使用org.apache.wss4j
工件来支持在Play Framework(Java版本)应用程序内调用SOAP服务的ws-security部分导致了这个混乱:
java.util.concurrent.CompletionException: java.lang.RuntimeException: java.lang.VerifyError: Bad type on operand stack Exception Details: Location: org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.validateSignedEncryptedPolicies(Ljava/util/List;Ljava/util/List;Ljava/util/List;Lorg/apache/cxf/message/Message;)Z @28: invokespecial Reason: Type 'org/apache/wss4j/policy/model/EncryptedParts' (current frame, stack[1]) is not assignable to 'org/apache/wss4j/policy/model/SignedParts' Current Frame: bci: @28 flags: { } locals: { 'org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator', 'java/util/List', 'java/util/List', 'java/util/List', 'org/apache/cxf/message/Message' } stack: { 'org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator', 'org/apache/wss4j/policy/model/EncryptedParts', integer, 'java/util/List', 'java/util/List', 'org/apache/cxf/message/Message' } Bytecode: 0x0000000: 2a2a b400 2d03 2c2b 1904 b700 2e9a 0005 0x0000010: 03ac 2a2a b400 2f04 2d2b 1904 b700 2e9a 0x0000020: 0005 03ac 2a2a b400 3003 2c2b 1904 b700 0x0000030: 319a 0005 03ac 2a2a b400 3203 2d2b 1904 0x0000040: b700 31ac Stackmap Table: same_frame(@18) same_frame(@36) same_frame(@54) ... suppressed 8 lines Caused by: java.lang.RuntimeException: java.lang.VerifyError: Bad type on operand stack Exception Details: Location: org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.validateSignedEncryptedPolicies(Ljava/util/List;Ljava/util/List;Ljava/util/List;Lorg/apache/cxf/message/Message;)Z @28: invokespecial Reason: Type 'org/apache/wss4j/policy/model/EncryptedParts' (current frame, stack[1]) is not assignable to 'org/apache/wss4j/policy/model/SignedParts' Current Frame: bci: @28 flags: { } locals: { 'org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator', 'java/util/List', 'java/util/List', 'java/util/List', 'org/apache/cxf/message/Message' } stack: { 'org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator', 'org/apache/wss4j/policy/model/EncryptedParts', integer, 'java/util/List', 'java/util/List', 'org/apache/cxf/message/Message' } Bytecode: 0x0000000: 2a2a b400 2d03 2c2b 1904 b700 2e9a 0005 0x0000010: 03ac 2a2a b400 2f04 2d2b 1904 b700 2e9a 0x0000020: 0005 03ac 2a2a b400 3003 2c2b 1904 b700 0x0000030: 319a 0005 03ac 2a2a b400 3203 2d2b 1904 0x0000040: b700 31ac Stackmap Table: same_frame(@18) same_frame(@36) same_frame(@54) at ir.iais.playCommons.utils.F$Promise$1.get(F.java:232) ~[play-commons_2.11-2017.0.2.12-SNAPSHOT.jar:2017.0.2.12-SNAPSHOT] ... ... 5 more Caused by: java.lang.VerifyError: Bad type on operand stack Exception Details: Location: org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.validateSignedEncryptedPolicies(Ljava/util/List;Ljava/util/List;Ljava/util/List;Lorg/apache/cxf/message/Message;)Z @28: invokespecial Reason: Type 'org/apache/wss4j/policy/model/EncryptedParts' (current frame, stack[1]) is not assignable to 'org/apache/wss4j/policy/model/SignedParts' Current Frame: bci: @28 flags: { } locals: { 'org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator', 'java/util/List', 'java/util/List', 'java/util/List', 'org/apache/cxf/message/Message' } stack: { 'org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator', 'org/apache/wss4j/policy/model/EncryptedParts', integer, 'java/util/List', 'java/util/List', 'org/apache/cxf/message/Message' } Bytecode: 0x0000000: 2a2a b400 2d03 2c2b 1904 b700 2e9a 0005 0x0000010: 03ac 2a2a b400 2f04 2d2b 1904 b700 2e9a 0x0000020: 0005 03ac 2a2a b400 3003 2c2b 1904 b700 0x0000030: 319a 0005 03ac 2a2a b400 3203 2d2b 1904 0x0000040: b700 31ac Stackmap Table: same_frame(@18) same_frame(@36) same_frame(@54) at org.apache.cxf.ws.security.wss4j.policyvalidators.ValidatorUtils.configureSupportingTokenValidators(ValidatorUtils.java:97) ~[cxf-rt-ws-security-3.1.7.jar:3.1.7] at org.apache.cxf.ws.security.wss4j.policyvalidators.ValidatorUtils.