I am new to Drupal. I am configuring Drupal and Alfresco using CMIS. I am able to see the files and folders of Alfresco in Drupal. I am not able to retrieve those files using the cmis queries for exampleSELECT * FROM cmis:document WHERE cmis:objectId='workspace://SpacesStore/d3c5f86e-9174-4cfb-9bc9-03aa881d0810'.. I am getting the following error log:
HTTP call to [http://localhost:8080/alfresco/service/cmis/queries] returned [500].
Response: Web Script Status 500 - Internal Error Web Script Status 500 - Internal Error The Web Script /alfresco/service/cmis/queries has responded with a status of 500 - Internal Error. 500
Description: An error inside the HTTP server which prevented it from fulfilling the request.
Message:00300034 Wrapped Exception (with status template): 00300212 Failed to execute script 'classpath*:alfresco/templates/webscripts/org/alfresco/cmis/queries.post.cmisquery.js': 00300211
Exception:java.security.cert.CertificateExpiredException - NotAfter: Fri Aug 17 17:34:11 IST 2012
sun.security.x509.CertificateValidity.valid(CertificateValidity.java:256)
sun.security.x509.X509CertImpl.checkValidity(X509CertImpl.java:570)
sun.security.provider.certpath.BasicChecker.verifyTimestamp(BasicChecker.java:157)
sun.security.provider.certpath.BasicChecker.check(BasicChecker.java:109)
sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:117)
sun.security.provider.certpath.PKIXCertPathValidator.doValidate(PKIXCertPathValidator.java:328)
sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:178)
java.security.cert.CertPathValidator.validate(CertPathValidator.java:250)
sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:275)
sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:263)
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:173)
sun.security.validator.Validator.validate(Validator.java:218)
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1185)
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:893)
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1138)
com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:632)
com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:506)
org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
org.alfresco.repo.search.impl.solr.SolrQueryHTTPClient.executeQuery(SolrQueryHTTPClient.java:318)
org.alfresco.repo.search.impl.solr.SolrQueryLanguage.executeQuery(SolrQueryLanguage.java:49)
org.alfresco.repo.search.impl.solr.SolrCMISQueryServiceImpl.query(SolrCMISQueryServiceImpl.java:93)
sun.reflect.GeneratedMethodAccessor860.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.alfresco.repo.management.subsystems.SubsystemProxyFactory$1.invoke(SubsystemProxyFactory.java:65)
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
$Proxy140.query(Unknown Source)
org.alfresco.repo.cmis.rest.CMISScript.query(CMISScript.java:683)
sun.reflect.GeneratedMethodAccessor859.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.mozilla.javascript.MemberBox.invoke(MemberBox.java:155)
org.mozilla.javascript.NativeJavaMethod.call(NativeJavaMethod.java:243)
org.mozilla.javascript.optimizer.OptRuntime.call2(OptRuntime.java:76)
org.mozilla.javascript.gen.c13._c0(file:/C:/Alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/cmis/queries.post.cmisquery.js:67)
org.mozilla.javascript.gen.c13.call(file:/C:/Alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/cmis/queries.post.cmisquery.js)
org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:393)
org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:2834)
org.mozilla.javascript.gen.c13.call(file:/C:/Alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/cmis/queries.post.cmisquery.js)
org.mozilla.javascript.gen.c13.exec(file:/C:/Alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/cmis/queries.post.cmisquery.js)
org.alfresco.repo.jscript.RhinoScriptProcessor.executeScriptImpl(RhinoScriptProcessor.java:483)
org.alfresco.repo.jscript.RhinoScriptProcessor.execute(RhinoScriptProcessor.java:191)
org.alfresco.repo.processor.ScriptServiceImpl.execute(ScriptServiceImpl.java:212)
org.alfresco.repo.processor.ScriptServiceImpl.executeScript(ScriptServiceImpl.java:174)
org.alfresco.repo.web.scripts.RepositoryScriptProcessor.executeScript(RepositoryScriptProcessor.java:102)
org.springframework.extensions.webscripts.AbstractWebScript.executeScript(AbstractWebScript.java:1193)
org.alfresco.repo.cmis.rest.CMISWebScript.executeScript(CMISWebScript.java:46)
org.springframework.extensions.webscripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:86)
org.alfresco.repo.web.scripts.RepositoryContainer$2.execute(RepositoryContainer.java:393)
org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:388)
org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:462)
org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:500)
org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:316)
org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:372)
org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:209)
org.springframework.extensions.webscripts.servlet.WebScriptServlet.service(WebScriptServlet.java:118)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
org.alfresco.web.app.servlet.GlobalLocalizationFilter.doFilter(GlobalLocalizationFilter.java:58)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:470)
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:861)
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:579)
org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1584)
java.lang.Thread.run(Thread.java:662)
Exception:java.security.cert.CertPathValidatorException - timestamp check failed
sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:139)
Exception:sun.security.validator.ValidatorException - PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed
sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:289)
Exception:javax.net.ssl.SSLHandshakeException - sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
Exception:org.alfresco.repo.search.impl.lucene.LuceneQueryParserException - 00300211
org.alfresco.repo.search.impl.solr.SolrQueryHTTPClient.executeQuery(SolrQueryHTTPClient.java:364)
Exception:org.alfresco.scripts.ScriptException - 00300212 Failed to execute script 'classpath*:alfresco/templates/webscripts/org/alfresco/cmis/queries.post.cmisquery.js': 00300211
org.alfresco.repo.jscript.RhinoScriptProcessor.execute(RhinoScriptProcessor.java:195)
Exception:org.springframework.extensions.webscripts.WebScriptException - 00300034 Wrapped Exception (with status template): 00300212 Failed to execute script 'classpath*:alfresco/templates/webscripts/org/alfresco/cmis/queries.post.cmisquery.js': 00300211
org.springframework.extensions.webscripts.AbstractWebScript.createStatusException(AbstractWebScript.java:970)
Server:Community v4.0.0 (4003) schema 5,025 Time:30 Jan, 2013 12:52:18 PM
Diagnostics:Inspect Web Script (org/alfresco/cmis/queries.post)
Error returning CMIS results - check your repository is active and the query / path is correct
As #Ramsus said, it's a problem with your Solr configuration. Even if you're not directly calling Solr, you're running a CMIS query, which is internally routed by Alfresco to the search engine, i.e. Solr. It should be pretty evident from the stack trace you posted:
org.alfresco.repo.search.impl.solr.SolrQueryHTTPClient.executeQuery(SolrQueryHTTPClient.java:318)
org.alfresco.repo.search.impl.solr.SolrQueryLanguage.executeQuery(SolrQueryLanguage.java:49)
org.alfresco.repo.search.impl.solr.SolrCMISQueryServiceImpl.query(SolrCMISQueryServiceImpl.java:93)
[...]
org.alfresco.repo.cmis.rest.CMISScript.query(CMISScript.java:683)
That said, the main issue is about HTTPS and certificate validation, which fails because of an expired certificate:
Exception:java.security.cert.CertificateExpiredException - NotAfter: Fri Aug 17 17:34:11 IST 2012
sun.security.x509.CertificateValidity.valid(CertificateValidity.java:256)
You need to use a valid certificate for the HTTPS communication between Alfresco and Solr.
EDIT: As per #Will Abson comment, it's a known issue of the out of the box SSL certificate. You need to create or retrieve another valid one and configure it as described in the wiki
...
Exception:java.security.cert.CertificateExpiredException - NotAfter: Fri Aug 17 17:34:11 IST 2012
....
Probably the Alfresco Solr certificate - see http://wiki.alfresco.com/wiki/Alfresco_And_SOLR
Related
everyone.
I have an application using camel route to call url IMAP to read mail and retrieve content, from("{{route1.imap.protocol}}://{{route1.imap.host}}?username={{route1.imap.username}}&password={{route1.imap.password}}&consumer.delay={{route1.consumer.delay}}&fetchSize={{route1.fetchSize}}{{route1.otherOptions}}")"
, most of the emails are read successfully by the application. But recently, we have encountered the client sends email with Content-Transfer-Encoding:quoted-printable, then the application will throw RuntimeCamelException
org.apache.camel.RuntimeCamelException: Failed to extract body due to: Unknown encoding: quoted-printable . Exchange: Exchange[]. Message: com.sun.mail.imap.IMAPMessage#7970ebf3
at org.apache.camel.component.mail.MailBinding.extractBodyFromMail(MailBinding.java:278) ~[camel-mail-2.18.1.jar:2.18.1]
at org.apache.camel.component.mail.MailMessage.createBody(MailMessage.java:105) ~[camel-mail-2.18.1.jar:2.18.1]
at org.apache.camel.impl.MessageSupport.getBody(MessageSupport.java:47) ~[camel-core-2.18.1.jar:2.18.1]
at org.apache.camel.component.mail.MailConsumer.createExchanges(MailConsumer.java:354) ~[camel-mail-2.18.1.jar:2.18.1]
at org.apache.camel.component.mail.MailConsumer.poll(MailConsumer.java:128) ~[camel-mail-2.18.1.jar:2.18.1]
at org.apache.camel.impl.ScheduledPollConsumer.doRun(ScheduledPollConsumer.java:175) [camel-core-2.18.1.jar:2.18.1]
at org.apache.camel.impl.ScheduledPollConsumer.run(ScheduledPollConsumer.java:102) [camel-core-2.18.1.jar:2.18.1]
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) [na:1.8.0_281]
at java.util.concurrent.FutureTask.runAndReset(Unknown Source) [na:1.8.0_281]
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(Unknown Source) [na:1.8.0_281]
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(Unknown Source) [na:1.8.0_281]
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) [na:1.8.0_281]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [na:1.8.0_281]
at java.lang.Thread.run(Unknown Source) [na:1.8.0_281]
Caused by: java.io.IOException: Unknown encoding: quoted-printable
at javax.mail.internet.MimePartDataSource.getInputStream(MimePartDataSource.java:115) ~[javax.mail-1.5.5.jar:1.5.5]
at com.sun.mail.handlers.text_plain.getContent(text_plain.java:80) ~[javax.mail-1.5.5.jar:1.5.5]
at javax.activation.DataSourceDataContentHandler.getContent(Unknown Source) ~[na:1.8.0_281]
at javax.activation.DataHandler.getContent(Unknown Source) ~[na:1.8.0_281]
at javax.mail.internet.MimeMessage.getContent(MimeMessage.java:1454) ~[javax.mail-1.5.5.jar:1.5.5]
at org.apache.camel.component.mail.MailBinding.extractBodyFromMail(MailBinding.java:250) ~[camel-mail-2.18.1.jar:2.18.1]
... 13 common frames omitted
Caused by: javax.mail.MessagingException: Unknown encoding: quoted-printable
at javax.mail.internet.MimeUtility.decode(MimeUtility.java:389) ~[javax.mail-1.5.5.jar:1.5.5]
at javax.mail.internet.MimePartDataSource.getInputStream(MimePartDataSource.java:108) ~[javax.mail-1.5.5.jar:1.5.5]
I try to find the solution, which i have found maybe to set System property mail.mime.ignoreunknownencoding to "true", but i couldn't understand where to set mail.mime.ignoreunknownencoding. If anyone knows where to set? In Outlook, IMAP Server or my application properties?
