'[jira] [Closed] (WSS-401) Concurrency issue in generating signature under high load'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       webservices-general
Subject:    [jira] [Closed] (WSS-401) Concurrency issue in generating signature under high load
From:       "Colm O hEigeartaigh (JIRA)" <jira () apache ! org>
Date:       2014-10-07 8:04:34
Message-ID: JIRA.12605137.1346103569000.206379.1412669074522 () Atlassian ! JIRA
[Download RAW message or body]


     [ https://issues.apache.org/jira/browse/WSS-401?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel \
]

Colm O hEigeartaigh closed WSS-401.
-----------------------------------

> Concurrency issue in generating signature under high load
> ---------------------------------------------------------
> 
> Key: WSS-401
> URL: https://issues.apache.org/jira/browse/WSS-401
> Project: WSS4J
> Issue Type: Bug
> Affects Versions: 1.5.11
> Reporter: Hasini Gunasinghe
> Assignee: Colm O hEigeartaigh
> Priority: Critical
> Attachments: WSS-401.patch
> 
> 
> Error Logs:
> 1.
> Caused by: org.apache.rampart.RampartException: Error in signature with X509Token
> at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:741)
>  at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:414)
>  at org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:90)
>  at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147)
> at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65)
> ... 18 more
> Caused by: org.apache.ws.security.WSSecurityException: Signature creation failed; \
> nested exception is:  java.util.ConcurrentModificationException
> at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:732)
>  at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:732)
>                 
> ... 22 more
> Caused by: java.util.ConcurrentModificationException
> at java.util.AbstractList$Itr.checkForComodification(AbstractList.java:372)
> at java.util.AbstractList$Itr.next(AbstractList.java:343)
> at org.apache.ws.security.WSDocInfo.getSecurityTokenReference(WSDocInfo.java:86)
> at org.apache.ws.security.message.EnvelopeIdResolver.engineResolve(EnvelopeIdResolver.java:114)
>  at org.apache.xml.security.utils.resolver.ResourceResolver.resolve(Unknown Source)
> at org.apache.xml.security.signature.Reference.getContentsBeforeTransformation(Unknown \
> Source) at org.apache.xml.security.signature.Reference.dereferenceURIandPerformTransforms(Unknown \
> Source) at org.apache.xml.security.signature.Reference.calculateDigest(Unknown \
> Source) at org.apache.xml.security.signature.Reference.generateDigestValue(Unknown \
> Source) at org.apache.xml.security.signature.Manifest.generateDigestValues(Unknown \
> Source) at org.apache.xml.security.signature.XMLSignature.sign(Unknown Source)
> at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:724)
>                 
> ... 23 more
> 2.
> java.util.ConcurrentModificationException
> at java.util.AbstractList$Itr.checkForComodification(AbstractList.java:372)
> at java.util.AbstractList$Itr.next(AbstractList.java:343)
> at org.apache.ws.security.WSDocInfo.getSecurityTokenReference(WSDocInfo.java:86)
> at org.apache.ws.security.message.EnvelopeIdResolver.engineResolve(EnvelopeIdResolver.java:114)
>  at org.apache.xml.security.utils.resolver.ResourceResolver.resolve(Unknown Source)
> at org.apache.xml.security.signature.Reference.getContentsBeforeTransformation(Unknown \
> Source) at org.apache.xml.security.signature.Reference.dereferenceURIandPerformTransforms(Unknown \
> Source) at org.apache.xml.security.signature.Reference.calculateDigest(Unknown \
> Source) at org.apache.xml.security.signature.Reference.verify(Unknown Source)
> at org.apache.xml.security.signature.Manifest.verifyReferences(Unknown Source)
> at org.apache.xml.security.signature.SignedInfo.verify(Unknown Source)
> at org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown \
> Source) at org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown \
> Source) at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:516)
>  at org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:120)
>  at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:332)
>  at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:249)
>  at org.apache.rampart.RampartEngine.process(RampartEngine.java:177)
> at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic