Uploaded image for project: 'Spring Web Services'
  1. Spring Web Services
  2. SWS-970

Getting "java.lang.NoSuchMethodError: org.apache.xml.security.utils.I18n.init(Ljava/util/ResourceBundle;)V" exception

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 2.3.0
    • Fix Version/s: None
    • Component/s: Security
    • Labels:
      None
    • Environment:
      OS: Mac OS X 10.12
      Server: Apache Tomcat, 8.0.28
      Java:
      java version "1.8.0_92"
      Java(TM) SE Runtime Environment (build 1.8.0_92-b14)
      Java HotSpot(TM) 64-Bit Server VM (build 25.92-b14, mixed mode)

      Description

      Hello guys,

      I tried to configure Spring WS Security to use "UsernameToken" validation on server. The service is working as expected when it's used without WS-Security. However, when I send a SOAP request with correct credentials, I get following exception:

      java.lang.NoSuchMethodError: org.apache.xml.security.utils.I18n.init(Ljava/util/ResourceBundle;)V
      	at org.apache.wss4j.common.crypto.WSProviderConfig.initializeResourceBundles(WSProviderConfig.java:199) ~[wss4j-ws-security-common-2.1.4.jar:2.1.4]
      	at org.apache.wss4j.common.crypto.WSProviderConfig.init(WSProviderConfig.java:65) ~[wss4j-ws-security-common-2.1.4.jar:2.1.4]
      	at org.apache.wss4j.dom.engine.WSSConfig.init(WSSConfig.java:347) ~[wss4j-ws-security-dom-2.1.4.jar:2.1.4]
      	at org.apache.wss4j.dom.engine.WSSConfig.getNewInstance(WSSConfig.java:356) ~[wss4j-ws-security-dom-2.1.4.jar:2.1.4]
      	at org.apache.wss4j.dom.engine.WSSecurityEngine.getWssConfig(WSSecurityEngine.java:67) ~[wss4j-ws-security-dom-2.1.4.jar:2.1.4]
      	at org.apache.wss4j.dom.engine.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:304) ~[wss4j-ws-security-dom-2.1.4.jar:2.1.4]
      	at org.springframework.ws.soap.security.wss4j2.Wss4jSecurityInterceptor.validateMessage(Wss4jSecurityInterceptor.java:664) ~[spring-ws-security-2.3.0.RELEASE.jar:2.3.0.RELEASE]
      	at org.springframework.ws.soap.security.AbstractWsSecurityInterceptor.handleRequest(AbstractWsSecurityInterceptor.java:124) ~[spring-ws-security-2.3.0.RELEASE.jar:2.3.0.RELEASE]
      	at org.springframework.ws.server.MessageDispatcher.dispatch(MessageDispatcher.java:227) ~[spring-ws-core-2.3.0.RELEASE.jar:2.3.0.RELEASE]
      	at org.springframework.ws.server.MessageDispatcher.receive(MessageDispatcher.java:176) ~[spring-ws-core-2.3.0.RELEASE.jar:2.3.0.RELEASE]
      	at org.springframework.ws.transport.support.WebServiceMessageReceiverObjectSupport.handleConnection(WebServiceMessageReceiverObjectSupport.java:89) ~[spring-ws-core-2.3.0.RELEASE.jar:2.3.0.RELEASE]
      	at org.springframework.ws.transport.http.WebServiceMessageReceiverHandlerAdapter.handle(WebServiceMessageReceiverHandlerAdapter.java:61) ~[spring-ws-core-2.3.0.RELEASE.jar:2.3.0.RELEASE]
      	at org.springframework.ws.transport.http.MessageDispatcherServlet.doService(MessageDispatcherServlet.java:293) ~[spring-ws-core-2.3.0.RELEASE.jar:2.3.0.RELEASE]
      	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) ~[spring-webmvc-4.3.2.RELEASE.jar:4.3.2.RELEASE]
      	at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872) ~[spring-webmvc-4.3.2.RELEASE.jar:4.3.2.RELEASE]
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:648) ~[servlet-api.jar:na]
      	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) ~[spring-webmvc-4.3.2.RELEASE.jar:4.3.2.RELEASE]
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) ~[servlet-api.jar:na]
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291) [catalina.jar:8.0.28]
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.28]
      	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) ~[tomcat-websocket.jar:8.0.28]
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.28]
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.28]
      	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:317) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:127) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:115) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:169) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:215) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
      	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:121) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
      	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
      	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
      	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
      	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.28]
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.28]
      	at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
      	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.28]
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.28]
      	at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:87) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
      	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.28]
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.28]
      	at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:77) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
      	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.28]
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.28]
      	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
      	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.28]
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.28]
      	at org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:119) [spring-boot-1.4.0.RELEASE.jar:1.4.0.RELEASE]
      	at org.springframework.boot.web.support.ErrorPageFilter.access$000(ErrorPageFilter.java:61) [spring-boot-1.4.0.RELEASE.jar:1.4.0.RELEASE]
      	at org.springframework.boot.web.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:94) [spring-boot-1.4.0.RELEASE.jar:1.4.0.RELEASE]
      	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
      	at org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:112) [spring-boot-1.4.0.RELEASE.jar:1.4.0.RELEASE]
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.28]
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.28]
      	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:217) [catalina.jar:8.0.28]
      	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) [catalina.jar:8.0.28]
      	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) [catalina.jar:8.0.28]
      	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142) [catalina.jar:8.0.28]
      	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) [catalina.jar:8.0.28]
      	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616) [catalina.jar:8.0.28]
      	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) [catalina.jar:8.0.28]
      	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518) [catalina.jar:8.0.28]
      	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091) [tomcat-coyote.jar:8.0.28]
      	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:673) [tomcat-coyote.jar:8.0.28]
      	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500) [tomcat-coyote.jar:8.0.28]
      	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456) [tomcat-coyote.jar:8.0.28]
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_92]
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_92]
      	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-util.jar:8.0.28]
      	at java.lang.Thread.run(Thread.java:745) [na:1.8.0_92]
      