(ValidatorUtils.java:46) ~[cxf-rt-ws-security-3.1.7.jar:3.1.7] at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.doResults(PolicyBasedWSS4JInInterceptor.java:576) ~[cxf-rt-ws-security-3.1.7.jar:3.1.7] at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:277) ~[cxf-rt-ws-security-3.1.7.jar:3.1.7] at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:171) ~[cxf-rt-ws-security-3.1.7.jar:3.1.7] at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:80) ~[cxf-rt-ws-security-3.1.7.jar:3.1.7] at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:66) ~[cxf-rt-ws-security-3.1.7.jar:3.1.7] at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308) ~[cxf-core-3.1.7.jar:3.1.7] at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:798) ~[cxf-core-3.1.7.jar:3.1.7] at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1670) ~[cxf-rt-transports-http-3.1.7.jar:3.1.7] at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1551) ~[cxf-rt-transports-http-3.1.7.jar:3.1.7] at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1348) ~[cxf-rt-transports-http-3.1.7.jar:3.1.7] at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56) ~[cxf-core-3.1.7.jar:3.1.7] at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:651) ~[cxf-rt-transports-http-3.1.7.jar:3.1.7] at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62) ~[cxf-core-3.1.7.jar:3.1.7] at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308) ~[cxf-core-3.1.7.jar:3.1.7] at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:514) ~[cxf-core-3.1.7.jar:3.1.7] at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:423) ~[cxf-core-3.1.7.jar:3.1.7] at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:324) ~[cxf-core-3.1.7.jar:3.1.7] at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:277) ~[cxf-core-3.1.7.jar:3.1.7] at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96) ~[cxf-rt-frontend-simple-3.1.7.jar:3.1.7] at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:139) ~[cxf-rt-frontend-jaxws-3.1.7.jar:3.1.7] at com.sun.proxy.$Proxy124.sendMessageToConsignee(Unknown Source) ~[?:?] at ir.iais.rasam.services.AnnouncementAboutDeclarationService$1.get(AnnouncementAboutDeclarationService.java:61) ~[classes/:?] at ir.iais.rasam.services.AnnouncementAboutDeclarationService$1.get(AnnouncementAboutDeclarationService.java:48) ~[classes/:?] at ir.iais.playCommons.utils.F$Promise$1.get(F.java:230) ~[play-commons_2.11-2017.0.2.12-SNAPSHOT.jar:2017.0.2.12-SNAPSHOT] ... ... 5 more
org.apache.wss4j
工件的使用模块如下:
"org.apache.wss4j" % "wss4j-bindings" % wss4jversion,
"org.apache.wss4j" % "wss4j-policy" % wss4jversion,
"org.apache.wss4j" % "wss4j-ws-security-dom" % wss4jversion,
"org.apache.wss4j" % "wss4j-ws-security-stax" % wss4jversion,
"org.apache.wss4j" % "wss4j-integration" % wss4jversion,
"org.apache.wss4j" % "wss4j-ws-security-policy-stax" % wss4jversion,
"org.apache.wss4j" % "wss4j-ws-security-common" % wss4jversion,
wss4jVersion
的位置:
val wss4jVersion = "2.1.10"
通过搜索此部分:Type ... (current frame, stack[1]) is not assignable to ...
我登陆this page表示问题来自JVM。但是这个Q / A是针对2013年的,现在必须解决这个问题。
此外,如果我用org.apache.wss4j
工件替换"org.apache.ws.security" % "wss4j" % "1.6.18"
工件的所有上述依赖关系:NOT EXISTS
(这意味着降级包),问题将得到解决,服务调用将成功运行。
现在我的问题是:虫子撒谎的地方?在JVM或WSS4J或Play Framework中?
Play Framework版本:2.5.8
java版本" 1.8.0_121"
Java(TM)SE运行时环境(版本1.8.0_121-b13)
答案 0 :(得分:3)
问题是由Apache CXF Runtime和WSS4J之间的版本不兼容引起的。
cxf-rt-ws-security 3.1.7
depends on wss4j-policy 2.1.7
,但您使用wss4j-policy 2.1.10
。
字节码验证程序失败,因为来自EncryptedParts
的{{1}}类不能再分配给wss4j-policy
(尽管在早期版本中这些类位于同一层次结构中)。
有两种方法可以解决问题: