[SWS-476] java.lang.NoClassDefFoundError: com/sun/org/apache/xml/internal/security/Init Created: 22/Jan/09  Updated: 04/May/12  Resolved: 26/Jan/09

Status: Closed
Project: Spring Web Services
Component/s: Security
Affects Version/s: 1.5.5
Fix Version/s: 1.5.6

Type: Improvement Priority: Minor
Reporter: Routis Haralampos Assignee: Arjen Poutsma
Resolution: Cannot Reproduce Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

jdk 1.5, maven 2.0.9


Reference URL: http://forum.springframework.org/showthread.php?t=55812&highlight=java.lang.NoClassDefFoundError%3A+com%2Fsun%2Forg%2Fapache%2Fxml%2Finternal%2Fsecurity%2FInit

 Description   

Using security interceptor for certficates has the attached result. Maybe the required dependency should be added in pom.xml.

java.lang.NoClassDefFoundError: com/sun/org/apache/xml/internal/security/Init
at com.sun.xml.wss.impl.SecurableSoapMessage.<clinit>(SecurableSoapMessage.java:94)
at com.sun.xml.wss.ProcessingContext.setSOAPMessage(ProcessingContext.java:217)
at com.sun.xml.wss.impl.misc.XWSSProcessor2_0Impl.createProcessingContext(XWSSProcessor2_0Impl.java:151)
at org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor.validateMessage(XwsSecurityInterceptor.java:159)
at org.springframework.ws.soap.security.AbstractWsSecurityInterceptor.handleRequest(AbstractWsSecurityInterceptor.java:104)
at org.springframework.ws.server.MessageDispatcher.dispatch(MessageDispatcher.java:213)
at org.springframework.ws.server.MessageDispatcher.receive(MessageDispatcher.java:168)
at org.springframework.ws.transport.support.WebServiceMessageReceiverObjectSupport.handleConnection(WebServiceMessageReceiverObjectSupport.java:88)
at org.springframework.ws.transport.http.WebServiceMessageReceiverHandlerAdapter.handle(WebServiceMessageReceiverHandlerAdapter.java:57)
at org.springframework.ws.transport.http.MessageDispatcherServlet.doService(MessageDispatcherServlet.java:230)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:511)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:713)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:502)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:365)
at org.mortbay.jetty.security.ConstraintsSecurityHandler.handle(ConstraintsSecurityHandler.java:220)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:822)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:305)
at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:229)
at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:113)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:324)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:550)
at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:890)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:743)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:215)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:407)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:421)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:520)



 Comments   
Comment by Arjen Poutsma [ 22/Jan/09 ]

This class is in xmlsec, in the com.sun.org.apache.xml.security group, see http://springframework.svn.sourceforge.net/viewvc/springframework/repos/repo-ext/com/sun/org/apache/xml/security/xmlsec/2.0.

XWSS has a transative dependency to it, so things should work.

Comment by Routis Haralampos [ 23/Jan/09 ]

Maybe I missing something.
XWSS pom (found at http://download.java.net/maven/1/com.sun.xml.wss/poms/xws-security-2.0-FCS.pom) does not hava a dependency on xmlsec.
Thus, the issue is easily reproducable.

Comment by Arjen Poutsma [ 23/Jan/09 ]

Reopening to investigate further

Comment by Arjen Poutsma [ 25/Jan/09 ]

XWSS depends on xmldsig (javax.xml.crypto), which depends on xmlsec (com.sun.org.apache.xml.security). Here's the related snipped from "mvn dependency:tree":

[INFO] +- com.sun.xml.wss:xws-security:jar:2.0-FCS:compile
[INFO] |  \- javax.xml.crypto:xmldsig:jar:1.0:compile
[INFO] |     \- com.sun.org.apache.xml.security:xmlsec:jar:2.0:runtime

Comment by Routis Haralampos [ 26/Jan/09 ]

So, I believe a compile-time dependency to xmlsec has to be added. Propably this dependency should be marked as optinal since there are two ways of implementing ws-security in sprin-ws.

Comment by Arjen Poutsma [ 26/Jan/09 ]

I don't think so. runtime deps are transitive, see http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html

Also, the airline sample shows this: it depends on spring-ws-security, which depends on XWSS, which depends on xmlsec. When I run "mvn war", i clearly see xmlsec in WEB-INF/lib.

Comment by Routis Haralampos [ 26/Jan/09 ]

Arjen, you are abolutly right about my previous comment the compile time dependency (I had the impression that spring was using the missing class). I will investigate further the problem because it is rather a xwss - maven issue.

Comment by Arjen Poutsma [ 04/May/12 ]

Closing old issues

Generated at Mon Dec 18 08:47:57 UTC 2017 using JIRA 6.4.14#64029-sha1:ae256fe0fbb912241490ff1cecfb323ea0905ca5.