XML-Sig doesn't work after switch to JBoss-EAP Beta 2 - ClassNotFoundException: com.sun.org.apache.xml.internal...
dastraub May 19, 2012 10:34 AMToday we try to switch to the actual JBoss EAP 6 Beta 2 (I guess it's based on 7.1.2.Final (EAP))
With this version now we have a problem with XML-Signature :
18:54:10,001 SCHWERWIEGEND [com.sun.org.apache.xml.internal.security.Init] (http-executor-threads - 1) Bad: : java.lang.RuntimeException: java.lang.ClassNotFoundException: com.sun.org.apache.xml.internal.security.transfor
ms.implementations.TransformBase64Decode from [Module "deployment.dcs-ear.ear.dcs-schufa.jar:main" from Service Module Loader]
at com.sun.org.apache.xml.internal.security.transforms.Transform.register(Transform.java:280) [rt.jar:1.6.0_26]
at com.sun.org.apache.xml.internal.security.Init.init(Init.java:235) [rt.jar:1.6.0_26]
at org.jcp.xml.dsig.internal.dom.ApacheTransform.<clinit>(ApacheTransform.java:37) [rt.jar:1.6.0_26]
at java.lang.Class.forName0(Native Method) [rt.jar:1.6.0_26]
at java.lang.Class.forName(Class.java:169) [rt.jar:1.6.0_26]
at java.security.Provider$Service.getImplClass(Provider.java:1260) [rt.jar:1.6.0_26]
at java.security.Provider$Service.newInstance(Provider.java:1220) [rt.jar:1.6.0_26]
at sun.security.jca.GetInstance.getInstance(GetInstance.java:220) [rt.jar:1.6.0_26]
at javax.xml.crypto.dsig.TransformService.getInstance(TransformService.java:145) [rt.jar:1.6.0_26]
at org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory.newTransform(DOMXMLSignatureFactory.java:233) [rt.jar:1.6.0_26]
at de.xxxxx
Caused by: javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.URIReferenceException: java.lang.NullPointerException
at org.jcp.xml.dsig.internal.dom.DOMReference.dereference(DOMReference.java:352) [rt.jar:1.6.0_26]
at org.jcp.xml.dsig.internal.dom.DOMReference.digest(DOMReference.java:278) [rt.jar:1.6.0_26]
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.digestReference(DOMXMLSignature.java:447) [rt.jar:1.6.0_26]
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:343) [rt.jar:1.6.0_26]
at de.easycredit.dcs.schufa.common.SchufaCertificateHandlerBean.signXML(SchufaCertificateHandlerBean.java:175) [dcs-schufa.jar:5.3-SNAPSHOT 18.05.2012-18:49:54]
... 173 more
Caused by: javax.xml.crypto.URIReferenceException: java.lang.NullPointerException
at org.jcp.xml.dsig.internal.dom.DOMURIDereferencer.dereference(DOMURIDereferencer.java:82) [rt.jar:1.6.0_26]
at org.jcp.xml.dsig.internal.dom.DOMReference.dereference(DOMReference.java:344) [rt.jar:1.6.0_26]
... 177 more
Caused by: java.lang.NullPointerException
at com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver.getInstance(ResourceResolver.java:102) [rt.jar:1.6.0_26]
at org.jcp.xml.dsig.internal.dom.DOMURIDereferencer.dereference(DOMURIDereferencer.java:73) [rt.jar:1.6.0_26]
... 178 more
I found the following differences beetween Beta1 and Beta2
[root@dcs1 /usr/local]# diff jboss-eap-6.0.B1/modules/javaee/api/main/module.xml jboss/modules/javaee/api/main/module.xml
57,68d56
< <module name="org.apache.santuario.xmlsec" export="true">
< <exports>
< <include-set>
< <path name="javax/xml/crypto"/>
< <path name="javax/xml/crypto/dom"/>
< <path name="javax/xml/crypto/dsig"/>
< <path name="javax/xml/crypto/dsig/dom"/>
< <path name="javax/xml/crypto/dsig/keyinfo"/>
< <path name="javax/xml/crypto/dsig/spec"/>
< </include-set>
< </exports>
< </module>
[root@dcs1 /usr/local]# diff jboss-eap-6.0.B1/modules/javax/api/main/module.xml jboss/modules/javax/api/main/module.xml
101a102,107
> <path name="javax/xml/crypto"/>
> <path name="javax/xml/crypto/dom"/>
> <path name="javax/xml/crypto/dsig"/>
> <path name="javax/xml/crypto/dsig/dom"/>
> <path name="javax/xml/crypto/dsig/keyinfo"/>
> <path name="javax/xml/crypto/dsig/spec"/>
the crypto stuff moved from javaee.api to javax.api, xml-sec has now version 1.5.1 (beta 1 was 1.4.5).
To avoid the ClassNotFoundException, I added now the xmlsec.jar to the ear and added also a dependency to org.apache ...
[jboss@dcs1 ~]$ unzip -l deployments/dcs-ear.ear | grep xmlsec
607192 05-18-12 18:50 lib/xmlsec-1.5.1.jar
[jboss@dcs1 ~]$
[jboss@dcs1 ~]$ unzip -p deployments/dcs-ear.ear META-INF/MANIFEST.MF
Manifest-Version: 1.0
Archiver-Version: Plexus Archiver
Created-By: Apache Maven
Built-By: 802125
Build-Jdk: 1.6.0_23
Dependencies: org.apache.xerces,
org.slf4j,
com.sun.xml.bind,
org.apache.santuario.xmlsec
Implementation-Version: 5.3-SNAPSHOT 18.05.2012-18:49:54
But the error still remains.