xws-security 与 Java 8 不兼容吗?
Is xws-security incompatible with Java 8?
我实现了一个 SOAP Web 服务服务器和客户端(基于 http://spring.io/guides/gs/producing-web-service/)。通信使用对称的 24 位 DESede 密钥加密。
当使用 JAVA 目标运行时 1.7 编译客户端时,它可以成功地与服务器交换消息。但是,将运行时更改为 1.8 后,抛出以下异常:
. ____ _ __ _ _
/\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v1.2.4.RELEASE)
2015-06-22 11:14:48.557 INFO 5556 --- [ main] demo.ConsumerApplication : Starting ConsumerApplication on CSDM-20140014 with PID 5556 (C:\Users\Schwalowskis\development\local\consumer\target\classes started by Schwalowskis in C:\Users\Schwalowskis\development\local\consumer)
2015-06-22 11:14:48.652 INFO 5556 --- [ main] s.c.a.AnnotationConfigApplicationContext : Refreshing org.springframework.context.annotation.AnnotationConfigApplicationContext@bdb505: startup date [Mon Jun 22 11:14:48 CEST 2015]; root of context hierarchy
2015-06-22 11:14:48.917 INFO 5556 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'webServiceConfiguration' of type [class demo.WebServiceConfiguration$$EnhancerBySpringCGLIB$e25ba2] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2015-06-22 11:14:48.932 INFO 5556 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.ws.config.annotation.DelegatingWsConfiguration' of type [class org.springframework.ws.config.annotation.DelegatingWsConfiguration$$EnhancerBySpringCGLIB$98a572] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2015-06-22 11:14:49.042 INFO 5556 --- [ main] .w.s.a.s.AnnotationActionEndpointMapping : Supporting [WS-Addressing August 2004, WS-Addressing 1.0]
2015-06-22 11:14:49.619 WARN 5556 --- [ main] o.s.w.s.s.support.KeyStoreFactoryBean : Creating empty key store
2015-06-22 11:14:49.620 INFO 5556 --- [ main] o.s.w.s.s.support.KeyStoreFactoryBean : Loading key store from file [C:\Program Files\Java\jdk1.8.0\jre\lib\security\cacerts]
2015-06-22 11:14:49.776 INFO 5556 --- [ main] o.s.w.s.s.xwss.XwsSecurityInterceptor : Loading policy configuration from from 'class path resource [securityPolicy.xml]'
2015-06-22 11:14:50.337 INFO 5556 --- [ main] o.s.oxm.jaxb.Jaxb2Marshaller : Creating JAXBContext with context path [countries.wsdl]
2015-06-22 11:14:50.540 INFO 5556 --- [ main] o.s.ws.soap.saaj.SaajSoapMessageFactory : Creating SAAJ 1.3 MessageFactory with SOAP 1.1 Protocol
2015-06-22 11:14:50.649 INFO 5556 --- [ main] demo.ConsumerApplication : Started ConsumerApplication in 2.576 seconds (JVM running for 3.105)
Requesting country Poland
Exception in thread "main" 2015-06-22 11:14:52.429 INFO 5556 --- [ Thread-1] s.c.a.AnnotationConfigApplicationContext : Closing org.springframework.context.annotation.AnnotationConfigApplicationContext@bdb505: startup date [Mon Jun 22 11:14:48 CEST 2015]; root of context hierarchy
java.lang.NoSuchMethodError: com.sun.org.apache.xml.internal.security.encryption.XMLCipher.getInstance(Ljava/lang/String;Ljavax/crypto/Cipher;)Lcom/sun/org/apache/xml/internal/security/encryption/XMLCipher;
at com.sun.xml.wss.impl.apachecrypto.EncryptionProcessor.encrypt(EncryptionProcessor.java:1053)
at com.sun.xml.wss.impl.filter.EncryptionFilter.encrypt(EncryptionFilter.java:430)
at com.sun.xml.wss.impl.filter.EncryptionFilter.process(EncryptionFilter.java:389)
at com.sun.xml.wss.impl.HarnessUtil.processWSSPolicy(HarnessUtil.java:81)
at com.sun.xml.wss.impl.HarnessUtil.processDeep(HarnessUtil.java:252)
at com.sun.xml.wss.impl.SecurityAnnotator.processMessagePolicy(SecurityAnnotator.java:172)
at com.sun.xml.wss.impl.SecurityAnnotator.secureMessage(SecurityAnnotator.java:133)
at com.sun.xml.wss.impl.misc.XWSSProcessor2_0Impl.secureOutboundMessage(XWSSProcessor2_0Impl.java:94)
at org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor.secureMessage(XwsSecurityInterceptor.java:138)
at org.springframework.ws.soap.security.AbstractWsSecurityInterceptor.handleRequest(AbstractWsSecurityInterceptor.java:210)
at org.springframework.ws.client.core.WebServiceTemplate.doSendAndReceive(WebServiceTemplate.java:597)
at org.springframework.ws.client.core.WebServiceTemplate.sendAndReceive(WebServiceTemplate.java:555)
at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:390)
at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:383)
at demo.client.CountriesClient.getCountry(CountriesClient.java:20)
at demo.ConsumerApplication.main(ConsumerApplication.java:24)
(Maven 依赖项)POM:
<!-- XWSS::start -->
<dependency>
<groupId>org.springframework.ws</groupId>
<artifactId>spring-ws-security</artifactId>
</dependency>
<dependency>
<groupId>com.sun.xml.wss</groupId>
<artifactId>xws-security</artifactId>
<version>3.0</version>
<exclusions>
<exclusion>
<artifactId>xmldsig</artifactId>
<groupId>javax.xml.crypto</groupId>
</exclusion>
<exclusion>
<artifactId>activation</artifactId>
<groupId>javax.activation</groupId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.sun.xml.messaging.saaj</groupId>
<artifactId>saaj-impl</artifactId>
<version>1.3.25</version>
</dependency>
<!-- XWSS::end -->
EncryptionProcessor.java (xws-security-3.0.jar http://mvnrepository.com/artifact/com.sun.xml.wss/xws-security/3.0):
// line=1050
String dataAlgorithm = JCEMapper.translateURItoJCEID(dataEncAlgo); // 1051
_dataCipher = Cipher.getInstance(dataAlgorithm); // 1052
_dataEncryptor = XMLCipher.getInstance(dataEncAlgo,_dataCipher); //1053
_dataCipher.init(XMLCipher.ENCRYPT_MODE, _symmetricKey); //1054
_dataEncryptor.init(XMLCipher.ENCRYPT_MODE, _symmetricKey); // 1055
// 1056
XMLCipher class 加载自:
%java_home%\jre\lib\rt.jar!com.sun.org.apache.xml.internal.security.encryption.XMLCipher
这是 Java 8 中的错误还是我必须更新依赖项?
您是否尝试过删除排除项
<exclusion>
<artifactId>activation</artifactId>
<groupId>javax.activation</groupId>
</exclusion>
来自 com.sun.xml.wss 依赖项?
亲切的问候
我确实可以确认 xws-security-3.0.jar 与 Java 8 不兼容。
所以我最终不得不修复依赖项中的 class。参见:
尝试用下面提到的替换安全配置:
<dependency>
<groupId>org.springframework.ws</groupId>
<artifactId>spring-ws-security</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.sun.xml.wss</groupId>
<artifactId>xws-security</artifactId>
<version>3.0</version>
<exclusions>
<exclusion>
<groupId>javax.xml.crypto</groupId>
<artifactId>xmldsig</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>javax.activation</groupId>
<artifactId>activation</artifactId>
<version>1.1.1</version>
</dependency>
我实现了一个 SOAP Web 服务服务器和客户端(基于 http://spring.io/guides/gs/producing-web-service/)。通信使用对称的 24 位 DESede 密钥加密。
当使用 JAVA 目标运行时 1.7 编译客户端时,它可以成功地与服务器交换消息。但是,将运行时更改为 1.8 后,抛出以下异常:
. ____ _ __ _ _
/\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v1.2.4.RELEASE)
2015-06-22 11:14:48.557 INFO 5556 --- [ main] demo.ConsumerApplication : Starting ConsumerApplication on CSDM-20140014 with PID 5556 (C:\Users\Schwalowskis\development\local\consumer\target\classes started by Schwalowskis in C:\Users\Schwalowskis\development\local\consumer)
2015-06-22 11:14:48.652 INFO 5556 --- [ main] s.c.a.AnnotationConfigApplicationContext : Refreshing org.springframework.context.annotation.AnnotationConfigApplicationContext@bdb505: startup date [Mon Jun 22 11:14:48 CEST 2015]; root of context hierarchy
2015-06-22 11:14:48.917 INFO 5556 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'webServiceConfiguration' of type [class demo.WebServiceConfiguration$$EnhancerBySpringCGLIB$e25ba2] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2015-06-22 11:14:48.932 INFO 5556 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.ws.config.annotation.DelegatingWsConfiguration' of type [class org.springframework.ws.config.annotation.DelegatingWsConfiguration$$EnhancerBySpringCGLIB$98a572] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2015-06-22 11:14:49.042 INFO 5556 --- [ main] .w.s.a.s.AnnotationActionEndpointMapping : Supporting [WS-Addressing August 2004, WS-Addressing 1.0]
2015-06-22 11:14:49.619 WARN 5556 --- [ main] o.s.w.s.s.support.KeyStoreFactoryBean : Creating empty key store
2015-06-22 11:14:49.620 INFO 5556 --- [ main] o.s.w.s.s.support.KeyStoreFactoryBean : Loading key store from file [C:\Program Files\Java\jdk1.8.0\jre\lib\security\cacerts]
2015-06-22 11:14:49.776 INFO 5556 --- [ main] o.s.w.s.s.xwss.XwsSecurityInterceptor : Loading policy configuration from from 'class path resource [securityPolicy.xml]'
2015-06-22 11:14:50.337 INFO 5556 --- [ main] o.s.oxm.jaxb.Jaxb2Marshaller : Creating JAXBContext with context path [countries.wsdl]
2015-06-22 11:14:50.540 INFO 5556 --- [ main] o.s.ws.soap.saaj.SaajSoapMessageFactory : Creating SAAJ 1.3 MessageFactory with SOAP 1.1 Protocol
2015-06-22 11:14:50.649 INFO 5556 --- [ main] demo.ConsumerApplication : Started ConsumerApplication in 2.576 seconds (JVM running for 3.105)
Requesting country Poland
Exception in thread "main" 2015-06-22 11:14:52.429 INFO 5556 --- [ Thread-1] s.c.a.AnnotationConfigApplicationContext : Closing org.springframework.context.annotation.AnnotationConfigApplicationContext@bdb505: startup date [Mon Jun 22 11:14:48 CEST 2015]; root of context hierarchy
java.lang.NoSuchMethodError: com.sun.org.apache.xml.internal.security.encryption.XMLCipher.getInstance(Ljava/lang/String;Ljavax/crypto/Cipher;)Lcom/sun/org/apache/xml/internal/security/encryption/XMLCipher;
at com.sun.xml.wss.impl.apachecrypto.EncryptionProcessor.encrypt(EncryptionProcessor.java:1053)
at com.sun.xml.wss.impl.filter.EncryptionFilter.encrypt(EncryptionFilter.java:430)
at com.sun.xml.wss.impl.filter.EncryptionFilter.process(EncryptionFilter.java:389)
at com.sun.xml.wss.impl.HarnessUtil.processWSSPolicy(HarnessUtil.java:81)
at com.sun.xml.wss.impl.HarnessUtil.processDeep(HarnessUtil.java:252)
at com.sun.xml.wss.impl.SecurityAnnotator.processMessagePolicy(SecurityAnnotator.java:172)
at com.sun.xml.wss.impl.SecurityAnnotator.secureMessage(SecurityAnnotator.java:133)
at com.sun.xml.wss.impl.misc.XWSSProcessor2_0Impl.secureOutboundMessage(XWSSProcessor2_0Impl.java:94)
at org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor.secureMessage(XwsSecurityInterceptor.java:138)
at org.springframework.ws.soap.security.AbstractWsSecurityInterceptor.handleRequest(AbstractWsSecurityInterceptor.java:210)
at org.springframework.ws.client.core.WebServiceTemplate.doSendAndReceive(WebServiceTemplate.java:597)
at org.springframework.ws.client.core.WebServiceTemplate.sendAndReceive(WebServiceTemplate.java:555)
at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:390)
at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:383)
at demo.client.CountriesClient.getCountry(CountriesClient.java:20)
at demo.ConsumerApplication.main(ConsumerApplication.java:24)
(Maven 依赖项)POM:
<!-- XWSS::start -->
<dependency>
<groupId>org.springframework.ws</groupId>
<artifactId>spring-ws-security</artifactId>
</dependency>
<dependency>
<groupId>com.sun.xml.wss</groupId>
<artifactId>xws-security</artifactId>
<version>3.0</version>
<exclusions>
<exclusion>
<artifactId>xmldsig</artifactId>
<groupId>javax.xml.crypto</groupId>
</exclusion>
<exclusion>
<artifactId>activation</artifactId>
<groupId>javax.activation</groupId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.sun.xml.messaging.saaj</groupId>
<artifactId>saaj-impl</artifactId>
<version>1.3.25</version>
</dependency>
<!-- XWSS::end -->
EncryptionProcessor.java (xws-security-3.0.jar http://mvnrepository.com/artifact/com.sun.xml.wss/xws-security/3.0):
// line=1050
String dataAlgorithm = JCEMapper.translateURItoJCEID(dataEncAlgo); // 1051
_dataCipher = Cipher.getInstance(dataAlgorithm); // 1052
_dataEncryptor = XMLCipher.getInstance(dataEncAlgo,_dataCipher); //1053
_dataCipher.init(XMLCipher.ENCRYPT_MODE, _symmetricKey); //1054
_dataEncryptor.init(XMLCipher.ENCRYPT_MODE, _symmetricKey); // 1055
// 1056
XMLCipher class 加载自:
%java_home%\jre\lib\rt.jar!com.sun.org.apache.xml.internal.security.encryption.XMLCipher
这是 Java 8 中的错误还是我必须更新依赖项?
您是否尝试过删除排除项
<exclusion>
<artifactId>activation</artifactId>
<groupId>javax.activation</groupId>
</exclusion>
来自 com.sun.xml.wss 依赖项?
亲切的问候
我确实可以确认 xws-security-3.0.jar 与 Java 8 不兼容。
所以我最终不得不修复依赖项中的 class。参见:
尝试用下面提到的替换安全配置:
<dependency>
<groupId>org.springframework.ws</groupId>
<artifactId>spring-ws-security</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.sun.xml.wss</groupId>
<artifactId>xws-security</artifactId>
<version>3.0</version>
<exclusions>
<exclusion>
<groupId>javax.xml.crypto</groupId>
<artifactId>xmldsig</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>javax.activation</groupId>
<artifactId>activation</artifactId>
<version>1.1.1</version>
</dependency>