And The application using dependency camel-mail:2.18.1, the dependency class MailBinding.class in the method extractBodyFromMail throw this exception. Or should I rewrite the MailBinding Class to override method extractBodyFromMail.
if anyone could help me, thank you very much.
Add some details the infos email
Date: Mon, 23 May 2022 12:50:19 +0000
From: <xxx#xxxx>
To: <xxx#xxxxx>, <xx#xxx>, <xx#xxx>
Subject: 1964790 - SCR_CNX_ADEP_STANDARD
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Content-Type: text/plain
Message-ID: <991336a1-5f3d-449a-91af-c9a54cfb2e0f#xx.xx.local>
Return-Path: xx#xxx
X-Originating-IP: [10.1.128.112]
X-ClientProxiedBy: polar.airdolomiti.local (10.1.128.215) To
polar.airdolomiti.local (10.1.128.215)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=xxxxxx.it; h=date:from:to:subject:content-transfer-encoding:mime-version:content-type:message-id; s=default; bh=2KBKjicvV/qIKyzYQAsZqkpDEKd3+uRQ8VlcakqOVx0=; b=E9wS98Kd+RrFNdRSOdPNwWT4Ga7P0/64LrM8plbjw1Fx7vtI1330ebvhVBjMNOuWlj8ctv+UmUs+GBnrEP/VNdLRv4vX+uPhq7JwWs9A6mlS0hWcOL4S711WLHrHdW8C4wXyQN4VmYfDRHx7jnhPwJBcY5RdWgjHf9sgOAfcdI4=
X-MS-Exchange-Organization-ExpirationStartTime: 23 May 2022 12:50:20.4282
(UTC)
X-MS-Exchange-Organization-ExpirationStartTimeReason: OriginalSubmit
X-MS-Exchange-Organization-ExpirationInterval: 1:00:00:00.0000000
X-MS-Exchange-Organization-ExpirationIntervalReason: OriginalSubmit
X-MS-Exchange-Organization-Network-Message-Id:
e760ac37-bb92-4d82-685f-08da3cbacba1
X-EOPAttributedMessage: 0
X-EOPTenantAttributedMessage: d3fc41ce-14c2-4518-9065-8fe78ff84136:0
X-MS-Exchange-Organization-MessageDirectionality: Incoming
X-MS-PublicTrafficType: Email
X-MS-Exchange-Organization-AuthSource:
PR2FRA01FT010.eop-fra01.prod.protection.outlook.com
X-MS-Exchange-Organization-AuthAs: Anonymous
X-MS-Office365-Filtering-Correlation-Id: e760ac37-bb92-4d82-685f-08da3cbacba1
X-MS-TrafficTypeDiagnostic: PR0P264MB2439:EE_
X-MS-Exchange-Organization-SCL: -1
X-Microsoft-Antispam: BCL:0;
X-Forefront-Antispam-Report:
CIP:151.11.112.123;CTRY:IT;LANG:en;SCL:-1;SRV:;IPV:NLI;SFV:SFE;H:mail.airdolomiti.it;PTR:mail.airdolomiti.it;CAT:NONE;SFS:;DIR:INB;
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 May 2022 12:50:20.2876
(UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: e760ac37-bb92-4d82-685f-08da3cbacba1
X-MS-Exchange-CrossTenant-Id: d3fc41ce-14c2-4518-9065-8fe78ff84136
X-MS-Exchange-CrossTenant-AuthSource:
PR2FRA01FT010.eop-fra01.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PR0P264MB2439
X-MS-Exchange-Transport-EndToEndLatency: 00:00:01.9451105
X-MS-Exchange-Processed-By-BccFoldering: 15.20.5273.022
X-Microsoft-Antispam-Mailbox-Delivery:
finally. I found the solution to modifier the properties before application run.it works.
System.getProperties().setProperty("mail.mime.ignoreunknownencoding","true");
SpringApplication.run(xxx.class, args);
Hi and thank you for helping!
Very infrequently on our Android application, we get errors that start as java.security.cert.CertificateException: Chain validation failed with then traces to the exception of Response is unreliable: its validity interval is out-of-date. This impacts API calls and media playback (as ExoPlayer 2 uses okhttp).
We manage SSL transactions via Hitch, and acquire our certificates from Let's Encrypt. What's odd is that when this issue happens, the certificates still work fine on web, iOS tvOS, and Roku, but not on Android.
The error is intermittent, and in a matter of 24-48 hours, it seems this exception no longer happens. On okhttp I see StackOverflow articles where users suggest adding custom TrustManager class into okhttp that accepts all certificates, but I see that as insecure.
My question are how can I properly log what validity interval it's receiving, vs what it expects to have, and how can I tweak the settings at the Java level to trust beyond that window so that this exception doesn't happen?
For context, here is a stack trace affecting playback.
2019-10-21 16:42:51.883 31064-32727/com.sbs.lamusica.debug E/ExoPlayerImplInternal: Source error.
com.google.android.exoplayer2.upstream.HttpDataSource$HttpDataSourceException: Unable to connect to https://interstitials.lamusica.com/lamusica/black-video.mp4
at com.google.android.exoplayer2.upstream.DefaultHttpDataSource.open(DefaultHttpDataSource.java:194)
at com.google.android.exoplayer2.upstream.DefaultDataSource.open(DefaultDataSource.java:147)
at com.google.android.exoplayer2.source.ExtractorMediaPeriod$ExtractingLoadable.load(ExtractorMediaPeriod.java:841)
at com.google.android.exoplayer2.upstream.Loader$LoadTask.run(Loader.java:308)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
at java.lang.Thread.run(Thread.java:764)
Caused by: javax.net.ssl.SSLHandshakeException: Chain validation failed
at com.android.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(ConscryptFileDescriptorSocket.java:236)
at com.android.okhttp.internal.io.RealConnection.connectTls(RealConnection.java:1480)
at com.android.okhttp.internal.io.RealConnection.connectSocket(RealConnection.java:1424)
at com.android.okhttp.internal.io.RealConnection.connect(RealConnection.java:1368)
at com.android.okhttp.internal.http.StreamAllocation.findConnection(StreamAllocation.java:219)
at com.android.okhttp.internal.http.StreamAllocation.findHealthyConnection(StreamAllocation.java:142)
at com.android.okhttp.internal.http.StreamAllocation.newStream(StreamAllocation.java:104)
at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:392)
at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:325)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:470)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:127)
at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.connect(DelegatingHttpsURLConnection.java:89)
at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:26)
at com.google.android.exoplayer2.upstream.DefaultHttpDataSource.makeConnection(DefaultHttpDataSource.java:429)
at com.google.android.exoplayer2.upstream.DefaultHttpDataSource.makeConnection(DefaultHttpDataSource.java:350)
at com.google.android.exoplayer2.upstream.DefaultHttpDataSource.open(DefaultHttpDataSource.java:192)
at com.google.android.exoplayer2.upstream.DefaultDataSource.open(DefaultDataSource.java:147)
at com.google.android.exoplayer2.source.ExtractorMediaPeriod$ExtractingLoadable.load(ExtractorMediaPeriod.java:841)
at com.google.android.exoplayer2.upstream.Loader$LoadTask.run(Loader.java:308)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
at java.lang.Thread.run(Thread.java:764)
Caused by: java.security.cert.CertificateException: Chain validation failed
at com.android.org.conscrypt.TrustManagerImpl.verifyChain(TrustManagerImpl.java:719)
at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:543)
at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:564)
at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:632)
at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:499)
at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:422)
at com.android.org.conscrypt.TrustManagerImpl.getTrustedChainForServer(TrustManagerImpl.java:343)
at android.security.net.config.NetworkSecurityTrustManager.checkServerTrusted(NetworkSecurityTrustManager.java:94)
at android.security.net.config.RootTrustManager.checkServerTrusted(RootTrustManager.java:88)
at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:208)
at com.android.org.conscrypt.ConscryptFileDescriptorSocket.verifyCertificateChain(ConscryptFileDescriptorSocket.java:426)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.NativeSsl.doHandshake(NativeSsl.java:383)
at com.android.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(ConscryptFileDescriptorSocket.java:231)
at com.android.okhttp.internal.io.RealConnection.connectTls(RealConnection.java:1480)
at com.android.okhttp.internal.io.RealConnection.connectSocket(RealConnection.java:1424)
at com.android.okhttp.internal.io.RealConnection.connect(RealConnection.java:1368)
at com.android.okhttp.internal.http.StreamAllocation.findConnection(StreamAllocation.java:219)
at com.android.okhttp.internal.http.StreamAllocation.findHealthyConnection(StreamAllocation.java:142)
at com.android.okhttp.internal.http.StreamAllocation.newStream(StreamAllocation.java:104)
at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:392)
at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:325)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:470)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:127)
at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.connect(DelegatingHttpsURLConnection.java:89)
at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:26)
at com.google.android.exoplayer2.upstream.DefaultHttpDataSource.makeConnection(DefaultHttpDataSource.java:429)
at com.google.android.exoplayer2.upstream.DefaultHttpDataSource.makeConnection(DefaultHttpDataSource.java:350)
at com.google.android.exoplayer2.upstream.DefaultHttpDataSource.open(DefaultHttpDataSource.java:192)
at com.google.android.exoplayer2.upstream.DefaultDataSource.open(DefaultDataSource.java:147)
at com.google.android.exoplayer2.source.ExtractorMediaPeriod$ExtractingLoadable.load(ExtractorMediaPeriod.java:841)
at com.google.android.exoplayer2.upstream.Loader$LoadTask.run(Loader.java:308)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
at java.lang.Thread.run(Thread.java:764)
Caused by: java.security.cert.CertPathValidatorException: Response is unreliable: its validity interval is out-of-date
2019-10-21 16:42:51.886 31064-32727/com.sbs.lamusica.debug E/ExoPlayerImplInternal: at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:135)
at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:222)
at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:140)
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:79)
at com.android.org.conscrypt.DelegatingCertPathValidator.engineValidate(DelegatingCertPathValidator.java:44)
at java.security.cert.CertPathValidator.validate(CertPathValidator.java:301)
at com.android.org.conscrypt.TrustManagerImpl.verifyChain(TrustManagerImpl.java:715)
... 34 more
Caused by: java.security.cert.CertPathValidatorException: Response is unreliable: its validity interval is out-of-date
at sun.security.provider.certpath.OCSPResponse.verify(OCSPResponse.java:619)
at sun.security.provider.certpath.RevocationChecker.checkOCSP(RevocationChecker.java:709)
at sun.security.provider.certpath.RevocationChecker.check(RevocationChecker.java:363)
at sun.security.provider.certpath.RevocationChecker.check(RevocationChecker.java:337)
at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:125)
... 40 more
Suppressed: java.security.cert.CertPathValidatorException: Could not determine revocation status
at sun.security.provider.certpath.RevocationChecker.buildToNewKey(RevocationChecker.java:1092)
at sun.security.provider.certpath.RevocationChecker.verifyWithSeparateSigningKey(RevocationChecker.java:910)
at sun.security.provider.certpath.RevocationChecker.checkCRLs(RevocationChecker.java:577)
at sun.security.provider.certpath.RevocationChecker.checkCRLs(RevocationChecker.java:465)
at sun.security.provider.certpath.RevocationChecker.check(RevocationChecker.java:394)
Here is another example stacktrace affecting an API call.
javax.net.ssl.SSLHandshakeException: Chain validation failed
at com.android.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(ConscryptFileDescriptorSocket.java:236)
at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.java:320)
at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.java:284)
at okhttp3.internal.connection.RealConnection.connect(RealConnection.java:169)
at okhttp3.internal.connection.StreamAllocation.findConnection(StreamAllocation.java:257)
at okhttp3.internal.connection.StreamAllocation.findHealthyConnection(StreamAllocation.java:135)
at okhttp3.internal.connection.StreamAllocation.newStream(StreamAllocation.java:114)
at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:42)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:94)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:125)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:264)
at okhttp3.RealCall.execute(RealCall.java:93)
at com.sbs.lamusica.ui.fragment.home.HomePagerFragment.run(HomePagerFragment.java:200)
at com.sbs.lamusica.ui.fragment.home.HomePagerFragment$FetchLocationsList.doInBackground(HomePagerFragment.java:706)
at com.sbs.lamusica.ui.fragment.home.HomePagerFragment$FetchLocationsList.doInBackground(HomePagerFragment.java:693)
at android.os.AsyncTask$2.call(AsyncTask.java:333)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:245)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
at java.lang.Thread.run(Thread.java:764)
Caused by: java.security.cert.CertificateException: Chain validation failed
at com.android.org.conscrypt.TrustManagerImpl.verifyChain(TrustManagerImpl.java:719)
at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:543)
at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:564)
at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:632)
at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:499)
at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:422)
at com.android.org.conscrypt.TrustManagerImpl.getTrustedChainForServer(TrustManagerImpl.java:343)
at android.security.net.config.NetworkSecurityTrustManager.checkServerTrusted(NetworkSecurityTrustManager.java:94)
at android.security.net.config.RootTrustManager.checkServerTrusted(RootTrustManager.java:88)
at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:208)
at com.android.org.conscrypt.ConscryptFileDescriptorSocket.verifyCertificateChain(ConscryptFileDescriptorSocket.java:426)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.NativeSsl.doHandshake(NativeSsl.java:383)
at com.android.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(ConscryptFileDescriptorSocket.java:231)
... 28 more
Caused by: java.security.cert.CertPathValidatorException: Response is unreliable: its validity interval is out-of-date
at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:135)
at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:222)
at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:140)
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:79)
at com.android.org.conscrypt.DelegatingCertPathValidator.engineValidate(DelegatingCertPathValidator.java:44)
at java.security.cert.CertPathValidator.validate(CertPathValidator.java:301)
at com.android.org.conscrypt.TrustManagerImpl.verifyChain(TrustManagerImpl.java:715)
... 41 more
Caused by: java.security.cert.CertPathValidatorException: Response is unreliable: its validity interval is out-of-date
at sun.security.provider.certpath.OCSPResponse.verify(OCSPResponse.java:619)
at sun.security.provider.certpath.RevocationChecker.checkOCSP(RevocationChecker.java:709)
at sun.security.provider.certpath.RevocationChecker.check(RevocationChecker.java:363)
at sun.security.provider.certpath.RevocationChecker.check(RevocationChecker.java:337)
at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:125)
... 47 more
Suppressed: java.security.cert.CertPathValidatorException: Could not determine revocation status
at sun.security.provider.certpath.RevocationChecker.buildToNewKey(RevocationChecker.java:1092)
at sun.security.provider.certpath.RevocationChecker.verifyWithSeparateSigningKey(RevocationChecker.java:910)
at sun.security.provider.certpath.RevocationChecker.checkCRLs(RevocationChecker.java:577)
at sun.security.provider.certpath.RevocationChecker.checkCRLs(RevocationChecker.java:465)
at sun.security.provider.certpath.RevocationChecker.check(RevocationChecker.java:394)
... 49 more
2019-07-24 23:45:18.793 1473-3146/? V/WindowManager: Relayout Window{87d24e5 u0 com.sbs.lamusica.deb
Thanks for everyone's help!
After countless searching, I finally learned that hitch actually automatically manages the retrieval of OCSP staples and it can be configured to attach them.
After our app resurfaced with this issue just now at this obscene hour, I applied the following changes on my RedHat server:
Create a /var/lib/hitch-ocsp directory
Set the ownership of /var/lib/hitch-ocsp to the hitch user
Added the following two options to the /etc/hitch/hitch.conf
ocsp-dir = "/var/lib/hitch-ocsp"
ocsp-verify-staple = on
Ran service hitch restart to rerun hitch and now I started seeing OCSP stapling on my SSL responses whenever I ran it against https://entrust.ssllabs.com/analyze.html
So far immediately after the change I am now seeing our Android app properly trust these requests, but I'll post here if the issue resurfaces.
In my case, it was enough to just set the proper system time on the device.
('Settings' > 'System' > 'Date & Time' > 'Automatic date & time').
I'm getting 'Connection timed out' on a SOAP request to another company's webservice. I have used wsimport to create the Java classes from the wsdl. I don't think its a problem on the other companies end, because they have provided me with a little app which uses the webservice to quickly test what results I should get when I code it myself, and that works fine.
In the example below I am trying to get data about 'Staff' at a school ...
OtherCompanyWebService ws = new OtherCompanyWebService();
OtherCompanyWebServicePortType port = ws.getOtherCompanyWebServiceHttpSoap11Endpoint();
ServiceRequest serviceRequest = makeMyServiceRequest();
Staff staff = port.getStaffData(serviceRequest).getStaff().getValue();
On the final line of code, I get the following error ...
javax.xml.ws.soap.SOAPFaultException: Could not send Message.
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:199)
at $Proxy52.getStaffData(Unknown Source)
at uk.co.txttools.rm.service.RmServiceImpl.runRmJob(RmServiceImpl.java:208)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy12.runRmJob(Unknown Source)
at uk.co.txttools.rm.quartz.RmJob.execute(RmJob.java:41)
at org.quartz.core.JobRunShell.run(JobRunShell.java:216)
at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:549)
Caused by: org.apache.cxf.interceptor.Fault: Could not send Message.
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:64)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:220)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:296)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:242)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:178)
... 16 more
Caused by: java.net.ConnectException: Connection timed out
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
at java.net.Socket.connect(Socket.java:529)
at sun.net.NetworkClient.doConnect(NetworkClient.java:158)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:394)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:529)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:233)
at sun.net.www.http.HttpClient.New(HttpClient.java:306)
at sun.net.www.http.HttpClient.New(HttpClient.java:323)
at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:975)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:916)
at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:841)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1019)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1834)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1792)
at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:42)
at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1852)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:593)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
Edit 1: it appears that the endpoints in the wsdl file are internal addresses. This is why I cant connect. Do I need to set these endpoints to something else in my code somehow???
Any advice? Thanks.
Like I said in the edit to the question, the endpoints in the wsdl need changing (even though this sounds crazy to me). This can be done as follows ...
BindingProvider bindingProvider = (BindingProvider) port;
bindingProvider.getRequestContext().put(
BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
"https://blah/blah/blah");
Actually I have faced similar issue; The wsdl can be accessible from any whr inside the company(Through browser).But while calling webservice(through client code) throws time out Exception. In that case what i did ,i raised a CR for making my system outside the particular domain and open the port on the system so that it would post the request using webservice client. You can consult to your (infrastructure management team who are basically installing s/w solving system related issue)
One more thing is that most of the company use microsoft based proxy. So if u can use proxy bipassing code (NTLM based) . and use that for testing perpous but that would be a through away code because any way proxy bipassing code should not go to production
I'm confused as to why I can search as an Administrator but users cannot. Please see the following error stack generated when attempting to search as a normal user.
05:57:00,784 ERROR [extensions.webscripts.AbstractRuntime] Exception from executeScript - redirecting to status template error: 08210015 Wrapped Exception (with status template): 08210835 Failed to execute script 'classpath*:alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js': 08210834 Access Denied. You do not have the appropriate permissions to perform this operation.
org.springframework.extensions.webscripts.WebScriptException: 08210015 Wrapped Exception (with status template): 08210835 Failed to execute script 'classpath*:alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js': 08210834 Access Denied. You do not have the appropriate permissions to perform this operation.
at org.springframework.extensions.webscripts.AbstractWebScript.createStatusException(AbstractWebScript.java:758)
at org.springframework.extensions.webscripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:171)
at org.alfresco.repo.web.scripts.RepositoryContainer$2.execute(RepositoryContainer.java:377)
at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:381)
at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:436)
at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:466)
at org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:304)
at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:333)
at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:189)
at org.springframework.extensions.webscripts.servlet.WebScriptServlet.service(WebScriptServlet.java:118)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.alfresco.web.app.servlet.GlobalLocalizationFilter.doFilter(GlobalLocalizationFilter.java:58)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:852)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Thread.java:619)
Caused by: org.alfresco.scripts.ScriptException: 08210835 Failed to execute script 'classpath*:alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js': 08210834 Access Denied. You do not have the appropriate permissions to perform this operation.
at org.alfresco.repo.jscript.RhinoScriptProcessor.execute(RhinoScriptProcessor.java:194)
at org.alfresco.repo.processor.ScriptServiceImpl.executeScript(ScriptServiceImpl.java:282)
at org.alfresco.repo.web.scripts.RepositoryScriptProcessor.executeScript(RepositoryScriptProcessor.java:102)
at org.springframework.extensions.webscripts.AbstractWebScript.executeScript(AbstractWebScript.java:981)
at org.springframework.extensions.webscripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:86)
... 24 more
Caused by: org.alfresco.repo.security.permissions.AccessDeniedException: 08210834 Access Denied. You do not have the appropriate permissions to perform this operation.
at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:48)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.alfresco.repo.audit.AuditMethodInterceptor.proceedWithAudit(AuditMethodInterceptor.java:217)
at org.alfresco.repo.audit.AuditMethodInterceptor.proceed(AuditMethodInterceptor.java:184)
at org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:137)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:107)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy53.getAllSetPermissions(Unknown Source)
at org.alfresco.repo.site.SiteServiceImpl.getSiteVisibility(SiteServiceImpl.java:852)
at org.alfresco.repo.site.SiteServiceImpl.createSiteInfo(SiteServiceImpl.java:823)
at org.alfresco.repo.site.SiteServiceImpl.getSiteImpl(SiteServiceImpl.java:913)
at org.alfresco.repo.site.SiteServiceImpl.getSite(SiteServiceImpl.java:894)
at org.alfresco.repo.site.script.ScriptSiteService.getSite(ScriptSiteService.java:184)
at sun.reflect.GeneratedMethodAccessor532.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:155)
at org.mozilla.javascript.NativeJavaMethod.call(NativeJavaMethod.java:243)
at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:66)
at org.mozilla.javascript.gen.c7._c1(file:/opt/alfresco/alfresco-3.4.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js:38)
at org.mozilla.javascript.gen.c7.call(file:/opt/alfresco/alfresco-3.4.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js)
at org.mozilla.javascript.optimizer.OptRuntime.callName(OptRuntime.java:97)
at org.mozilla.javascript.gen.c7._c6(file:/opt/alfresco/alfresco-3.4.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js:175)
at org.mozilla.javascript.gen.c7.call(file:/opt/alfresco/alfresco-3.4.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js)
at org.mozilla.javascript.optimizer.OptRuntime.callName(OptRuntime.java:97)
at org.mozilla.javascript.gen.c7._c13(file:/opt/alfresco/alfresco-3.4.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js:512)
at org.mozilla.javascript.gen.c7.call(file:/opt/alfresco/alfresco-3.4.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js)
at org.mozilla.javascript.optimizer.OptRuntime.callName(OptRuntime.java:97)
at org.mozilla.javascript.gen.c7._c15(file:/opt/alfresco/alfresco-3.4.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js:597)
at org.mozilla.javascript.gen.c7.call(file:/opt/alfresco/alfresco-3.4.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js)
at org.mozilla.javascript.optimizer.OptRuntime.callName(OptRuntime.java:97)
at org.mozilla.javascript.gen.c7._c16(file:/opt/alfresco/alfresco-3.4.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js:812)
at org.mozilla.javascript.gen.c7.call(file:/opt/alfresco/alfresco-3.4.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js)
at org.mozilla.javascript.optimizer.OptRuntime.callName(OptRuntime.java:97)
at org.mozilla.javascript.gen.c7._c17(file:/opt/alfresco/alfresco-3.4.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js:827)
at org.mozilla.javascript.gen.c7.call(file:/opt/alfresco/alfresco-3.4.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js)
at org.mozilla.javascript.optimizer.OptRuntime.callName0(OptRuntime.java:108)
at org.mozilla.javascript.gen.c7._c0(file:/opt/alfresco/alfresco-3.4.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js:830)
at org.mozilla.javascript.gen.c7.call(file:/opt/alfresco/alfresco-3.4.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js)
at org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:393)
at org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:2834)
at org.mozilla.javascript.gen.c7.call(file:/opt/alfresco/alfresco-3.4.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js)
at org.mozilla.javascript.gen.c7.exec(file:/opt/alfresco/alfresco-3.4.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/slingshot/search/search.get.js)
at org.alfresco.repo.jscript.RhinoScriptProcessor.executeScriptImpl(RhinoScriptProcessor.java:472)
at org.alfresco.repo.jscript.RhinoScriptProcessor.execute(RhinoScriptProcessor.java:190)
... 28 more
Caused by: net.sf.acegisecurity.AccessDeniedException: Access is denied.
at net.sf.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:86)
at net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:394)
at net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:77)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:44)
... 74 more
Has anyone seen this before? Can anyone suggest where I might start looking?
You didn't specify a lot about your setup and what you did in Share before this error occurred so this is my educated guess from the stacktrace:
You perform a site specific search, i.e. the search.js webscript is called with a siteId.
From the webscript the SiteService is called:
at org.alfresco.repo.site.SiteServiceImpl.getSite(SiteServiceImpl.java:894)
The SiteServices tries to read the permissions for the site, when the error occurs:
at $Proxy53.getAllSetPermissions
Is it possible that this is a private site and the user that is running the query has no permissions to access the site? Make sure the users are at least consumers in the site. You could also test if this occurs with public sites as well, or only with private ones.
I have implement a certain spring-ws service and when I sent a soap message I receive in spring webapplication 1 (running on tomcat 6.0.32):
Request:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:gen="http://www.foo.com/bar/webservice/generated">
<soapenv:Header/>
<soapenv:Body>
<gen:GetAllPanelWSRequest/>
</soapenv:Body>
</soapenv:Envelope>
Response
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header/>
<SOAP-ENV:Body>
<ns2:GetAllPanelWSResponse xmlns:ns2="http://www.foo.com/bar/webservice/generated">
<ns2:PanelWS ns2:Id="5">
<ns2:name>all</ns2:name>
<ns2:code>all</ns2:code>
</ns2:PanelWS>
<ns2:PanelWS ns2:Id="9">
<ns2:name>test</ns2:name>
<ns2:code>test1</ns2:code>
</ns2:PanelWS>
</ns2:GetAllPanelWSResponse>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
So far no problem. From a webappliction 2 (not using spring MVC etc.) I made a function and when I run this function it works:
Main.java:
...
public class Main {
public static void main(String[] args) {
List<PanelWS> panelWSs = CallServices.getPanelWSs();
for (PanelWS p : panelWSs) {
System.out.println("\t" + makeString(p));
}
}
...
CallServices.java
public static List<PanelWS> getPanelWSs() {
ApplicationContext ctx = new ClassPathXmlApplicationContext("applicationContext.xml");
PanelClient client = (PanelClient) ctx.getBean("client");
PanelWS panelWS = null;
// Get all panelWS
System.out.println("Get all panels...");
List<PanelWS> panelWSs = client.getAllPanelWS();
return panelWSs;
}
Output:
Get all panels...
[id=5, name=all, code=all]
[id=9, name=test, code=test1]
So this works great and as expected. But when I want to call the function
<%
List<PanelWS> panelWSs = CallServices.getPanelWSs();
%>
within a JSP (runnning on the same tomcat server) or a simple class I get the following error:
Server:
13-mei-2011 17:57:37 com.sun.xml.internal.messaging.saaj.soap.MessageImpl saveChanges
SEVERE: SAAJ0539: Unable to get header stream in saveChanges
13-mei-2011 17:57:37 com.sun.xml.internal.messaging.saaj.soap.MessageImpl saveChanges
SEVERE: SAAJ0540: Error during saving a multipart message
Client:
org.springframework.ws.soap.saaj.SaajSoapMessageException: Could not write message to OutputStream: Error during saving a multipart message; nested exception is com.sun.xml.internal.messaging.saaj.SOAPExceptionImpl: Error during saving a multipart message
I'm using the following Java version pointing to myeclipse and tomcat (runs on):
*JDK 1.6.0_13*
Jars:
xercesImpl-2.9.1.jar
xalan-2.7.1.jar
serializer-2.7.1.jar
spring-ws-1.5.9-all.jar
spring.jar(2.5.6)
xml-apis-1.3.04.jar
xml-apis-ext-1.3.04.jar
Full stacktrace of client
Message: org.springframework.ws.soap.saaj.SaajSoapMessageException: Could not write message to OutputStream: Error during saving a multipart message; nested exception is com.sun.xml.internal.messaging.saaj.SOAPExceptionImpl: Error during saving a multipart message
Error ID: #9yb3mzb7
Stack trace: org.springframework.ws.soap.saaj.SaajSoapMessage.writeTo(SaajSoapMessage.java:169)
org.springframework.ws.client.core.WebServiceTemplate.sendRequest(WebServiceTemplate.java:580)
org.springframework.ws.client.core.WebServiceTemplate.doSendAndReceive(WebServiceTemplate.java:549)
org.springframework.ws.client.core.WebServiceTemplate.sendAndReceive(WebServiceTemplate.java:502)
org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:351)
org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:345)
org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:337)
com.foo.bar.webservice.client.PanelMGMClientImpl.getAllPanelWS(PanelMGMClientImpl.java:22)
com.foo.bar.webservice.client.CallServices.getPanelWSs(CallServices.java:22)
org.apache.jsp.workspace.aclusers_jsp._jspService(aclusers_jsp.java:786)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:386)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:313)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:260)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
Fullstacktrace of server
**
**SEVERE: Servlet.service() for servlet spring-ws threw exception
java.io.IOException: org.apache.xml.serializer.ToXMLSAXHandler cannot be cast to org.apache.xml.serializer.SerializationHandler
at com.sun.xml.internal.messaging.saaj.soap.impl.EnvelopeImpl.output(EnvelopeImpl.java:298)
at com.sun.xml.internal.messaging.saaj.soap.impl.EnvelopeImpl.output(EnvelopeImpl.java:309)
at com.sun.xml.internal.messaging.saaj.soap.SOAPPartImpl.getContentAsStream(SOAPPartImpl.java:305)
at com.sun.xml.internal.messaging.saaj.soap.MessageImpl.getHeaderBytes(MessageImpl.java:947)
at com.sun.xml.internal.messaging.saaj.soap.MessageImpl.saveChanges(MessageImpl.java:1098)
at org.springframework.ws.soap.saaj.Saaj13Implementation.writeTo(Saaj13Implementation.java:268)
at org.springframework.ws.soap.saaj.SaajSoapMessage.writeTo(SaajSoapMessage.java:165)
at org.springframework.ws.transport.AbstractWebServiceConnection.send(AbstractWebServiceConnection.java:45)
at org.springframework.ws.transport.support.WebServiceMessageReceiverObjectSupport.handleConnection(WebServiceMessageReceiverObjectSupport.java:97)
at org.springframework.ws.transport.http.WebServiceMessageReceiverHandlerAdapter.handle(WebServiceMessageReceiverHandlerAdapter.java:57)
at org.springframework.ws.transport.http.MessageDispatcherServlet.doService(MessageDispatcherServlet.java:230)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:511)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.foo.bar.support.gzip.CompressionFilter.doFilter(CompressionFilter.java:30)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:96)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:168)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:236)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:864)
at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:579)
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1665)
at java.lang.Thread.run(Thread.java:619)
16-mei-2011 14:20:12 com.sun.xml.internal.messaging.saaj.soap.EnvelopeFactory createEnvelope
SEVERE: SAAJ0511: Unable to create envelope from given source**
**
hopefully this is enough information to solve the problem. I found some messages and bugs the pointing to the fact that I need to delete some Jars (xalan,xercesImpl and serializer) from the projects and add these jars to the jdk\lib\endorsed\ folder and add to tomcat the argument: -Djava.endorsed.dirs=. This works but I can't do this because the applications is running on several servers already.
Thx in advance
Alternative solution
Solved It for now while using the Apache CXF on the client. And spring-ws 1.5.9 on the server... apparently spring-ws sucks with jdk > 1.5
Maybe you should try considering updating to xerces-2.10.x, the problem can be that in jdk6 (rt.jar) there is a com.sun.org.apache.xerces package which seem to contain a jaxp 1.4 implementation, so does xerces 2.10+:
"It also contains an implementation of
the parser related portions of JAXP
1.4"
quote from here.
Are you building the binary containing the jsp as a separate process or you are building everything together? If it's separated, you can try to remove xerces and xalan from the buildpath of that package only? - If you cannot, try upgrading maybe it'll help.
Still think it would be better to have a service calling your ws and you'd invoke that service from the jsp, that way you could test it separately, but perhaps you can't do that for some reason.
If both of these fail, can you post a) full stacktrace b) some of the errors which appear if you remove xerces and xalan alltogether?
Solved It for now using the Apache CXF 2.4.0 on the client. And spring-ws 1.5.9 on the server... apparently spring-ws sucks with jdk > 1.5
This is a known issue with Spring-WS and Java 6, see ticket SWS-175. According to this ticket the solution is to remove Xalan and Xerces from your webapp classpath.