > >> queue: > >> > 'weblogic.kernel.Default (self-tuning)',5,Pooled > >> > Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE: Exception > >> occurred > >> > during SSLEngine.un wrap(ByteBuffer,ByteBuffer[]). > >> > javax.net.ssl.SSLException: Received fatal alert: handshake_failure > >> > at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) > >> > at > sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1619) > >> > at > sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1587) > >> > at > >> sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1756) > >> > at > >> sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1060) > >> > at > >> sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:884) > >> > at > sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758) > >> > at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:664) > >> > at > >> > > >> weblogic.security.SSL.jsseadapter.JaSSLEngine$5.run(JaSSLEngine.java: > >> 134) > >> > at > >> > > >> weblogic.security.SSL.jsseadapter.JaSSLEngine.doAction(JaSSLEngine.ja > >> va:732) > >> > at > >> > > >> weblogic.security.SSL.jsseadapter.JaSSLEngine.unwrap(JaSSLEngine.java > >> :132) > >> > at > >> weblogic.socket.JSSEFilterImpl.unwrap(JSSEFilterImpl.java:505) > >> > at > >> > > >> weblogic.socket.JSSEFilterImpl.unwrapAndHandleResults(JSSEFilterImpl. > >> java:44 > >> > 8) > >> > at > >> weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:80) > >> > at > >> weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:64) > >> > at > >> weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:59) > >> > at > weblogic.socket.JSSEFilterImpl.write(JSSEFilterImpl.java:390) > >> > at > >> > weblogic.socket.JSSESocket$JSSEOutputStream.write(JSSESocket.java:89) > >> > at > >> > java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82) > >> > at > >> java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140) > >> > at > java.io.FilterOutputStream.flush(FilterOutputStream.java:140) > >> > at > >> > > >> weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.j > >> ava:1 > >> > 86) > >> > at > >> > > >> weblogic.net.http.HttpURLConnection.getOutputStream(HttpURLConnection > >> .jav > >> > a:280) > >> > at > >> > org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectio > >> > nWra > >> > ppedOutputStream.setupWrappedStream(URLConnectionHTTPConduit.java:1 > >> > 68 > >> > ) > >> > at > >> > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handl > >> > eHea > >> > dersTrustCaching(HTTPConduit.java:1278) > >> > at > >> > > >> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirst > >> Writ > >> > e(HTTPConduit.java:1234) > >> > at > >> > org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectio > >> > nWra > >> > ppedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:195) > >> > at > >> > org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrapped > >> > Outpu > >> > tStream.java:47) > >> > at > >> > > >> org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresho > >> ldOutp > >> > utStream.java:69) > >> > at > >> > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close > >> > (HTTP > >> > Conduit.java:1291) > >> > at > >> org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:5 > >> 6) > >> > at > >> org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:623) > >> > at > >> > org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEn > >> > dingI > >> > nterceptor.handleMessage(MessageSenderInterceptor.java:62) > >> > at > >> > > >> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseIntercept > >> orChai > >> > n.java:271) > >> > at > >> org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:541) > >> > at > >> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:474) > >> > at > >> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:377) > >> > at > >> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:330) > >> > at > >> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96) > >> > at > >> > > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134) > >> > at com.sun.proxy.$Proxy258.startTransaction(Unknown Source) > >> > at > >> > > >> com.optimal.identity.gateway.equifax.eidverify.VerifyClient.initiateV > >> erification( > >> > VerifyClient.java:87) > >> > at > >> > > >> com.optimal.identity.gateway.equifax.eidverify.VerifyGateway.submitIn > >> itial(Ve > >> > rifyGateway.java:24) > >> > at > >> > > >> com.optimal.identity.service.IdentificationServiceImpl.submitInitial( > >> Identificatio > >> > nServiceImpl.java:147) > >> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > >> > at > >> > > >> > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java: > >> > 57) > >> > at > >> > > >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces > >> sorI > >> > mpl.java:43) > >> > at java.lang.reflect.Method.invoke(Method.java:606) > >> > at > >> > > >> org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflecti > >> on(Aop > >> > Utils.java:317) > >> > at > >> > > >> org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJo > >> inpo > >> > int(ReflectiveMethodInvocation.java:183) > >> > at > >> > > >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed( > >> Refl > >> > ectiveMethodInvocation.java:150) > >> > at > >> > > >> org.springframework.transaction.interceptor.TransactionInterceptor.in > >> voke(Tra > >> > nsactionInterceptor.java:110) > >> > at > >> > > >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed( > >> Refl > >> > ectiveMethodInvocation.java:172) > >> > at > >> > org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDyna > >> > mic > >> > AopProxy.java:204) > >> > at com.sun.proxy.$Proxy211.submitInitial(Unknown Source) > >> > at > >> > > >> com.optimal.identity.web.rest.IdentificationController.create(Identif > >> icationCont > >> > roller.java:133) > >> > at > >> > > >> com.optimal.identity.web.rest.IdentificationController$$FastClassByCG > >> LIB$$95f > >> > 388d3.invoke(<generated>) > >> > at > >> > > org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) > >> > at > >> > org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocati > >> > on.in > >> > vokeJoinpoint(CglibAopProxy.java:698) > >> > at > >> > > >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed( > >> Refl > >> > ectiveMethodInvocation.java:150) > >> > at > >> > > >> org.springframework.security.access.intercept.aopalliance.MethodSecur > >> ityInter > >> > ceptor.invoke(MethodSecurityInterceptor.java:64) > >> > at > >> > > >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed( > >> Refl > >> > ectiveMethodInvocation.java:172) > >> > at > >> > org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInter > >> > cept > >> > or.intercept(CglibAopProxy.java:631) > >> > at > >> > > >> com.optimal.identity.web.rest.IdentificationController$$EnhancerByCGL > >> IB$$36 > >> > b7b48f.create(<generated>) > >> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > >> > at > >> > > >> > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java: > >> > 57) > >> > at > >> > > >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces > >> sorI > >> > mpl.java:43) > >> > at java.lang.reflect.Method.invoke(Method.java:606) > >> > at > >> > org.springframework.web.method.support.InvocableHandlerMethod.invok > >> > e(Inv > >> > ocableHandlerMethod.java:219) > >> > at > >> > org.springframework.web.method.support.InvocableHandlerMethod.invok > >> > eFor > >> > Request(InvocableHandlerMethod.java:132) > >> > at > >> > > >> org.springframework.web.servlet.mvc.method.annotation.ServletInvocabl > >> eHan > >> > dlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:104) > >> > at > >> > org.springframework.web.servlet.mvc.method.annotation.RequestMappin > >> > gHan > >> > dlerAdapter.invokeHandleMethod(RequestMappingHandlerAdapter.java:745) > >> > at > >> > org.springframework.web.servlet.mvc.method.annotation.RequestMappin > >> > gHan > >> > dlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:686) > >> > at > >> > > org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter. > >> > handle(AbstractHandlerMethodAdapter.java:80) > >> > at > >> > > >> org.springframework.web.servlet.DispatcherServlet.doDispatch(Dispatch > >> erServl > >> > et.java:925) > >> > at > >> > > >> org.springframework.web.servlet.DispatcherServlet.doService(Dispatche > >> rServle > >> > t.java:856) > >> > at > >> > org.springframework.web.servlet.FrameworkServlet.processRequest(Fra > >> > mewor > >> > kServlet.java:920) > >> > at > >> > > >> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServ > >> let.j > >> > ava:827) > >> > at > javax.servlet.http.HttpServlet.service(HttpServlet.java:727) > >> > at > >> > > >> > org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet. > >> > java:801) > >> > at > javax.servlet.http.HttpServlet.service(HttpServlet.java:820) > >> > at > >> > > >> weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run > >> (StubSecu > >> > rityHelper.java:227) > >> > at > >> > > >> weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecuri > >> tyHelper.j > >> > ava:125) > >> > at > >> > > >> weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.jav > >> a:301) > >> > at > >> weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26) > >> > at > >> > > >> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja > >> va:56) > >> > at > >> > > >> org.springframework.web.filter.ShallowEtagHeaderFilter.doFilterIntern > >> al(Shallo > >> > wEtagHeaderFilter.java:73) > >> > at > >> > > >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerR > >> equest > >> > Filter.java:107) > >> > at > >> > > >> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(D > >> elegati > >> > ngFilterProxy.java:346) > >> > at > >> > > >> org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegat > >> ingFilter > >> > Proxy.java:259) > >> > at > >> > > >> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja > >> va:56) > >> > at > >> > > >> org.springframework.security.web.FilterChainProxy$VirtualFilterChain. > >> doFilter( > >> > FilterChainProxy.java:330) > >> > at > >> > > >> org.springframework.security.web.access.intercept.FilterSecurityInter > >> ceptor.inv > >> > oke(FilterSecurityInterceptor.java:118) > >> > at > >> > > >> org.springframework.security.web.access.intercept.FilterSecurityInter > >> ceptor.do > >> > Filter(FilterSecurityInterceptor.java:84) > >> > at > >> > > >> org.springframework.security.web.FilterChainProxy$VirtualFilterChain. > >> doFilter( > >> > FilterChainProxy.java:342) > >> > at > >> > > >> org.springframework.security.web.access.ExceptionTranslationFilter.do > >> Filter(Ex > >> > ceptionTranslationFilter.java:113) > >> > at > >> > > >> org.springframework.security.web.FilterChainProxy$VirtualFilterChain. > >> doFilter( > >> > FilterChainProxy.java:342) > >> > at > >> > > >> org.springframework.security.web.authentication.AnonymousAuthenticati > >> onFilt > >> > er.doFilter(AnonymousAuthenticationFilter.java:113) > >> > at > >> > > >> org.springframework.security.web.FilterChainProxy$VirtualFilterChain. > >> doFilter( > >> > FilterChainProxy.java:342) > >> > at > >> > > >> org.springframework.security.web.servletapi.SecurityContextHolderAwar > >> eRequ > >> > estFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54) > >> > at > >> > > >> org.springframework.security.web.FilterChainProxy$VirtualFilterChain. > >> doFilter( > >> > FilterChainProxy.java:342) > >> > at > >> > > >> org.springframework.security.web.authentication.www.BasicAuthenticati > >> onFilt > >> > er.doFilter(BasicAuthenticationFilter.java:201) > >> > at > >> > > >> org.springframework.security.web.FilterChainProxy$VirtualFilterChain. > >> doFilter( > >> > FilterChainProxy.java:342) > >> > at > >> > > >> org.springframework.security.web.context.SecurityContextPersistenceFi > >> lter.doF > >> > ilter(SecurityContextPersistenceFilter.java:87) > >> > at > >> > > >> org.springframework.security.web.FilterChainProxy$VirtualFilterChain. > >> doFilter( > >> > FilterChainProxy.java:342) > >> > at > >> > > >> org.springframework.security.web.FilterChainProxy.doFilterInternal(Fi > >> lterChain > >> > Proxy.java:192) > >> > at > >> > > >> org.springframework.security.web.FilterChainProxy.doFilter(FilterChai > >> nProxy.ja > >> > va:160) > >> > at > >> > > >> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(D > >> elegati > >> > ngFilterProxy.java:346) > >> > at > >> > > >> org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegat > >> ingFilter > >> > Proxy.java:259) > >> > at > >> > > >> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja > >> va:56) > >> > at > >> > > >> com.optimal.rest.loggerfilter.LoggerFilter.doFilterInternal(LoggerFil > >> ter.java:16 > >> > 9) > >> > at > >> > > >> com.optimal.rest.loggerfilter.LoggerFilter.doFilter(LoggerFilter.java > >> :123) > >> > at > >> > > >> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(D > >> elegati > >> > ngFilterProxy.java:346) > >> > at > >> > > >> org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegat > >> ingFilter > >> > Proxy.java:259) > >> > at > >> > > >> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja > >> va:56) > >> > at > >> > > >> com.optimal.web.spring.filter.ApplicationUidFilter.doFilterInternal(A > >> pplicationU > >> > idFilter.java:51) > >> > at > >> > > >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerR > >> equest > >> > Filter.java:107) > >> > at > >> > > >> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(D > >> elegati > >> > ngFilterProxy.java:346) > >> > at > >> > > >> org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegat > >> ingFilter > >> > Proxy.java:259) > >> > at > >> > > >> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja > >> va:56) > >> > at > >> > > >> weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio > >> n.wrap > >> > Run(WebAppServletContext.java:3730) > >> > at > >> > > >> weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio > >> n.run( > >> > WebAppServletContext.java:3696) > >> > at > >> > > >> weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate > >> dSubject.j > >> > ava:321) > >> > at > >> > > >> weblogic.security.service.SecurityManager.runAs(SecurityManager.java: > >> 120) > >> > at > >> > > >> weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppS > >> ervl > >> > etContext.java:2273) > >> > at > >> > > >> weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletC > >> onte > >> > xt.java:2179) > >> > at > >> > > >> weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.j > >> ava:1490 > >> > ) > >> > at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256) > >> > at weblogic.work.ExecuteThread.run(ExecuteThread.java:221) > >> > > > >> > AVIS IMPORTANT > >> > > >> > WARNING > >> > > >> > > >> > Ce message ?lectronique et ses pi?ces jointes peuvent contenir des > >> > renseignements confidentiels, exclusifs ou l?galement privil?gi?s > >> destin?s au > >> > seul usage du destinataire vis?. L'exp?diteur original ne renonce ? > >> aucun > >> > privil?ge ou ? aucun autre droit si le pr?sent message a ?t? > >> > transmis involontairement ou s'il est retransmis sans son > >> > autorisation. Si vous > >> n'?tes pas > >> > le destinataire vis? du pr?sent message ou si vous l'avez re?u par > >> erreur, > >> > veuillez cesser imm?diatement de le lire et le supprimer, ainsi que > >> toutes ses > >> > pi?ces jointes, de votre syst?me. La lecture, la distribution, la > >> > copie > >> ou tout > >> > autre usage du pr?sent message ou de ses pi?ces jointes par des > >> personnes > >> > autres que le destinataire vis? ne sont pas autoris?s et pourraient > >> ?tre ill?gaux. > >> > Si vous avez re?u ce courrier ?lectronique par erreur, veuillez en > >> aviser > >> > l'exp?diteur. > >> > > >> > > >> > This electronic message and its attachments may contain > >> > confidential, proprietary or legally privileged information, which > >> > is solely for the > >> use of the > >> > intended recipient. No privilege or other rights are waived by any > >> unintended > >> > transmission or unauthorized retransmission of this message. If you > >> > are > >> not the > >> > intended recipient of this message, or if you have received it in > >> error, you > >> > should immediately stop reading this message and delete it and all > >> > attachments from your system. The reading, distribution, copying or > >> other use > >> > of this message or its attachments by unintended recipients is > >> unauthorized and > >> > may be unlawful. If you have received this e-mail in error, please > >> notify the > >> > sender. > >> > > >> > -- > >> > WARNING > >> > ------- > >> > This electronic message and its attachments may contain > >> > confidential, proprietary or legally privileged information, which > >> > is solely for the > >> use of the > >> > intended recipient. No privilege or other rights are waived by any > >> unintended > >> > transmission or unauthorized retransmission of this message. If > >> > you > >> are not the > >> > intended recipient of this message, or if you have received it in > >> error, you > >> > should immediately stop reading this message and delete it and all > >> > attachments from your system. The reading, distribution, copying > >> > or > >> other use > >> > of this message or its attachments by unintended recipients is > >> unauthorized and > >> > may be unlawful. If you have received this e-mail in error, please > >> notify the > >> > sender. > >> > > >> > AVIS IMPORTANT > >> > -------------- > >> > Ce message electronique et ses pieces jointes peuvent contenir des > >> > renseignements confidentiels, exclusifs ou legalement privilegies > >> destines au > >> > seul usage du destinataire vise. L'expediteur original ne renonce > >> > a > >> aucun > >> > privilege ou a aucun autre droit si le present message a ete > >> > transmis involontairement ou s'il est retransmis sans son > >> > autorisation. Si vous > >> n'etes pas > >> > le destinataire vise du present message ou si vous l'avez recu par > >> erreur, > >> > veuillez cesser immediatement de le lire et le supprimer, ainsi que > >> toutes ses > >> > pieces jointes, de votre systeme. La lecture, la distribution, la > >> copie ou tout > >> > autre usage du present message ou de ses pieces jointes par des > >> personnes > >> > autres que le destinataire vise ne sont pas autorises et pourraient > >> etre illegaux. > >> > Si vous avez recu ce courrier electronique par erreur, veuillez en > >> aviser > >> > l'expediteur. > >> > > >> > > >> > -- > >> > WARNING > >> > ------- > >> > This electronic message and its attachments may contain > >> > confidential, proprietary or legally privileged information, which > >> > is solely for the > >> use of the > >> > intended recipient. No privilege or other rights are waived by any > >> unintended > >> > transmission or unauthorized retransmission of this message. If > >> > you > >> are not the > >> > intended recipient of this message, or if you have received it in > >> error, you > >> > should immediately stop reading this message and delete it and all > >> > attachments from your system. The reading, distribution, copying > >> > or > >> other use > >> > of this message or its attachments by unintended recipients is > >> unauthorized and > >> > may be unlawful. If you have received this e-mail in error, please > >> notify the > >> > sender. > >> > > >> > AVIS IMPORTANT > >> > -------------- > >> > Ce message ?lectronique et ses pi?ces jointes peuvent contenir des > >> > renseignements confidentiels, exclusifs ou l?galement privil?gi?s > >> destin?s au > >> > seul usage du destinataire vis?. L'exp?diteur original ne renonce ? > >> aucun > >> > privil?ge ou ? aucun autre droit si le pr?sent message a ?t? > >> > transmis involontairement ou s'il est retransmis sans son > >> > autorisation. Si vous > >> n'?tes pas > >> > le destinataire vis? du pr?sent message ou si vous l'avez re?u par > >> erreur, > >> > veuillez cesser imm?diatement de le lire et le supprimer, ainsi que > >> toutes ses > >> > pi?ces jointes, de votre syst?me. La lecture, la distribution, la > >> copie ou tout > >> > autre usage du pr?sent message ou de ses pi?ces jointes par des > >> personnes > >> > autres que le destinataire vis? ne sont pas autoris?s et pourraient > >> ?tre ill?gaux. > >> > Si vous avez re?u ce courrier ?lectronique par erreur, veuillez en > >> aviser > >> > l'exp?diteur. > >> > > >> > -- > >> > WARNING > >> > ------- > >> > This electronic message and its attachments may contain > >> > confidential, proprietary or legally privileged information, which > >> > is solely for the > >> use of the > >> > intended recipient. No privilege or other rights are waived by any > >> unintended > >> > transmission or unauthorized retransmission of this message. If > >> > you > >> are not the > >> > intended recipient of this message, or if you have received it in > >> error, you > >> > should immediately stop reading this message and delete it and all > >> > attachments from your system. The reading, distribution, copying > >> > or > >> other use > >> > of this message or its attachments by unintended recipients is > >> unauthorized and > >> > may be unlawful. If you have received this e-mail in error, please > >> notify the > >> > sender. > >> > > >> > AVIS IMPORTANT > >> > -------------- > >> > Ce message electronique et ses pieces jointes peuvent contenir des > >> > renseignements confidentiels, exclusifs ou legalement privilegies > >> destines au > >> > seul usage du destinataire vise. L'expediteur original ne renonce > >> > a > >> aucun > >> > privilege ou a aucun autre droit si le present message a ete > >> > transmis involontairement ou s'il est retransmis sans son > >> > autorisation. Si vous > >> n'etes pas > >> > le destinataire vise du present message ou si vous l'avez recu par > >> erreur, > >> > veuillez cesser immediatement de le lire et le supprimer, ainsi que > >> toutes ses > >> > pieces jointes, de votre systeme. La lecture, la distribution, la > >> copie ou tout > >> > autre usage du present message ou de ses pieces jointes par des > >> personnes > >> > autres que le destinataire vise ne sont pas autorises et pourraient > >> etre illegaux. > >> > Si vous avez recu ce courrier electronique par erreur, veuillez en > >> aviser > >> > l'expediteur. > >> > >> > > -- > WARNING > ------- > This electronic message and its attachments may contain confidential, > proprietary or legally privileged information, which is solely for the use > of the intended recipient. No privilege or other rights are waived by any > unintended transmission or unauthorized retransmission of this message. If > you are not the intended recipient of this message, or if you have received > it in error, you should immediately stop reading this message and delete it > and all attachments from your system. The reading, distribution, copying > or other use of this message or its attachments by unintended recipients is > unauthorized and may be unlawful. If you have received this e-mail in > error, please notify the sender. > > AVIS IMPORTANT > -------------- > Ce message électronique et ses pièces jointes peuvent contenir des > renseignements confidentiels, exclusifs ou légalement privilégiés destinés > au seul usage du destinataire visé. L’expéditeur original ne renonce à > aucun privilège ou à aucun autre droit si le présent message a été transmis > involontairement ou s’il est retransmis sans son autorisation. Si vous > n’êtes pas le destinataire visé du présent message ou si vous l’avez reçu > par erreur, veuillez cesser immédiatement de le lire et le supprimer, ainsi > que toutes ses pièces jointes, de votre système. La lecture, la > distribution, la copie ou tout autre usage du présent message ou de ses > pièces jointes par des personnes autres que le destinataire visé ne sont > pas autorisés et pourraient être illégaux. Si vous avez reçu ce courrier > électronique par erreur, veuillez en aviser l’expéditeur. > >
