我们有一个用CXF实现的Web服务,可以在JBoss 5.1上运行。
最近我们将CXF从2.3.1升级到2.5.9。
我们还在服务中添加了WS-Policy,因此来自客户端的soap请求包含x509证书令牌。
但是,在处理请求时,框架会在尝试加载ClassNotFoundException
时抛出org.apache.ws.security.components.crypto.Merlin
,wss4j-1.6.9.jar
位于java.lang.ClassNotFoundException: org.apache.ws.security.components.crypto.Merlin
at java.net.URLClassLoader$1.run(URLClassLoader.java:200)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
at java.lang.ClassLoader.loadClass(ClassLoader.java:303)
at java.lang.ClassLoader.loadClass(ClassLoader.java:248)
at org.apache.ws.security.util.Loader.loadClass(Loader.java:252)
at org.apache.ws.security.util.Loader.loadClass(Loader.java:245)
at org.apache.ws.security.util.Loader.loadClass(Loader.java:239)
at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:109)
at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:78)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.getSignatureCrypto(PolicyBasedWSS4JInInterceptor.java:383)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.checkAsymmetricBinding(PolicyBasedWSS4JInInterceptor.java:221)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.computeAction(PolicyBasedWSS4JInInterceptor.java:585)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:238)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:100)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:122)
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:233)
at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:209)
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:189)
at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:129)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:223)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:143)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:199)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)
。
这是异常的完整调用堆栈:
org.apache.ws.security.util.Loader
有趣的是,同一个JAR中的其他类已成功加载。例如{{1}},可以在调用堆栈中看到。我试图将JAR放在我的WAR和JBoss lib文件夹中,但它没有解决任何问题。
有什么想法吗?
答案 0 :(得分:1)
找到解决方案:从属性文件中获取的类名具有尾随空格。删除空格后,加载的类没有问题。