      Here is my WebService configuration class:

      @EnableWs
      @Configuration
      public class WebServiceConfig extends WsConfigurerAdapter {
       
          private UserDetailsService userDetailsService;
       
          @Autowired
          public WebServiceConfig(UserDetailsService userDetailsService) {
              this.userDetailsService = userDetailsService;
          }
       
          @Bean
          public SpringSecurityPasswordValidationCallbackHandler securityCallbackHandler() {
              SpringSecurityPasswordValidationCallbackHandler callbackHandler = new SpringSecurityPasswordValidationCallbackHandler();
              callbackHandler.setUserDetailsService(userDetailsService);
              return callbackHandler;
          }
       
          @Bean
          public Wss4jSecurityInterceptor securityInterceptor(){
              Wss4jSecurityInterceptor securityInterceptor = new Wss4jSecurityInterceptor();
              securityInterceptor.setValidationActions("UsernameToken");
              securityInterceptor.setValidationCallbackHandler(securityCallbackHandler());
              return securityInterceptor;
          }
       
          @Override
          public void addInterceptors(List<EndpointInterceptor> interceptors) {
              interceptors.add(securityInterceptor());
              super.addInterceptors(interceptors);
          }
       
          @Bean
          public ServletRegistrationBean messageDispatcherServlet(ApplicationContext applicationContext) {
              MessageDispatcherServlet servlet = new MessageDispatcherServlet();
              servlet.setApplicationContext(applicationContext);
              servlet.setTransformWsdlLocations(true);
              return new ServletRegistrationBean(servlet, "/soap/*");
          }
       
          @Bean(name = "service")
          public DefaultWsdl11Definition defaultWsdl11Definition(XsdSchema powerAuthSchema) {
              DefaultWsdl11Definition wsdl11Definition = new DefaultWsdl11Definition();
              wsdl11Definition.setPortTypeName("PowerAuthPort");
              wsdl11Definition.setLocationUri("/soap");
              wsdl11Definition.setTargetNamespace("http://getlime.io/security/powerauth");
              wsdl11Definition.setSchema(powerAuthSchema);
              return wsdl11Definition;
          }
       
          @Bean
          public XsdSchema countriesSchema() {
              return new SimpleXsdSchema(new ClassPathResource("xsd/PowerAuth-2.0.xsd"));
          }
       
      }
      

      Here is my pom.xml file:

      <?xml version="1.0" encoding="UTF-8"?>
      <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
      	<modelVersion>4.0.0</modelVersion>
       
      	<name>powerauth-java-server</name>
      	<description>PowerAuth 2.0 Server</description>
      	<groupId>io.getlime.security</groupId>
      	<artifactId>powerauth-java-server</artifactId>
      	<version>0.12.0</version>
      	<packaging>war</packaging>
       
      	<parent>
      		<groupId>io.getlime.security</groupId>
      		<artifactId>powerauth-parent</artifactId>
      		<version>0.12.0</version>
      		<relativePath>../pom.xml</relativePath>
      	</parent>
       
      	<dependencies>
      		<dependency>
      			<groupId>org.springframework.boot</groupId>
      			<artifactId>spring-boot-starter-data-jpa</artifactId>
      		</dependency>
      		<dependency>
      			<groupId>org.springframework.boot</groupId>
      			<artifactId>spring-boot-starter-web</artifactId>
      		</dependency>
              <dependency>
                  <groupId>org.springframework.boot</groupId>
                  <artifactId>spring-boot-starter-security</artifactId>
              </dependency>
      		<dependency>
      			<groupId>org.springframework.boot</groupId>
      			<artifactId>spring-boot-starter-ws</artifactId>
      		</dependency>
      		<dependency>
      			<groupId>org.springframework.ws</groupId>
      			<artifactId>spring-ws-security</artifactId>
      		</dependency>
      		<dependency>
      			<groupId>org.springframework.boot</groupId>
      			<artifactId>spring-boot-starter-tomcat</artifactId>
      			<scope>provided</scope>
      		</dependency>
      		<dependency>
      			<groupId>org.springframework.boot</groupId>
      			<artifactId>spring-boot-starter-test</artifactId>
      			<scope>test</scope>
      		</dependency>
       
      		<dependency>
      			<groupId>wsdl4j</groupId>
      			<artifactId>wsdl4j</artifactId>
      		</dependency>
      		<dependency>
      			<groupId>xerces</groupId>
      			<artifactId>xercesImpl</artifactId>
      			<version>2.11.0</version>
      			<scope>test</scope>
      		</dependency>
       
      		<dependency>
      			<groupId>io.getlime.security</groupId>
      			<artifactId>powerauth-java</artifactId>
      			<version>0.12.0</version>
      		</dependency>
      		
      		<dependency>
      			<groupId>org.bouncycastle</groupId>
      			<artifactId>bcprov-ext-jdk15on</artifactId>
      			<version>1.55</version>
      		</dependency>
      	</dependencies>
       
      	<build>
      		<plugins>
      			<plugin>
      				<groupId>org.springframework.boot</groupId>
      				<artifactId>spring-boot-maven-plugin</artifactId>
      			</plugin>
      			<plugin>
      				<groupId>org.apache.maven.plugins</groupId>
      				<artifactId>maven-deploy-plugin</artifactId>
      				<configuration>
      					<skip>true</skip>
      				</configuration>
      			</plugin>
      			<plugin>
      				<groupId>org.codehaus.mojo</groupId>
      				<artifactId>jaxb2-maven-plugin</artifactId>
      				<version>1.6</version>
      				<executions>
      					<execution>
      						<id>xjc</id>
      						<goals>
      							<goal>xjc</goal>
      						</goals>
      					</execution>
      				</executions>
      				<configuration>
      					<schemaDirectory>${project.basedir}/src/main/resources/xsd/</schemaDirectory>
      				</configuration>
      			</plugin>
      		</plugins>
      	</build>
       
      </project>
      

      The only information I found on web about this exception is following:

      http://stackoverflow.com/questions/24522190/cxf-wss4j-maven-nosuchmethod-error/24537142

      It suggests updating Wss4j to 2.0.x version. However, this might probably break compatibility with the rest of the Spring WS Security...

      Thank you for the great work you guys do with Spring WS and looking forward hearing from you!

        Activity

        Hide
        joshis Petr Dvorak added a comment -

        Just FYI - I also ended up downgrading back to 2.2.4-RELEASE version. The issues in 2.3.0 were just too many.

        Show
        joshis Petr Dvorak added a comment - Just FYI - I also ended up downgrading back to 2.2.4-RELEASE version. The issues in 2.3.0 were just too many.
        Hide
        runeks Rune Kristian Steinseth added a comment -

        It worked for me to exclude the transitive xmlsec dependency from spring-ws-security, and add version 2.0.8:

        <dependency>
                    <groupId>org.springframework.ws</groupId>
                    <artifactId>spring-ws-security</artifactId>
                    <exclusions>
                        <exclusion>
                            <groupId>org.apache.santuario</groupId>
                            <artifactId>xmlsec</artifactId>
                        </exclusion>
                    </exclusions>
                </dependency>
                <dependency>
                    <groupId>org.apache.santuario</groupId>
                    <artifactId>xmlsec</artifactId>
                    <version>2.0.8</version>
                </dependency>
        

        Show
        runeks Rune Kristian Steinseth added a comment - It worked for me to exclude the transitive xmlsec dependency from spring-ws-security, and add version 2.0.8: <dependency> <groupId>org.springframework.ws</groupId> <artifactId>spring-ws-security</artifactId> <exclusions> <exclusion> <groupId>org.apache.santuario</groupId> <artifactId>xmlsec</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>org.apache.santuario</groupId> <artifactId>xmlsec</artifactId> <version>2.0.8</version> </dependency>
        Hide
        _AR_ Adrian Rivera added a comment -

        Rune, this worked for me - THANKS!

        Show
        _AR_ Adrian Rivera added a comment - Rune, this worked for me - THANKS!
        Hide
        tuno Denis Tunović added a comment -

        Same problem with Spring Boot 1.5.4.RELEASE

        Show
        tuno Denis Tunović added a comment - Same problem with Spring Boot 1.5.4.RELEASE
        Hide
        gregturn Greg Turnquist added a comment -

        Are you using 2.4.1.RELEASE or 3.0.0.RC1? The version of wss4j 2.0 used by the 2.x branch is 2.1.11. Does that produce the same thread leak issue?

        Additionally: in converting the project to maven, I too, excluded org.apache.santuario:xmlsec from org.apache.ws.security:wss4j (the older wss4j) due to many API collisions.

        Show
        gregturn Greg Turnquist added a comment - Are you using 2.4.1.RELEASE or 3.0.0.RC1? The version of wss4j 2.0 used by the 2.x branch is 2.1.11. Does that produce the same thread leak issue? Additionally: in converting the project to maven, I too, excluded org.apache.santuario:xmlsec from org.apache.ws.security:wss4j (the older wss4j) due to many API collisions.

          People

          • Assignee:
            Unassigned
            Reporter:
            joshis Petr Dvorak
          • Votes:
            6 Vote for this issue
            Watchers:
            12 Start watching this issue

            Dates

            • Created:
              Updated: