Monthly Archives: May 2009

java.security.InvalidKeyException: Public key presented not for certificate signature

After resolving the below mention problem, I start getting the exception given below.

Exception : [ERROR] Exception at line 122, column 68 of oxf:/ops/pfc/xforms-epilogue.xpl (re

ading processor output: name=’document’, id=’xhtml-data’)

java.security.InvalidKeyException: Public key presented not for certificate sign

ature

        at org.bouncycastle.jce.provider.X509CertificateObject.checkSignature(Un

known Source)

        at org.bouncycastle.jce.provider.X509CertificateObject.verify(Unknown So

urce)

        at javax.crypto.SunJCE_b.d(DashoA12275)

        at javax.crypto.SunJCE_b.c(DashoA12275)

        at javax.crypto.SunJCE_r.run(DashoA12275)

        at java.security.AccessController.doPrivileged(Native Method)

        at javax.crypto.SunJCE_b.<clinit>(DashoA12275)

        at javax.crypto.Cipher.getInstance(DashoA12275)

        at org.orbeon.oxf.util.SecureUtils.encrypt(SecureUtils.java:135)

        at org.orbeon.oxf.xforms.XFormsUtils.encodeBytes(XFormsUtils.java:184)

        at org.orbeon.oxf.xforms.XFormsUtils.encodeXML(XFormsUtils.java:157)

        at org.orbeon.oxf.xforms.XFormsStaticState.getEncodedStaticState(XFormsS

taticState.java:220)

The resolution to this problem was probably the last nail in the coffin of my problems which I was facing since last 13-14 days. I have found the resolution on this link. Though you can find the steps of resolution of this problem on the link (And infect they are original) I am writing them again (copying infect) in case this link stop working tomorrow.

1. Suppose you are using jdk15. Go to http://java.sun.com/javase/downloads/index_jdk5.jsp

2. Go to the Other Downloads section and click on download link next to “Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 5.0”

3. Download jce_policy-1_5_0.zip and extract it in to a directory.

4. You will find local_policy.jar and US_export_policy.jar files there in the extracted directory. Copy these two files to $JAVA_HOME/jre/lib/security directory. (These files will already be there. you may replace them)

5. Restart WSO2 WSAS and invoke your secured service again. You will not encounter the “invalidkeyException” any more.

I would like to say thanks to Charitha to help me out in resolving this issue in the same way as Yuvi is doing to Kumar Sangakara and M. Jaya to help him in winning a match or two for KIP.

5 Comments

Filed under WebLogic

No class def found error at java.lang.NoClassDefFoundError: javax/crypto/SunJCE_b:

Exception – InitUtils.runProcessor(110) | Exception at line 122, column 68 of oxf:/o

ps/pfc/xforms-epilogue.xpl (reading processor output: name=’document’, id=’xhtml

-data’)

java.lang.NoClassDefFoundError: javax/crypto/SunJCE_b

        at javax.crypto.Cipher.getInstance(DashoA12275)

        at org.orbeon.oxf.util.SecureUtils.encrypt(SecureUtils.java:135)

        at org.orbeon.oxf.xforms.XFormsUtils.encodeBytes(XFormsUtils.java:184)

        at org.orbeon.oxf.xforms.XFormsUtils.encodeXML(XFormsUtils.java:157)

        at org.orbeon.oxf.xforms.XFormsStaticState.getEncodedStaticState(XFormsS

taticState.java:220)

        at org.orbeon.oxf.xforms.processor.XFormsToXHTML.createCacheContainingDo

cument(XFormsToXHTML.java:328)

        at org.orbeon.oxf.xforms.processor.XFormsToXHTML.access$200(XFormsToXHTM

L.java:51)

The solution for this problem was quit tricky and taken out a hell out of us. While trying to up WSI along with ODE and Axis2 on WL, whenever we start WSI before rest of the services, it was working fine. But when we started or used WSI after other two services, we were getting this exception. Thanks to efforts of Sri, that in the end we come through to this.

Solution: Put bcprov-jdk15-143.jar in bea\jdk150_12\jre\lib\ext folder. This jar can be downloaded from http://www.bouncycastle.org/latest_releases.html. Also put the line ‘security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider’ in bea\jdk150_12\jre\lib\security\java.security. Make sure this line is at number two only. Change the sequence of others.

Important Links:

1) http://mail-archives.apache.org/mod_mbox/ws-axis-user/200606.mbox/<OF2E2E121C.A4B12874-ON85257184.00457BAE-85257184.00461B2C@mro.com>

2) http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6567947

3) http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6647104

Leave a comment

Filed under WebLogic

ODE Qname NameSpace Exception

After resolving previously mentioned issue, something more interesting was waiting for me on the way to my journey to deploy ODE on weblogic. Here is a small stack trace for the same.

 java.rmi.ServerException: RemoteException occurred in server thread; nested exce

ption is:

        java.rmi.UnmarshalException: error unmarshalling arguments; nested excep

tion is:

        java.io.InvalidClassException: javax.xml.namespace.QName; local class in

compatible: stream classdesc serialVersionUID = 4418622981026545151, local class

 serialVersionUID = -711357515002332258

 This issue was reported as a bug with java and you can check its description and some more information about it at this link. Below are some of the solutions which are given at above mentioned link.

 Submitted On 04-MAY-2007
chris-j-01

I had the same problem as the last person who submitted
On 08-MAR-2007. I was using 1.5.0_10 with weblogic 9.2.
I downgraded to 1.5.0_06 and it works.

Submitted On 22-JUN-2007
mdepot

Look into adding the following option to java as a workaround for this issue:
 
-Dcom.sun.xml.namespace.QName.useCompatibleSerialVersionUID=1.0
 

Submitted On 24-JUL-2008
Titto 
Even I solved this error by pointing the jdk for weblogic to
BEA JRockit(R) JDK 5.0 Update 4 (R26.0.0-189_CR269406)

 I have tried almost all of them but nothing has worked for yours truly. Workaround ‘-Dcom.sun.xml.namespace.QName.useCompatibleSerialVersionUID=1.0’ has been suggested by many of other links and I’ll suggest you to use this solution first. Below are some of the links I have gone through during my voyage of resolving this issue.

 http://mattfleming.com/node/264

http://jira.codehaus.org/browse/MOJO-1223

http://objectmix.com/weblogic/519553-javax-xml-namespace-qname-incompatible-4.html

http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6267224

 http://forums.terracotta.org/forums/posts/list/204.page

 Some of these links can prove beneficial for you if you are struggling with this kind of exception.

 Solution: The solution which worked for us can’t be suggested at first go. But we were not able to move forward and the delivery deadlines were about to crush us, we were left with no more RnD time and have implemented it. And the solution is to change QName.class in stax-api-1.0.1.jar in ODE libs with one in C:\bea\jdk150_12\jre\lib\rt.jar. Ummm, the solution looks tricky but it is just like that.

Leave a comment

Filed under WebLogic

Exception org.apache.xml.serialize.XML11Serializer overrides final method

While trying to run ODE with WebLogic, I got the following exception.

 

A) <[weblogic.servlet.int

ernal.WebAppServletContext@10c1fd1 – appName: ‘ode’, name: ‘ode’, context-path:

‘/ode’] Root cause of ServletException.

java.lang.VerifyError: class org.apache.xml.serialize.XML11Serializer overrides

final method ?.?

        at java.lang.ClassLoader.defineClass1(Native Method)

        at java.lang.ClassLoader.defineClass(ClassLoader.java:620)

        at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:12

4)

        at weblogic.utils.classloaders.GenericClassLoader.defineClass(GenericCla

ssLoader.java:355)

        at weblogic.utils.classloaders.GenericClassLoader.findLocalClass(Generic

ClassLoader.java:294)

        Truncated. see log file for complete stacktrace

 

This is not complete stack trace but I have just given the top of exception description. This is a good example of class loading problem. Actually XML11Serializer class is in ‘xercesImpl-2.9.0.jar’ in ODE. This class file conflicts with one in WebLogic. To resolve this issue, other then changing some small application level configuration, I have Created weblogic.xml with ‘<prefer-web-inf-classes>true</prefer-web-inf-classes>’ entry and put

it in ode/web-inf/ directory.  This fixed the problem for me. ‘prefer-web-inf-classes’ element (a sub-element of the <container-descriptor> element), by default is set to False. Setting this element to True subverts the classloader delegation model so that class definitions from the Web application are loaded in preference to class definitions in higher-level classloaders. This allows a Web application to use its own version of a third-party class, which might also be part of WebLogic Server. If you want to read more about this you can go to this link. Since I have used WL 9.2, it’s a link for docs92. You can change it to 81 or 100 for WL 8.1 and 10.0 respectively.

Leave a comment

Filed under WebLogic

How to customize weblogic WLST Template to create a domain?

Before start writing anything about this, I would like to thanks my friends P.venkat and Srinivas Rao to help me in understand and modify the existing wls.jar template according to my requirements. As I have posted in my previous post, I am going to explain how you can modify it according to your requirements. You may need few extra things or you may want to skip few of them, but that’s all should be decided by you. I am leaving you with my modification.

 First of all go to C:\bea\weblogic92\common\templates\domains, assuming your WL is installed at C:/ drive, and you will get the wls.jar template there. Unjar this file in some folder. You can use Winzip or winrar or you can do it via command prompt. Use the following command

 ‘Path of the folder where you want to unjar this template>jar -xvf C:\bea\weblogic92\common\templates\domains\wls.jar’.

 It will extract all the files in wls folder. The wls will look like the picture given below. It will have the following folders

1)      autodeploy

2)      config

3)      console-ext

4)      lib

5)      META-INF

6)      user_staged_config

and the following files

 1)      fileRealm.properties

2)      security.xml

3)      startmenu.xml

4)      startscript.xml

5)      stringsubs.xml

6)      template-info.xml

   doc

 

Now you can make the following changes in this exploded template

1)      In autodeploy folder, you have to put all your applications which you want to deploy on any machine and want to deliver it as a bundle with setup environment

2)      In Config/config.xml file, you have to change the name tag with the name of domain you want to create e.g if you want to create skydomain then the tag should be like <name>skydomain</name>.

3)      Inside lib folder, put all the library file you need to run your application and you need them on the machine where you are going to install your application by creating you domain.

4)      In startscript.xml file you can give the value of JAVA_OPTIONS under <setenv > tab. The value tag will look something line <value>%JAVA_OPTIONS% -Dfile.encoding=UTF-8 -Dode.connection.isolation=2</value>.

5)      Othere then this you can fix java_home in this file according to your requirement to SUN or to JRocket.

You need not to change rest of the things but you can search and change any other thing required by you in this exploded template.

After making all these changes, you have to make a jar file again. You can use command prompt for the same like

‘Path of the folder from where you want to make a jar file>jar -cvf C:\bea\weblogic92\common\templates\domains\skyjar.jar *’

And you are done. All you have to do is to provide this jar file along with your script.py file to create a domain on any machine according to your requirement. 

If you have further any question, please feel free to write me back.

 Regards,

–Vicky

2 Comments

Filed under WebLogic