[prev in list] [next in list] [prev in thread] [next in thread]
List: ws-general
Subject: [jira] [Updated] (WSS-401) Concurrency issue in generating signature under high load
From: "Colm O hEigeartaigh (JIRA)" <jira () apache ! org>
Date: 2012-09-27 15:34:08
Message-ID: 2129446096.134176.1348760048385.JavaMail.jiratomcat () arcas
[Download RAW message or body]
[ https://issues.apache.org/jira/browse/WSS-401?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel \
]
Colm O hEigeartaigh updated WSS-401:
------------------------------------
Fix Version/s: (was: 1.5.13)
> Concurrency issue in generating signature under high load
> ---------------------------------------------------------
>
> Key: WSS-401
> URL: https://issues.apache.org/jira/browse/WSS-401
> Project: WSS4J
> Issue Type: Bug
> Affects Versions: 1.5.11
> Reporter: Hasini Gunasinghe
> Assignee: Colm O hEigeartaigh
> Priority: Critical
> Attachments: WSS-401.patch
>
>
> Error Logs:
> 1.
> Caused by: org.apache.rampart.RampartException: Error in signature with X509Token
> at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:741)
> at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:414)
> at org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:90)
> at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147)
> at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65)
> ... 18 more
> Caused by: org.apache.ws.security.WSSecurityException: Signature creation failed; \
> nested exception is: java.util.ConcurrentModificationException
> at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:732)
> at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:732)
>
> ... 22 more
> Caused by: java.util.ConcurrentModificationException
> at java.util.AbstractList$Itr.checkForComodification(AbstractList.java:372)
> at java.util.AbstractList$Itr.next(AbstractList.java:343)
> at org.apache.ws.security.WSDocInfo.getSecurityTokenReference(WSDocInfo.java:86)
> at org.apache.ws.security.message.EnvelopeIdResolver.engineResolve(EnvelopeIdResolver.java:114)
> at org.apache.xml.security.utils.resolver.ResourceResolver.resolve(Unknown Source)
> at org.apache.xml.security.signature.Reference.getContentsBeforeTransformation(Unknown \
> Source) at org.apache.xml.security.signature.Reference.dereferenceURIandPerformTransforms(Unknown \
> Source) at org.apache.xml.security.signature.Reference.calculateDigest(Unknown \
> Source) at org.apache.xml.security.signature.Reference.generateDigestValue(Unknown \
> Source) at org.apache.xml.security.signature.Manifest.generateDigestValues(Unknown \
> Source) at org.apache.xml.security.signature.XMLSignature.sign(Unknown Source)
> at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:724)
>
> ... 23 more
> 2.
> java.util.ConcurrentModificationException
> at java.util.AbstractList$Itr.checkForComodification(AbstractList.java:372)
> at java.util.AbstractList$Itr.next(AbstractList.java:343)
> at org.apache.ws.security.WSDocInfo.getSecurityTokenReference(WSDocInfo.java:86)
> at org.apache.ws.security.message.EnvelopeIdResolver.engineResolve(EnvelopeIdResolver.java:114)
> at org.apache.xml.security.utils.resolver.ResourceResolver.resolve(Unknown Source)
> at org.apache.xml.security.signature.Reference.getContentsBeforeTransformation(Unknown \
> Source) at org.apache.xml.security.signature.Reference.dereferenceURIandPerformTransforms(Unknown \
> Source) at org.apache.xml.security.signature.Reference.calculateDigest(Unknown \
> Source) at org.apache.xml.security.signature.Reference.verify(Unknown Source)
> at org.apache.xml.security.signature.Manifest.verifyReferences(Unknown Source)
> at org.apache.xml.security.signature.SignedInfo.verify(Unknown Source)
> at org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown \
> Source) at org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown \
> Source) at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:516)
> at org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:120)
> at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:332)
> at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:249)
> at org.apache.rampart.RampartEngine.process(RampartEngine.java:177)
> at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic