sorry forgot to get back to you on the 2.7.6 thing. org.apache.cxf.transport.https.SSLSocketFactoryWrapper has not been changed in 6 years, so its definately calling setEnabledProtocols where you pass in a secureSocketProtocol in the jetty config.
If you can attach a debugger and ensure it gets to that code in SSLSocketFactoryWrapper On Tue, Oct 28, 2014 at 7:08 AM, Jason Pell <[email protected]> wrote: > Hi, > > The code for poodle was added for server side. > > The conduit config that you use should have set the enabled protocols on > the jdk SSL context. > > I only checked cxf 2.7.12 not 2.7.6. I would expect they are the same but > will check real quick and reply to this email. > > Can you attach a debugger to weblogic and put a break point in the SSL > context factory wrapper class? You can make sure its executing the enabled > protocols bit. > > If it is perhaps it's a jdk issue > On 28/10/2014 6:50 AM, "David Roytenberg (Consultant)" < > [email protected]> wrote: > >> Thanks Jason, Since you've worked on Poodle, maybe you are aware of >> whether the CXF client has changed its behavior since 2.7.6 as far as >> SSLv2Hello protocol is concerned. I have two identical CXF configurations, >> using the default protocol setting which looks to be TLS. With the SSL >> debugging turned on, I see that the SSLv2Hello is being used to wrap the >> client hello packet in each case. In my first integration all is well >> while in the current integration, the server appears to drop the connection >> as soon as it receives the SSLV2Hello packet. >> >> What I'd like to do is prevent the client from using that SSLv2Hello >> protocol for the handshake Hello packet. >> >> None of the settings on this page: >> http://cxf.apache.org/docs/tls-configuration.html seem to allow me to >> control the Protocols directly, but I am still learning all the ins and >> outs of how SSL is configured under the hood. >> >> From what you wrote it sounds like SSLv2Hello protocol is going to be >> removed in the client in CXF 2.7.14. Is that right? >> >> Thanks, >> >> David >> >> >> -----Original Message----- >> From: [email protected] [mailto:[email protected]] On Behalf Of >> Jason Pell >> Sent: Monday, October 27, 2014 2:07 PM >> To: [email protected] >> Subject: Re: How to Disable SSLv2 client hello in CXF? >> >> Here is the actual page which deals with the config for tls >> >> http://cxf.apache.org/docs/tls-configuration.html >> >> >> >> On Tue, Oct 28, 2014 at 5:06 AM, Jason Pell <[email protected]> wrote: >> >> > See, but note that the secureSocketProtocol is missing from the >> examples. >> > (Search in the page for Configuring SSL Support) >> > >> > http://cxf.apache.org/docs/client-http-transport-including-ssl-support >> > .html >> > >> > On Tue, Oct 28, 2014 at 5:02 AM, Jason Pell <[email protected]> wrote: >> > >> >> So I did some digging to remind myself of how it works on the client >> >> and I was dead wrong. >> >> >> >> I was thinking about how the server works (having just done the >> >> poodle >> >> changes) >> >> >> >> Anyway, what Andrei was absolutely correct. >> >> >> >> You can see it applied in >> >> org.apache.cxf.transport.https.SSLSocketFactoryWrapper. The >> >> SSLSocketFactoryWrapper is called from the >> >> org.apache.cxf.transport.https.HttpsURLConnectionFactory >> >> >> >> It results in the Socket Factory setEnabledProtocols to the actual >> >> protocol you listed in the tls client parameters (see below) >> >> >> >> <http:tlsClientParameters disableCNCheck="true" >> >> secureSocketProtocol="TLSv1"> >> >> >> >> You need to make sure that your conduit configuration is being >> >> applied correctly in web logic, perhaps its not being picked up. >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> On Tue, Oct 28, 2014 at 4:36 AM, Jason Pell <[email protected]> >> wrote: >> >> >> >>> Hi, >> >>> >> >>> I run embedded jetty container >> >>> >> >>> Sorry I forgot that you were running weblogic when I responded. In >> that >> >>> case do you even use the embedded jetty container? I am guessing >> no. If >> >>> not, then you would need to use the standard weblogic ssl >> configuration. >> >>> >> >>> I don't believe CXF is responsible for any of the ssl config in that >> >>> case. But then I am not very knowledgeable of cxf deployed to a >> >>> j2ee container sorry. >> >>> >> >>> Sorry for the runaround and wasting your time >> >>> >> >>> Regards >> >>> Jason >> >>> >> >>> >> >>> On Tue, Oct 28, 2014 at 2:33 AM, David Roytenberg (Consultant) < >> >>> [email protected]> wrote: >> >>> >> >>>> Hi Jason, >> >>>> >> >>>> Are you running on WebLogic by any chance? When I configured >> >>>> the properties in the deployment to point to the WebLogic default >> >>>> key store and trust store, I get a >> >>>> java.security.UnrecoverableKeyException while trying to deploy my >> application. Did you encounter this problem? >> >>>> >> >>>> Here's my config: >> >>>> >> >>>> <constructor-arg> >> >>>> <list> >> >>>> <bean >> >>>> class="com.pellcorp.server.jetty.JettyHttpEngineConfig"> >> >>>> <property name="uri" value=" >> >>>> https://localhost:7002"; /> >> >>>> <property name="keyStoreFile" >> >>>> value="/opt/weblogic_11/wlserver_10.3/server/lib/DemoIdentity.jks" /> >> >>>> <property >> >>>> name="keyStorePassword" value="DemoIdentityKeyStorePassPhrase" /> >> >>>> <property >> name="trustStoreFile" >> >>>> value="/opt/weblogic_11/wlserver_10.3/server/lib/DemoTrust.jks" /> >> >>>> <property >> >>>> name="trustStorePassword" value="DemoTrustKeyStorePassPhrase" /> >> >>>> <property >> >>>> name="secureSocketProtocol" value="TLSv1" /> >> >>>> </bean> >> >>>> >> >>>> <bean >> >>>> class="com.pellcorp.server.jetty.JettyHttpEngineConfig"> >> >>>> <property name="uri" value=" >> >>>> https://localhost:7002"; /> >> >>>> <property name="keyStoreFile" >> >>>> value="/opt/weblogic_11/wlserver_10.3/server/lib/DemoIdentity.jks" /> >> >>>> <property >> >>>> name="keyStorePassword" value="DemoIdentityKeyStorePassPhrase" /> >> >>>> <property >> >>>> name="secureSocketProtocol" value="TLSv1" /> >> >>>> </bean> >> >>>> </list> >> >>>> </constructor-arg> >> >>>> >> >>>> David >> >>>> >> >>>> -----Original Message----- >> >>>> From: [email protected] [mailto:[email protected]] On Behalf >> >>>> Of Jason Pell >> >>>> Sent: Monday, October 27, 2014 7:23 AM >> >>>> To: [email protected] >> >>>> Subject: Re: How to Disable SSLv2 client hello in CXF? >> >>>> >> >>>> Hi, >> >>>> >> >>>> Here is a sample of using your own custom version of the jetty >> >>>> factory in your spring context. It is pretty invasive, so its >> >>>> actually better to wait for 2.7.14 and take advantage of the code >> >>>> already there. I use this code for other reasons though, as it >> >>>> allows me to configure the trust / key stores via spring properties. >> >>>> >> >>>> >> >>>> https://github.com/pellcorp/cxf/tree/master/JavaFirst/src/main/java >> >>>> /com/pellcorp/server/jetty >> >>>> >> >>>> >> >>>> >> >>>> A sample spring context: >> >>>> >> >>>> >> >>>> https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/main/reso >> >>>> urces/META-INF/samlApplicationContext.xml >> >>>> >> >>>> >> >>>> >> >>>> >> >>>> On Mon, Oct 27, 2014 at 9:44 PM, Jason Pell <[email protected]> >> wrote: >> >>>> >> >>>> > That setting won't actually control what protocols jetty will >> >>>> > actually use. I think it just controls what the highest protocol >> is used. >> >>>> > >> >>>> > The excluded protocols list needs to include the sslv2 setting. >> >>>> > >> >>>> > we actually overrode the jetty factory jetty engine and one other >> >>>> > class to get access to the SSL context to configure the excluded >> >>>> > protocols. Not pretty but we can't wait for 2.7.14. >> >>>> > >> >>>> > If you are interested I shall post our classes to my git repo. >> >>>> > >> >>>> > Let me know >> >>>> > On 27/10/2014 8:14 PM, "Andrei Shakirin" <[email protected]> >> >>>> wrote: >> >>>> > >> >>>> >> Hi, >> >>>> >> >> >>>> >> I guess you mean TLSClientParameters.secureSocketProtocol in >> Conduit. >> >>>> >> >> >>>> >> As far as I can see this parameter is used for creating >> >>>> >> java.net.ssl.SSLContext: >> >>>> >> String protocol = parameters.getSecureSocketProtocol() >> >>>> >> != >> >>>> null ? >> >>>> >> parameters >> >>>> >> .getSecureSocketProtocol() : "TLS"; >> >>>> >> >> >>>> >> The setting should work. How you apply conduit settings: >> >>>> >> programmatically or via spring configuration? >> >>>> >> Could you past the code snapshot? >> >>>> >> >> >>>> >> Regards, >> >>>> >> Andrei. >> >>>> >> >> >>>> >> > -----Original Message----- >> >>>> >> > From: David Roytenberg (Consultant) >> >>>> >> > [mailto:[email protected]] >> >>>> >> > Sent: Freitag, 24. Oktober 2014 17:46 >> >>>> >> > To: [email protected] >> >>>> >> > Subject: RE: How to Disable SSLv2 client hello in CXF? >> >>>> >> > >> >>>> >> > Hello again. >> >>>> >> > >> >>>> >> > I've dug further into the CXF documentation and found that it >> >>>> >> > is >> >>>> >> possible to >> >>>> >> > programmatically set the SSL protocols on the TLSProperties >> >>>> >> > object of >> >>>> >> the >> >>>> >> > Conduit. >> >>>> >> > >> >>>> >> > I've created the TLS properties and set the SSL protocols to >> >>>> >> > TLS1, but >> >>>> >> this does >> >>>> >> > not change the SSL behavior, which still starts with TLSv1.2 >> >>>> >> > then sends >> >>>> >> the hello >> >>>> >> > with SSLv2 which is then dropped on the client end. Is there >> >>>> >> > another >> >>>> >> switch that >> >>>> >> > has to be set to over-ride the default SSL behavior? >> >>>> >> > >> >>>> >> > David >> >>>> >> > >> >>>> >> > -----Original Message----- >> >>>> >> > From: David Roytenberg (Consultant) >> >>>> >> > [mailto:[email protected]] >> >>>> >> > Sent: Thursday, October 23, 2014 4:57 PM >> >>>> >> > To: [email protected] >> >>>> >> > Subject: How to Disable SSLv2 client hello in CXF? >> >>>> >> > >> >>>> >> > I'm having an SSL problem and I wonder if there is a way to >> >>>> >> > fix it >> >>>> >> within CXF >> >>>> >> > >> >>>> >> > We have our CXF 2.7.6 based integration deployed on Weblogic 11. >> >>>> >> > We are using JDK 1.7_065 >> >>>> >> > >> >>>> >> > When we connect to our remote client via SSL we get the >> >>>> >> > following trace >> >>>> >> with >> >>>> >> > lots of SSL debugging turned on >> >>>> >> > >> >>>> >> > What appears to be happening is that the Hello message is sent >> >>>> >> > with an >> >>>> >> SSLV2 >> >>>> >> > protocol, which our partner's server does not like. >> >>>> >> > Apparently sending >> >>>> >> the >> >>>> >> > Hello at this level is a common behavior and apparently it >> >>>> >> > sometimes >> >>>> >> causes >> >>>> >> > the remote server to fail. I found a suggestion on line that >> >>>> >> > this can >> >>>> >> be fixed by >> >>>> >> > removing the SSLv2 from the allowed protocols. I am wondering >> >>>> >> > if I can >> >>>> >> do that >> >>>> >> > through CFX configuration? >> >>>> >> > >> >>>> >> > This is a reference to the article that suggests that removing >> >>>> >> > the >> >>>> >> protocol is the >> >>>> >> > solution to this problem: >> >>>> >> > >> >>>> >> > >> >>>> >> >> >>>> http://stackoverflow.com/questions/4682957/why-does-javas-sslsocket >> >>>> -s >> >>>> >> end-a- >> >>>> >> > version-2-client-hello >> >>>> >> > >> >>>> >> > The protocols are apparently set on the SSLContext in JSSE by >> >>>> >> > calling setEnabledProtocols(String[] protocols) >> >>>> >> > >> >>>> >> > Is there a way to set the enabled protocols on the SSLContext >> >>>> >> > via CXF configuration? >> >>>> >> > >> >>>> >> > If not, is there a way to get hold of the SSLContext >> >>>> >> > programmatically >> >>>> >> in a CXF >> >>>> >> > interceptor? >> >>>> >> > >> >>>> >> > We can't fix this problem at the WebLogic level because of >> >>>> >> > side-effects >> >>>> >> on >> >>>> >> > other apps. Thanks in advance for any suggestions or guidance! >> >>>> >> > >> >>>> >> > WebLogic SSL debug trace follows: >> >>>> >> > >> >>>> >> > %% No cached client session >> >>>> >> > *** ClientHello, TLSv1.2 >> >>>> >> > RandomCookie: GMT: 1414096267 bytes = { 183, 209, 47, 148, >> >>>> >> > 54, 202, >> >>>> >> 98, 8, >> >>>> >> > 191, 222, 122, 248, 80, 190, 53, 88, 128, 130, 126, 108, 100, >> >>>> >> > 82, 100, >> >>>> >> 197, 213, >> >>>> >> > 31, 89, 96 } Session ID: {} Cipher Suites: >> >>>> >> > [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, >> >>>> >> > TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, >> >>>> >> > TLS_RSA_WITH_AES_256_CBC_SHA256, >> >>>> >> > TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, >> >>>> >> > TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, >> >>>> >> > TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS >> >>>> >> > _WITH_AES_256_CBC_SHA256, >> >>>> >> > TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, >> >>>> >> > TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, >> >>>> >> > TLS_RSA_WITH_AES_256_CBC_SHA, >> >>>> >> > TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, >> >>>> >> > TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, >> >>>> >> > TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AE >> >>>> >> > S_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, >> >>>> >> > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, >> >>>> >> > TLS_RSA_WITH_AES_128_CBC_SHA256, >> >>>> >> > TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, >> >>>> >> > TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, >> >>>> >> > TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_ >> >>>> >> > WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, >> >>>> >> > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, >> >>>> >> > TLS_RSA_WITH_AES_128_CBC_SHA, >> >>>> >> > TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, >> >>>> >> > TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, >> >>>> >> > TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES >> >>>> >> > _128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, >> >>>> >> > TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, >> >>>> >> > TLS_ECDH_ECDSA_WITH_RC4_128_SHA, >> >>>> >> > TLS_ECDH_RSA_WITH_RC4_128_SHA, >> >>>> >> > TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, >> >>>> >> > TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_W >> >>>> >> > ITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, >> >>>> >> > TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, >> >>>> >> > SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, >> >>>> >> > SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, >> >>>> >> > TLS_EMPTY_RENEGOTIATION_INFO_SCSV] >> >>>> >> > Compression Methods: { 0 } >> >>>> >> > Extension elliptic_curves, curve names: {secp256r1, sect163k1, >> >>>> >> sect163r2, >> >>>> >> > secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, >> >>>> >> > sect283r1, >> >>>> >> secp384r1, >> >>>> >> > sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, >> >>>> >> > secp160k1, >> >>>> >> secp160r1, >> >>>> >> > secp160r2, sect163r1, secp1 92k1, sect193r1, sect193r2, >> >>>> >> > secp224k1, >> >>>> >> sect239k1, >> >>>> >> > secp256k1} Extension ec_point_formats, formats: [uncompressed] >> >>>> >> > Extension signature_algorithms, signature_algorithms: >> >>>> >> > SHA512withECDSA, SHA512withRSA, SHA384withECDSA, >> >>>> >> > SHA384withRSA, SHA256withECDSA, SHA256withRSA, >> >>>> >> > SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, >> >>>> >> > SHA1withDSA, MD5withRSA >> >>>> >> > *** >> >>>> >> > [write] MD5 and SHA1 hashes: len = 221 >> >>>> >> > 0000: 01 00 00 D9 03 03 54 49 66 8B B7 D1 2F 94 36 CA >> >>>> >> ......TIf.../.6. >> >>>> >> > 0010: 62 08 BF DE 7A F8 50 BE 35 58 80 82 7E 6C 64 52 >> >>>> >> b...z.P.5X...ldR >> >>>> >> > 0020: 64 C5 D5 1F 59 60 00 00 54 C0 24 C0 28 00 3D C0 >> >>>> >> d...Y`..T.$.(.=. >> >>>> >> > 0030: 26 C0 2A 00 6B 00 6A C0 0A C0 14 00 35 C0 05 C0 >> >>>> >> &.*.k.j.....5... >> >>>> >> > 0040: 0F 00 39 00 38 C0 23 C0 27 00 3C C0 25 C0 29 00 >> >>>> >> ..9.8.#.'.<.%.). >> >>>> >> > 0050: 67 00 40 C0 09 C0 13 00 2F C0 04 C0 0E 00 33 00 g.@ >> >>>> >> ...../.....3. >> >>>> >> > 0060: 32 C0 07 C0 11 00 05 C0 02 C0 0C C0 08 C0 12 00 >> >>>> >> 2............... >> >>>> >> > 0070: 0A C0 03 C0 0D 00 16 00 13 00 04 00 FF 01 00 00 >> >>>> >> ................ >> >>>> >> > 0080: 5C 00 0A 00 34 00 32 00 17 00 01 00 03 00 13 00 >> >>>> >> \...4.2......... >> >>>> >> > 0090: 15 00 06 00 07 00 09 00 0A 00 18 00 0B 00 0C 00 >> >>>> >> ................ >> >>>> >> > 00A0: 19 00 0D 00 0E 00 0F 00 10 00 11 00 02 00 12 00 >> >>>> >> ................ >> >>>> >> > 00B0: 04 00 05 00 14 00 08 00 16 00 0B 00 02 01 00 00 >> >>>> >> ................ >> >>>> >> > 00C0: 0D 00 1A 00 18 06 03 06 01 05 03 05 01 04 03 04 >> >>>> >> ................ >> >>>> >> > 00D0: 01 03 03 03 01 02 03 02 01 02 02 01 01 >> >>>> ............. >> >>>> >> > [ACTIVE] ExecuteThread: '0' for queue: >> >>>> >> > 'weblogic.kernel.Default >> >>>> >> (self-tuning)', >> >>>> >> > WRITE: TLSv1.2 Handshake, length = 221 [write] MD5 and SHA1 >> hashes: >> >>>> >> len = >> >>>> >> > 188 >> >>>> >> > 0000: 01 03 03 00 93 00 00 00 20 00 C0 24 00 C0 28 00 >> ........ >> >>>> >> ..$..(. >> >>>> >> > 0010: 00 3D 00 C0 26 00 C0 2A 00 00 6B 00 00 6A 00 C0 >> >>>> >> .=..&..*..k..j.. >> >>>> >> > 0020: 0A 07 00 C0 00 C0 14 00 00 35 00 C0 05 00 C0 0F >> >>>> >> .........5...... >> >>>> >> > 0030: 00 00 39 00 00 38 00 C0 23 00 C0 27 00 00 3C 00 >> >>>> >> ..9..8..#..'..<. >> >>>> >> > 0040: C0 25 00 C0 29 00 00 67 00 00 40 00 C0 09 06 00 >> >>>> .%..)..g..@ >> >>>> >> ..... >> >>>> >> > 0050: 40 00 C0 13 00 00 2F 00 C0 04 01 00 80 00 C0 0E >> >>>> >> @...../......... >> >>>> >> > 0060: 00 00 33 00 00 32 00 C0 07 05 00 80 00 C0 11 00 >> >>>> >> ..3..2.......... >> >>>> >> > 0070: 00 05 00 C0 02 00 C0 0C 00 C0 08 00 C0 12 00 00 >> >>>> >> ................ >> >>>> >> > 0080: 0A 07 00 C0 00 C0 03 02 00 80 00 C0 0D 00 00 16 >> >>>> >> ................ >> >>>> >> > 0090: 00 00 13 00 00 04 01 00 80 00 00 FF 54 49 66 8B >> >>>> >> ............TIf. >> >>>> >> > 00A0: B7 D1 2F 94 36 CA 62 08 BF DE 7A F8 50 BE 35 58 >> >>>> >> ../.6.b...z.P.5X >> >>>> >> > 00B0: 80 82 7E 6C 64 52 64 C5 D5 1F 59 60 >> >>>> ...ldRd...Y` >> >>>> >> > [ACTIVE] ExecuteThread: '0' for queue: >> >>>> >> > 'weblogic.kernel.Default >> >>>> >> (self-tuning)', >> >>>> >> > WRITE: SSLv2 client hello message, length = 188 [Raw write]: >> >>>> >> > length = >> >>>> >> 190 >> >>>> >> > 0000: 80 BC 01 03 03 00 93 00 00 00 20 00 C0 24 00 C0 >> .......... >> >>>> >> ..$.. >> >>>> >> > 0010: 28 00 00 3D 00 C0 26 00 C0 2A 00 00 6B 00 00 6A >> >>>> >> (..=..&..*..k..j >> >>>> >> > 0020: 00 C0 0A 07 00 C0 00 C0 14 00 00 35 00 C0 05 00 >> >>>> >> ...........5.... >> >>>> >> > 0030: C0 0F 00 00 39 00 00 38 00 C0 23 00 C0 27 00 00 >> >>>> >> ....9..8..#..'.. >> >>>> >> > 0040: 3C 00 C0 25 00 C0 29 00 00 67 00 00 40 00 C0 09 >> >>>> <..%..)..g..@ >> >>>> >> ... >> >>>> >> > 0050: 06 00 40 00 C0 13 00 00 2F 00 C0 04 01 00 80 00 >> >>>> >> ..@...../....... >> >>>> >> > 0060: C0 0E 00 00 33 00 00 32 00 C0 07 05 00 80 00 C0 >> >>>> >> ....3..2........ >> >>>> >> > 0070: 11 00 00 05 00 C0 02 00 C0 0C 00 C0 08 00 C0 12 >> >>>> >> ................ >> >>>> >> > 0080: 00 00 0A 07 00 C0 00 C0 03 02 00 80 00 C0 0D 00 >> >>>> >> ................ >> >>>> >> > 0090: 00 16 00 00 13 00 00 04 01 00 80 00 00 FF 54 49 >> >>>> >> ..............TI >> >>>> >> > 00A0: 66 8B B7 D1 2F 94 36 CA 62 08 BF DE 7A F8 50 BE >> >>>> >> f.../.6.b...z.P. >> >>>> >> > 00B0: 35 58 80 82 7E 6C 64 52 64 C5 D5 1F 59 60 >> >>>> 5X...ldRd...Y` >> >>>> >> > <Oct 23, 2014 4:35:23 PM EDT> <Debug> <SecuritySSL> >> >>>> >> > <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: '0' for queue: >> >>>> >> 'weblogic.kernel.Default (self- >> >>>> >> > tuning)',5,Pooled Threads]]weblogic.security.SSL.jsseadapter: >> >>>> SSLENGINE: >> >>>> >> > SSLEngine.wrap(ByteBuffer,ByteBuffer) >> >>>> >> > called: result=Status = OK HandshakeStatus = NEED_UNWRAP >> >>>> >> > bytesConsumed = >> >>>> >> > 0 bytesProduced = 190.> <Oct 23, 2014 4:35:23 PM EDT> <Debug> >> >>>> >> > <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE] ExecuteThread: >> >>>> >> > '0' for >> >>>> >> queue: >> >>>> >> > 'weblogic.kernel.Default (self-tuning)',5,Pooled >> >>>> >> > Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE: >> >>>> >> > SSLEngine.unwrap(ByteBuffer,ByteBuffer >> >>>> >> > []) called: result=Status = BUFFER_UNDERFLOW HandshakeStatus = >> >>>> >> > NEED_UNWRAP bytesConsumed = 0 bytesProduced = 0.> [Raw read]: >> >>>> length = 5 >> >>>> >> > 0000: 15 03 03 00 02 ..... >> >>>> >> > [Raw read]: length = 2 >> >>>> >> > 0000: 02 28 .( >> >>>> >> > [ACTIVE] ExecuteThread: '0' for queue: >> >>>> >> > 'weblogic.kernel.Default >> >>>> >> (self-tuning)', >> >>>> >> > READ: TLSv1.2 Alert, length = 2 [ACTIVE] ExecuteThread: '0' >> >>>> >> > for >> >>>> queue: >> >>>> >> > 'weblogic.kernel.Default (self-tuning)', RECV TLSv1 ALERT: >> >>>> >> > fatal, handshake_failure [ACTIVE] ExecuteThread: '0' for queue: >> >>>> >> > 'weblogic.kernel.Default (self-tuning)', fatal: engine already >> >>>> closed. >> >>>> >> > Rethrowing javax.net.ssl.SSLException: Received fatal alert: >> >>>> >> handshake_failure >> >>>> >> > [ACTIVE] ExecuteThread: '0' for queue: >> >>>> >> > 'weblogic.kernel.Default >> >>>> >> (self-tuning)', >> >>>> >> > fatal: engine already closed. Rethrowing >> >>>> javax.net.ssl.SSLException: >> >>>> >> Received >> >>>> >> > fatal alert: handshake_failure <Oct 23, 2014 4:35:23 PM EDT> >> >>>> >> > <Debug> <SecuritySSL> <BEA-000000> <[Thread[[ACTIVE] >> ExecuteThread: >> >>>> >> > '0' for >> >>>> >> queue: >> >>>> >> > 'weblogic.kernel.Default (self-tuning)',5,Pooled >> >>>> >> > Threads]]weblogic.security.SSL.jsseadapter: SSLENGINE: >> >>>> >> > Exception >> >>>> >> occurred >> >>>> >> > during SSLEngine.un wrap(ByteBuffer,ByteBuffer[]). >> >>>> >> > javax.net.ssl.SSLException: Received fatal alert: >> handshake_failure >> >>>> >> > at >> sun.security.ssl.Alerts.getSSLException(Alerts.java:208) >> >>>> >> > at >> >>>> sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1619) >> >>>> >> > at >> >>>> sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1587) >> >>>> >> > at >> >>>> >> sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1756 >> >>>> >> ) >> >>>> >> > at >> >>>> >> sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:106 >> >>>> >> 0) >> >>>> >> > at >> >>>> >> sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java: >> >>>> >> 884) >> >>>> >> > at >> >>>> sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758) >> >>>> >> > at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:664) >> >>>> >> > at >> >>>> >> > >> >>>> >> >> weblogic.security.SSL.jsseadapter.JaSSLEngine$5.run(JaSSLEngine.java: >> >>>> >> 134) >> >>>> >> > at >> >>>> >> > >> >>>> >> weblogic.security.SSL.jsseadapter.JaSSLEngine.doAction(JaSSLEngi >> >>>> >> ne.ja >> >>>> >> va:732) >> >>>> >> > at >> >>>> >> > >> >>>> >> weblogic.security.SSL.jsseadapter.JaSSLEngine.unwrap(JaSSLEngine >> >>>> >> .java >> >>>> >> :132) >> >>>> >> > at >> >>>> >> weblogic.socket.JSSEFilterImpl.unwrap(JSSEFilterImpl.java:505) >> >>>> >> > at >> >>>> >> > >> >>>> >> >> weblogic.socket.JSSEFilterImpl.unwrapAndHandleResults(JSSEFilterImpl. >> >>>> >> java:44 >> >>>> >> > 8) >> >>>> >> > at >> >>>> >> weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:8 >> >>>> >> 0) >> >>>> >> > at >> >>>> >> weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:6 >> >>>> >> 4) >> >>>> >> > at >> >>>> >> weblogic.socket.JSSEFilterImpl.doHandshake(JSSEFilterImpl.java:5 >> >>>> >> 9) >> >>>> >> > at >> >>>> weblogic.socket.JSSEFilterImpl.write(JSSEFilterImpl.java:390) >> >>>> >> > at >> >>>> >> > >> >>>> weblogic.socket.JSSESocket$JSSEOutputStream.write(JSSESocket.java:8 >> >>>> 9) >> >>>> >> > at >> >>>> >> > >> >>>> java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java: >> >>>> 82) >> >>>> >> > at >> >>>> >> java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140 >> >>>> >> ) >> >>>> >> > at >> >>>> java.io.FilterOutputStream.flush(FilterOutputStream.java:140) >> >>>> >> > at >> >>>> >> > >> >>>> >> weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnect >> >>>> >> ion.j >> >>>> >> ava:1 >> >>>> >> > 86) >> >>>> >> > at >> >>>> >> > >> >>>> >> weblogic.net.http.HttpURLConnection.getOutputStream(HttpURLConne >> >>>> >> ction >> >>>> >> .jav >> >>>> >> > a:280) >> >>>> >> > at >> >>>> >> > org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConn >> >>>> >> > ectio >> >>>> >> > nWra >> >>>> >> > ppedOutputStream.setupWrappedStream(URLConnectionHTTPConduit.j >> >>>> >> > ava:1 >> >>>> >> > 68 >> >>>> >> > ) >> >>>> >> > at >> >>>> >> > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream. >> >>>> >> > handl >> >>>> >> > eHea >> >>>> >> > dersTrustCaching(HTTPConduit.java:1278) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.on >> >>>> >> First >> >>>> >> Writ >> >>>> >> > e(HTTPConduit.java:1234) >> >>>> >> > at >> >>>> >> > org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConn >> >>>> >> > ectio >> >>>> >> > nWra >> >>>> >> > ppedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:195) >> >>>> >> > at >> >>>> >> > org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWr >> >>>> >> > apped >> >>>> >> > Outpu >> >>>> >> > tStream.java:47) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractTh >> >>>> >> resho >> >>>> >> ldOutp >> >>>> >> > utStream.java:69) >> >>>> >> > at >> >>>> >> > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream. >> >>>> >> > close >> >>>> >> > (HTTP >> >>>> >> > Conduit.java:1291) >> >>>> >> > at >> >>>> >> org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.j >> >>>> >> ava:5 >> >>>> >> 6) >> >>>> >> > at >> >>>> >> org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java >> >>>> >> :623) >> >>>> >> > at >> >>>> >> > org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSen >> >>>> >> > derEn >> >>>> >> > dingI >> >>>> >> > nterceptor.handleMessage(MessageSenderInterceptor.java:62) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInte >> >>>> >> rcept >> >>>> >> orChai >> >>>> >> > n.java:271) >> >>>> >> > at >> >>>> >> org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:541) >> >>>> >> > at >> >>>> >> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:474) >> >>>> >> > at >> >>>> >> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:377) >> >>>> >> > at >> >>>> >> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:330) >> >>>> >> > at >> >>>> >> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java: >> >>>> >> 96) >> >>>> >> > at >> >>>> >> > >> >>>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java: >> >>>> 134) >> >>>> >> > at com.sun.proxy.$Proxy258.startTransaction(Unknown >> Source) >> >>>> >> > at >> >>>> >> > >> >>>> >> com.optimal.identity.gateway.equifax.eidverify.VerifyClient.init >> >>>> >> iateV >> >>>> >> erification( >> >>>> >> > VerifyClient.java:87) >> >>>> >> > at >> >>>> >> > >> >>>> >> com.optimal.identity.gateway.equifax.eidverify.VerifyGateway.sub >> >>>> >> mitIn >> >>>> >> itial(Ve >> >>>> >> > rifyGateway.java:24) >> >>>> >> > at >> >>>> >> > >> >>>> >> com.optimal.identity.service.IdentificationServiceImpl.submitIni >> >>>> >> tial( >> >>>> >> Identificatio >> >>>> >> > nServiceImpl.java:147) >> >>>> >> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native >> >>>> Method) >> >>>> >> > at >> >>>> >> > >> >>>> >> >> >>>> >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java: >> >>>> >> > 57) >> >>>> >> > at >> >>>> >> > >> >>>> >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethod >> >>>> >> Acces >> >>>> >> sorI >> >>>> >> > mpl.java:43) >> >>>> >> > at java.lang.reflect.Method.invoke(Method.java:606) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.aop.support.AopUtils.invokeJoinpointUsingRef >> >>>> >> lecti >> >>>> >> on(Aop >> >>>> >> > Utils.java:317) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.aop.framework.ReflectiveMethodInvocation.inv >> >>>> >> okeJo >> >>>> >> inpo >> >>>> >> > int(ReflectiveMethodInvocation.java:183) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.aop.framework.ReflectiveMethodInvocation.pro >> >>>> >> ceed( >> >>>> >> Refl >> >>>> >> > ectiveMethodInvocation.java:150) >> >>>> >> > at >> >>>> >> > >> >>>> >> >> >>>> org.springframework.transaction.interceptor.TransactionInterceptor. >> >>>> in >> >>>> >> voke(Tra >> >>>> >> > nsactionInterceptor.java:110) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.aop.framework.ReflectiveMethodInvocation.pro >> >>>> >> ceed( >> >>>> >> Refl >> >>>> >> > ectiveMethodInvocation.java:172) >> >>>> >> > at >> >>>> >> > org.springframework.aop.framework.JdkDynamicAopProxy.invoke(Jd >> >>>> >> > kDyna >> >>>> >> > mic >> >>>> >> > AopProxy.java:204) >> >>>> >> > at com.sun.proxy.$Proxy211.submitInitial(Unknown Source) >> >>>> >> > at >> >>>> >> > >> >>>> >> com.optimal.identity.web.rest.IdentificationController.create(Id >> >>>> >> entif >> >>>> >> icationCont >> >>>> >> > roller.java:133) >> >>>> >> > at >> >>>> >> > >> >>>> >> com.optimal.identity.web.rest.IdentificationController$$FastClas >> >>>> >> sByCG >> >>>> >> LIB$$95f >> >>>> >> > 388d3.invoke(<generated>) >> >>>> >> > at >> >>>> >> > >> >>>> org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java >> >>>> :204) >> >>>> >> > at >> >>>> >> > org.springframework.aop.framework.CglibAopProxy$CglibMethodInv >> >>>> >> > ocati >> >>>> >> > on.in >> >>>> >> > vokeJoinpoint(CglibAopProxy.java:698) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.aop.framework.ReflectiveMethodInvocation.pro >> >>>> >> ceed( >> >>>> >> Refl >> >>>> >> > ectiveMethodInvocation.java:150) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.security.access.intercept.aopalliance.Method >> >>>> >> Secur >> >>>> >> ityInter >> >>>> >> > ceptor.invoke(MethodSecurityInterceptor.java:64) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.aop.framework.ReflectiveMethodInvocation.pro >> >>>> >> ceed( >> >>>> >> Refl >> >>>> >> > ectiveMethodInvocation.java:172) >> >>>> >> > at >> >>>> >> > org.springframework.aop.framework.CglibAopProxy$DynamicAdvised >> >>>> >> > Inter >> >>>> >> > cept >> >>>> >> > or.intercept(CglibAopProxy.java:631) >> >>>> >> > at >> >>>> >> > >> >>>> >> com.optimal.identity.web.rest.IdentificationController$$Enhancer >> >>>> >> ByCGL >> >>>> >> IB$$36 >> >>>> >> > b7b48f.create(<generated>) >> >>>> >> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native >> >>>> Method) >> >>>> >> > at >> >>>> >> > >> >>>> >> >> >>>> >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java: >> >>>> >> > 57) >> >>>> >> > at >> >>>> >> > >> >>>> >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethod >> >>>> >> Acces >> >>>> >> sorI >> >>>> >> > mpl.java:43) >> >>>> >> > at java.lang.reflect.Method.invoke(Method.java:606) >> >>>> >> > at >> >>>> >> > org.springframework.web.method.support.InvocableHandlerMethod. >> >>>> >> > invok >> >>>> >> > e(Inv >> >>>> >> > ocableHandlerMethod.java:219) >> >>>> >> > at >> >>>> >> > org.springframework.web.method.support.InvocableHandlerMethod. >> >>>> >> > invok >> >>>> >> > eFor >> >>>> >> > Request(InvocableHandlerMethod.java:132) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.web.servlet.mvc.method.annotation.ServletInv >> >>>> >> ocabl >> >>>> >> eHan >> >>>> >> > >> dlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:104) >> >>>> >> > at >> >>>> >> > org.springframework.web.servlet.mvc.method.annotation.RequestM >> >>>> >> > appin >> >>>> >> > gHan >> >>>> >> > >> >>>> dlerAdapter.invokeHandleMethod(RequestMappingHandlerAdapter.java:74 >> >>>> 5) >> >>>> >> > at >> >>>> >> > org.springframework.web.servlet.mvc.method.annotation.RequestM >> >>>> >> > appin >> >>>> >> > gHan >> >>>> >> > >> dlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:686) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter. >> >>>> >> > handle(AbstractHandlerMethodAdapter.java:80) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.web.servlet.DispatcherServlet.doDispatch(Dis >> >>>> >> patch >> >>>> >> erServl >> >>>> >> > et.java:925) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.web.servlet.DispatcherServlet.doService(Disp >> >>>> >> atche >> >>>> >> rServle >> >>>> >> > t.java:856) >> >>>> >> > at >> >>>> >> > org.springframework.web.servlet.FrameworkServlet.processReques >> >>>> >> > t(Fra >> >>>> >> > mewor >> >>>> >> > kServlet.java:920) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.web.servlet.FrameworkServlet.doPost(Framewor >> >>>> >> kServ >> >>>> >> let.j >> >>>> >> > ava:827) >> >>>> >> > at >> >>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:727) >> >>>> >> > at >> >>>> >> > >> >>>> >> >> >>>> >> org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet. >> >>>> >> > java:801) >> >>>> >> > at >> >>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:820) >> >>>> >> > at >> >>>> >> > >> >>>> >> weblogic.servlet.internal.StubSecurityHelper$ServletServiceActio >> >>>> >> n.run >> >>>> >> (StubSecu >> >>>> >> > rityHelper.java:227) >> >>>> >> > at >> >>>> >> > >> >>>> >> weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubS >> >>>> >> ecuri >> >>>> >> tyHelper.j >> >>>> >> > ava:125) >> >>>> >> > at >> >>>> >> > >> >>>> >> weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImp >> >>>> >> l.jav >> >>>> >> a:301) >> >>>> >> > at >> >>>> >> weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26 >> >>>> >> ) >> >>>> >> > at >> >>>> >> > >> >>>> >> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainIm >> >>>> >> pl.ja >> >>>> >> va:56) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.web.filter.ShallowEtagHeaderFilter.doFilterI >> >>>> >> ntern >> >>>> >> al(Shallo >> >>>> >> > wEtagHeaderFilter.java:73) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.web.filter.OncePerRequestFilter.doFilter(Onc >> >>>> >> ePerR >> >>>> >> equest >> >>>> >> > Filter.java:107) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.web.filter.DelegatingFilterProxy.invokeDeleg >> >>>> >> ate(D >> >>>> >> elegati >> >>>> >> > ngFilterProxy.java:346) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.web.filter.DelegatingFilterProxy.doFilter(De >> >>>> >> legat >> >>>> >> ingFilter >> >>>> >> > Proxy.java:259) >> >>>> >> > at >> >>>> >> > >> >>>> >> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainIm >> >>>> >> pl.ja >> >>>> >> va:56) >> >>>> >> > at >> >>>> >> > >> >>>> >> >> org.springframework.security.web.FilterChainProxy$VirtualFilterChain. >> >>>> >> doFilter( >> >>>> >> > FilterChainProxy.java:330) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.security.web.access.intercept.FilterSecurity >> >>>> >> Inter >> >>>> >> ceptor.inv >> >>>> >> > oke(FilterSecurityInterceptor.java:118) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.security.web.access.intercept.FilterSecurity >> >>>> >> Inter >> >>>> >> ceptor.do >> >>>> >> > Filter(FilterSecurityInterceptor.java:84) >> >>>> >> > at >> >>>> >> > >> >>>> >> >> org.springframework.security.web.FilterChainProxy$VirtualFilterChain. >> >>>> >> doFilter( >> >>>> >> > FilterChainProxy.java:342) >> >>>> >> > at >> >>>> >> > >> >>>> >> >> >>>> org.springframework.security.web.access.ExceptionTranslationFilter. >> >>>> do >> >>>> >> Filter(Ex >> >>>> >> > ceptionTranslationFilter.java:113) >> >>>> >> > at >> >>>> >> > >> >>>> >> >> org.springframework.security.web.FilterChainProxy$VirtualFilterChain. >> >>>> >> doFilter( >> >>>> >> > FilterChainProxy.java:342) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.security.web.authentication.AnonymousAuthent >> >>>> >> icati >> >>>> >> onFilt >> >>>> >> > er.doFilter(AnonymousAuthenticationFilter.java:113) >> >>>> >> > at >> >>>> >> > >> >>>> >> >> org.springframework.security.web.FilterChainProxy$VirtualFilterChain. >> >>>> >> doFilter( >> >>>> >> > FilterChainProxy.java:342) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.security.web.servletapi.SecurityContextHolde >> >>>> >> rAwar >> >>>> >> eRequ >> >>>> >> > >> estFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54) >> >>>> >> > at >> >>>> >> > >> >>>> >> >> org.springframework.security.web.FilterChainProxy$VirtualFilterChain. >> >>>> >> doFilter( >> >>>> >> > FilterChainProxy.java:342) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.security.web.authentication.www.BasicAuthent >> >>>> >> icati >> >>>> >> onFilt >> >>>> >> > er.doFilter(BasicAuthenticationFilter.java:201) >> >>>> >> > at >> >>>> >> > >> >>>> >> >> org.springframework.security.web.FilterChainProxy$VirtualFilterChain. >> >>>> >> doFilter( >> >>>> >> > FilterChainProxy.java:342) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.security.web.context.SecurityContextPersiste >> >>>> >> nceFi >> >>>> >> lter.doF >> >>>> >> > ilter(SecurityContextPersistenceFilter.java:87) >> >>>> >> > at >> >>>> >> > >> >>>> >> >> org.springframework.security.web.FilterChainProxy$VirtualFilterChain. >> >>>> >> doFilter( >> >>>> >> > FilterChainProxy.java:342) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.security.web.FilterChainProxy.doFilterIntern >> >>>> >> al(Fi >> >>>> >> lterChain >> >>>> >> > Proxy.java:192) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.security.web.FilterChainProxy.doFilter(Filte >> >>>> >> rChai >> >>>> >> nProxy.ja >> >>>> >> > va:160) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.web.filter.DelegatingFilterProxy.invokeDeleg >> >>>> >> ate(D >> >>>> >> elegati >> >>>> >> > ngFilterProxy.java:346) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.web.filter.DelegatingFilterProxy.doFilter(De >> >>>> >> legat >> >>>> >> ingFilter >> >>>> >> > Proxy.java:259) >> >>>> >> > at >> >>>> >> > >> >>>> >> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainIm >> >>>> >> pl.ja >> >>>> >> va:56) >> >>>> >> > at >> >>>> >> > >> >>>> >> com.optimal.rest.loggerfilter.LoggerFilter.doFilterInternal(Logg >> >>>> >> erFil >> >>>> >> ter.java:16 >> >>>> >> > 9) >> >>>> >> > at >> >>>> >> > >> >>>> >> com.optimal.rest.loggerfilter.LoggerFilter.doFilter(LoggerFilter >> >>>> >> .java >> >>>> >> :123) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.web.filter.DelegatingFilterProxy.invokeDeleg >> >>>> >> ate(D >> >>>> >> elegati >> >>>> >> > ngFilterProxy.java:346) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.web.filter.DelegatingFilterProxy.doFilter(De >> >>>> >> legat >> >>>> >> ingFilter >> >>>> >> > Proxy.java:259) >> >>>> >> > at >> >>>> >> > >> >>>> >> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainIm >> >>>> >> pl.ja >> >>>> >> va:56) >> >>>> >> > at >> >>>> >> > >> >>>> >> com.optimal.web.spring.filter.ApplicationUidFilter.doFilterInter >> >>>> >> nal(A >> >>>> >> pplicationU >> >>>> >> > idFilter.java:51) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.web.filter.OncePerRequestFilter.doFilter(Onc >> >>>> >> ePerR >> >>>> >> equest >> >>>> >> > Filter.java:107) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.web.filter.DelegatingFilterProxy.invokeDeleg >> >>>> >> ate(D >> >>>> >> elegati >> >>>> >> > ngFilterProxy.java:346) >> >>>> >> > at >> >>>> >> > >> >>>> >> org.springframework.web.filter.DelegatingFilterProxy.doFilter(De >> >>>> >> legat >> >>>> >> ingFilter >> >>>> >> > Proxy.java:259) >> >>>> >> > at >> >>>> >> > >> >>>> >> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainIm >> >>>> >> pl.ja >> >>>> >> va:56) >> >>>> >> > at >> >>>> >> > >> >>>> >> weblogic.servlet.internal.WebAppServletContext$ServletInvocation >> >>>> >> Actio >> >>>> >> n.wrap >> >>>> >> > Run(WebAppServletContext.java:3730) >> >>>> >> > at >> >>>> >> > >> >>>> >> weblogic.servlet.internal.WebAppServletContext$ServletInvocation >> >>>> >> Actio >> >>>> >> n.run( >> >>>> >> > WebAppServletContext.java:3696) >> >>>> >> > at >> >>>> >> > >> >>>> >> weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authent >> >>>> >> icate >> >>>> >> dSubject.j >> >>>> >> > ava:321) >> >>>> >> > at >> >>>> >> > >> >>>> >> >> weblogic.security.service.SecurityManager.runAs(SecurityManager.java: >> >>>> >> 120) >> >>>> >> > at >> >>>> >> > >> >>>> >> weblogic.servlet.internal.WebAppServletContext.securedExecute(We >> >>>> >> bAppS >> >>>> >> ervl >> >>>> >> > etContext.java:2273) >> >>>> >> > at >> >>>> >> > >> >>>> >> weblogic.servlet.internal.WebAppServletContext.execute(WebAppSer >> >>>> >> vletC >> >>>> >> onte >> >>>> >> > xt.java:2179) >> >>>> >> > at >> >>>> >> > >> >>>> >> weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestI >> >>>> >> mpl.j >> >>>> >> ava:1490 >> >>>> >> > ) >> >>>> >> > at >> >>>> weblogic.work.ExecuteThread.execute(ExecuteThread.java:256) >> >>>> >> > at >> >>>> >> > weblogic.work.ExecuteThread.run(ExecuteThread.java:221) >> >>>> >> > > >> >>>> >> > AVIS IMPORTANT >> >>>> >> > >> >>>> >> > WARNING >> >>>> >> > >> >>>> >> > >> >>>> >> > Ce message ?lectronique et ses pi?ces jointes peuvent contenir >> >>>> >> > des renseignements confidentiels, exclusifs ou l?galement >> >>>> >> > privil?gi?s >> >>>> >> destin?s au >> >>>> >> > seul usage du destinataire vis?. L'exp?diteur original ne >> renonce ? >> >>>> >> aucun >> >>>> >> > privil?ge ou ? aucun autre droit si le pr?sent message a ?t? >> >>>> >> > transmis involontairement ou s'il est retransmis sans son >> >>>> >> > autorisation. Si vous >> >>>> >> n'?tes pas >> >>>> >> > le destinataire vis? du pr?sent message ou si vous l'avez re?u >> >>>> >> > par >> >>>> >> erreur, >> >>>> >> > veuillez cesser imm?diatement de le lire et le supprimer, >> >>>> >> > ainsi que >> >>>> >> toutes ses >> >>>> >> > pi?ces jointes, de votre syst?me. La lecture, la distribution, >> >>>> >> > la copie >> >>>> >> ou tout >> >>>> >> > autre usage du pr?sent message ou de ses pi?ces jointes par >> >>>> >> > des >> >>>> >> personnes >> >>>> >> > autres que le destinataire vis? ne sont pas autoris?s et >> >>>> >> > pourraient >> >>>> >> ?tre ill?gaux. >> >>>> >> > Si vous avez re?u ce courrier ?lectronique par erreur, >> >>>> >> > veuillez en >> >>>> >> aviser >> >>>> >> > l'exp?diteur. >> >>>> >> > >> >>>> >> > >> >>>> >> > This electronic message and its attachments may contain >> >>>> >> > confidential, proprietary or legally privileged information, >> >>>> >> > which is solely for the >> >>>> >> use of the >> >>>> >> > intended recipient. No privilege or other rights are waived by >> >>>> >> > any >> >>>> >> unintended >> >>>> >> > transmission or unauthorized retransmission of this message. >> >>>> >> > If you are >> >>>> >> not the >> >>>> >> > intended recipient of this message, or if you have received it >> >>>> >> > in >> >>>> >> error, you >> >>>> >> > should immediately stop reading this message and delete it and >> >>>> >> > all attachments from your system. The reading, distribution, >> >>>> >> > copying or >> >>>> >> other use >> >>>> >> > of this message or its attachments by unintended recipients is >> >>>> >> unauthorized and >> >>>> >> > may be unlawful. If you have received this e-mail in error, >> >>>> >> > please >> >>>> >> notify the >> >>>> >> > sender. >> >>>> >> > >> >>>> >> > -- >> >>>> >> > WARNING >> >>>> >> > ------- >> >>>> >> > This electronic message and its attachments may contain >> >>>> >> > confidential, proprietary or legally privileged information, >> >>>> >> > which is solely for the >> >>>> >> use of the >> >>>> >> > intended recipient. No privilege or other rights are waived >> >>>> >> > by any >> >>>> >> unintended >> >>>> >> > transmission or unauthorized retransmission of this message. >> >>>> >> > If you >> >>>> >> are not the >> >>>> >> > intended recipient of this message, or if you have received it >> >>>> >> > in >> >>>> >> error, you >> >>>> >> > should immediately stop reading this message and delete it and >> >>>> >> > all attachments from your system. The reading, distribution, >> >>>> >> > copying or >> >>>> >> other use >> >>>> >> > of this message or its attachments by unintended recipients is >> >>>> >> unauthorized and >> >>>> >> > may be unlawful. If you have received this e-mail in error, >> >>>> >> > please >> >>>> >> notify the >> >>>> >> > sender. >> >>>> >> > >> >>>> >> > AVIS IMPORTANT >> >>>> >> > -------------- >> >>>> >> > Ce message electronique et ses pieces jointes peuvent contenir >> >>>> >> > des renseignements confidentiels, exclusifs ou legalement >> >>>> >> > privilegies >> >>>> >> destines au >> >>>> >> > seul usage du destinataire vise. L'expediteur original ne >> >>>> >> > renonce a >> >>>> >> aucun >> >>>> >> > privilege ou a aucun autre droit si le present message a ete >> >>>> >> > transmis involontairement ou s'il est retransmis sans son >> >>>> >> > autorisation. Si vous >> >>>> >> n'etes pas >> >>>> >> > le destinataire vise du present message ou si vous l'avez recu >> >>>> >> > par >> >>>> >> erreur, >> >>>> >> > veuillez cesser immediatement de le lire et le supprimer, >> >>>> >> > ainsi que >> >>>> >> toutes ses >> >>>> >> > pieces jointes, de votre systeme. La lecture, la >> >>>> >> > distribution, la >> >>>> >> copie ou tout >> >>>> >> > autre usage du present message ou de ses pieces jointes par >> >>>> >> > des >> >>>> >> personnes >> >>>> >> > autres que le destinataire vise ne sont pas autorises et >> >>>> >> > pourraient >> >>>> >> etre illegaux. >> >>>> >> > Si vous avez recu ce courrier electronique par erreur, >> >>>> >> > veuillez en >> >>>> >> aviser >> >>>> >> > l'expediteur. >> >>>> >> > >> >>>> >> > >> >>>> >> > -- >> >>>> >> > WARNING >> >>>> >> > ------- >> >>>> >> > This electronic message and its attachments may contain >> >>>> >> > confidential, proprietary or legally privileged information, >> >>>> >> > which is solely for the >> >>>> >> use of the >> >>>> >> > intended recipient. No privilege or other rights are waived >> >>>> >> > by any >> >>>> >> unintended >> >>>> >> > transmission or unauthorized retransmission of this message. >> >>>> >> > If you >> >>>> >> are not the >> >>>> >> > intended recipient of this message, or if you have received it >> >>>> >> > in >> >>>> >> error, you >> >>>> >> > should immediately stop reading this message and delete it and >> >>>> >> > all attachments from your system. The reading, distribution, >> >>>> >> > copying or >> >>>> >> other use >> >>>> >> > of this message or its attachments by unintended recipients is >> >>>> >> unauthorized and >> >>>> >> > may be unlawful. If you have received this e-mail in error, >> >>>> >> > please >> >>>> >> notify the >> >>>> >> > sender. >> >>>> >> > >> >>>> >> > AVIS IMPORTANT >> >>>> >> > -------------- >> >>>> >> > Ce message ?lectronique et ses pi?ces jointes peuvent contenir >> >>>> >> > des renseignements confidentiels, exclusifs ou l?galement >> >>>> >> > privil?gi?s >> >>>> >> destin?s au >> >>>> >> > seul usage du destinataire vis?. L'exp?diteur original ne >> >>>> >> > renonce >> >>>> ? >> >>>> >> aucun >> >>>> >> > privil?ge ou ? aucun autre droit si le pr?sent message a ?t? >> >>>> >> > transmis involontairement ou s'il est retransmis sans son >> >>>> >> > autorisation. Si vous >> >>>> >> n'?tes pas >> >>>> >> > le destinataire vis? du pr?sent message ou si vous l'avez re?u >> >>>> >> > par >> >>>> >> erreur, >> >>>> >> > veuillez cesser imm?diatement de le lire et le supprimer, >> >>>> >> > ainsi que >> >>>> >> toutes ses >> >>>> >> > pi?ces jointes, de votre syst?me. La lecture, la >> >>>> >> > distribution, la >> >>>> >> copie ou tout >> >>>> >> > autre usage du pr?sent message ou de ses pi?ces jointes par >> >>>> >> > des >> >>>> >> personnes >> >>>> >> > autres que le destinataire vis? ne sont pas autoris?s et >> >>>> >> > pourraient >> >>>> >> ?tre ill?gaux. >> >>>> >> > Si vous avez re?u ce courrier ?lectronique par erreur, >> >>>> >> > veuillez en >> >>>> >> aviser >> >>>> >> > l'exp?diteur. >> >>>> >> > >> >>>> >> > -- >> >>>> >> > WARNING >> >>>> >> > ------- >> >>>> >> > This electronic message and its attachments may contain >> >>>> >> > confidential, proprietary or legally privileged information, >> >>>> >> > which is solely for the >> >>>> >> use of the >> >>>> >> > intended recipient. No privilege or other rights are waived >> >>>> >> > by any >> >>>> >> unintended >> >>>> >> > transmission or unauthorized retransmission of this message. >> >>>> >> > If you >> >>>> >> are not the >> >>>> >> > intended recipient of this message, or if you have received it >> >>>> >> > in >> >>>> >> error, you >> >>>> >> > should immediately stop reading this message and delete it and >> >>>> >> > all attachments from your system. The reading, distribution, >> >>>> >> > copying or >> >>>> >> other use >> >>>> >> > of this message or its attachments by unintended recipients is >> >>>> >> unauthorized and >> >>>> >> > may be unlawful. If you have received this e-mail in error, >> >>>> >> > please >> >>>> >> notify the >> >>>> >> > sender. >> >>>> >> > >> >>>> >> > AVIS IMPORTANT >> >>>> >> > -------------- >> >>>> >> > Ce message electronique et ses pieces jointes peuvent contenir >> >>>> >> > des renseignements confidentiels, exclusifs ou legalement >> >>>> >> > privilegies >> >>>> >> destines au >> >>>> >> > seul usage du destinataire vise. L'expediteur original ne >> >>>> >> > renonce a >> >>>> >> aucun >> >>>> >> > privilege ou a aucun autre droit si le present message a ete >> >>>> >> > transmis involontairement ou s'il est retransmis sans son >> >>>> >> > autorisation. Si vous >> >>>> >> n'etes pas >> >>>> >> > le destinataire vise du present message ou si vous l'avez recu >> >>>> >> > par >> >>>> >> erreur, >> >>>> >> > veuillez cesser immediatement de le lire et le supprimer, >> >>>> >> > ainsi que >> >>>> >> toutes ses >> >>>> >> > pieces jointes, de votre systeme. La lecture, la >> >>>> >> > distribution, la >> >>>> >> copie ou tout >> >>>> >> > autre usage du present message ou de ses pieces jointes par >> >>>> >> > des >> >>>> >> personnes >> >>>> >> > autres que le destinataire vise ne sont pas autorises et >> >>>> >> > pourraient >> >>>> >> etre illegaux. >> >>>> >> > Si vous avez recu ce courrier electronique par erreur, >> >>>> >> > veuillez en >> >>>> >> aviser >> >>>> >> > l'expediteur. >> >>>> >> >> >>>> >> >> >>>> >> >>>> -- >> >>>> WARNING >> >>>> ------- >> >>>> This electronic message and its attachments may contain >> >>>> confidential, proprietary or legally privileged information, which >> >>>> is solely for the use of the intended recipient. No privilege or >> >>>> other rights are waived by any unintended transmission or >> >>>> unauthorized retransmission of this message. If you are not the >> >>>> intended recipient of this message, or if you have received it in >> >>>> error, you should immediately stop reading this message and delete >> >>>> it and all attachments from your system. The reading, >> >>>> distribution, copying or other use of this message or its >> >>>> attachments by unintended recipients is unauthorized and may be >> unlawful. If you have received this e-mail in error, please notify the >> sender. >> >>>> >> >>>> AVIS IMPORTANT >> >>>> -------------- >> >>>> Ce message électronique et ses pièces jointes peuvent contenir des >> >>>> renseignements confidentiels, exclusifs ou légalement privilégiés >> >>>> destinés au seul usage du destinataire visé. L’expéditeur original >> >>>> ne renonce à aucun privilège ou à aucun autre droit si le présent >> >>>> message a été transmis involontairement ou s’il est retransmis sans >> >>>> son autorisation. Si vous n’êtes pas le destinataire visé du >> >>>> présent message ou si vous l’avez reçu par erreur, veuillez cesser >> >>>> immédiatement de le lire et le supprimer, ainsi que toutes ses >> >>>> pièces jointes, de votre système. La lecture, la distribution, la >> >>>> copie ou tout autre usage du présent message ou de ses pièces >> >>>> jointes par des personnes autres que le destinataire visé ne sont >> >>>> pas autorisés et pourraient être illégaux. Si vous avez reçu ce >> courrier électronique par erreur, veuillez en aviser l’expéditeur. >> >>>> >> >>>> >> >>> >> >> >> > >> >
