NPE on Signature Creation - Not what is on WIKI

> Our application (wss4j 1.5.6, cxf 2.2, tomcat 6.0) is getting an
>  intermittent NullPointer Exception on Signature Creation (see stack trace
>  below). This occurs in a non-deterministic fashion thus making
>  reproduction near impossible (to date). I had hope when I saw the wiki
>  page
> (http://wiki.apache.org/ws/FrontPage/WsFx/wss4jFAQ#npe) but - as is
> recommended on the page - i printed out our XML parser and it is
> org.apache.xerces.jaxp.DocumentBuilderFactoryImpl. When this occurs it is
> always in the same part of our application - 6 parallel SOAP requests are
> sent (to a separate server) and 1 or 2 end up failing (intermittently) in
> the WSS4JOutInterceptor used by CXF.
>
> Has anyone seen this before and have a solution?
>
> Should this be a JIRA item?
>
> Thanks a bunch for any help!
>
> org.apache.cxf.binding.soap.SoapFault: Security processing failed.
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInt
> ernal.handleMessage(WSS4JOutInterceptor.java:236) at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInt
> ernal.handleMessage(WSS4JOutInterceptor.java:107) at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
> n.java:236) at
>  org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:469) at
>  org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299) at
>  org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251) at
> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
>         at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
>         at $Proxy60.findInstitutionalMetaData(Unknown Source)
>         at
> edu.cmu.s3.ui.billing.internal.server.service.aging.report.AgingReportServi
> ceImpl.getFilterData(AgingReportServiceImpl.java:107) at
> edu.cmu.s3.ui.billing.internal.server.service.aging.report.AgingReportServi
> ceImpl.getAllColleges(AgingReportServiceImpl.java:50) at
>  sun.reflect.GeneratedMethodAccessor95.invoke(Unknown Source) at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImp
> l.java:25) at java.lang.reflect.Method.invoke(Method.java:597)
>         at
> com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:527)
>         at
> edu.cmu.s3.ui.billing.common.server.dispatcher.GwtRpcDispatcher.processCall
> (GwtRpcDispatcher.java:66) at
> com.google.gwt.user.server.rpc.RemoteServiceServlet.doPost(RemoteServiceSer
> vlet.java:86) at
> edu.cmu.s3.ui.billing.common.server.dispatcher.GwtRpcDispatcher.handleReque
> st(GwtRpcDispatcher.java:47) at
> org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(S
> impleControllerHandlerAdapter.java:48) at
> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServ
> let.java:875) at
> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServl
> et.java:807) at
> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkSe
> rvlet.java:571) at
> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.ja
> va:511) at javax.servlet.http.HttpServlet.service(HttpServlet.java:637) at
>  javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicatio
> nFilterChain.java:290) at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterC
> hain.java:206) at
> edu.cmu.s3.ui.billing.common.server.servlet.ServiceContextLoginFilter.doFil
> ter(ServiceContextLoginFilter.java:72) at
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(Delegat
> ingFilterProxy.java:236) at
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFil
> terProxy.java:167) at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicatio
> nFilterChain.java:235) at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterC
> hain.java:206) at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.j
> ava:233) at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.j
> ava:191) at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:12
> 8) at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:10
> 2) at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.jav
> a:109) at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
>         at
> org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
>         at
> org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
>         at
>  org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:769) at
> org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:698
> ) at
> org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.jav
> a:891) at
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.ja
> va:690) at java.lang.Thread.run(Thread.java:619)
> Caused by: org.apache.ws.security.WSSecurityException: Error during
> Signature: ; nested exception is:
>         org.apache.ws.security.WSSecurityException: Signature creation
> failed; nested exception is:
>         java.lang.NullPointerException
>         at
> org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:
> 57) at
> org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:201)
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInt
> erceptor.java:47) at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInt
> ernal.handleMessage(WSS4JOutInterceptor.java:221) ... 44 more
> Caused by: org.apache.ws.security.WSSecurityException: Signature creation
> failed; nested exception is:
>         java.lang.NullPointerException
>         at
> org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignatu
> re.java:715) at
> org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:772
> ) at
> org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:
> 54) ... 47 more
>

>  which uses WSS4J
>  1.5.7. It is easy enough to have CXF use WSS4J 1.5.8 by modifying one POM,
>  but I don't really want to muck with the CXF POMs to get it to 2.2.4.
>
> Thanks!
>
> mike
>
> dkulp wrote:
> > Definitely move up to a newer version of CXF and WSS4J.   I THINK you are
> > hitting a thread safety issue in WSS4J that I fixed for 1.5.7 or 1.5.8.
> >
> > http://svn.apache.org/viewvc?view=revision&revision=757489
> >
> > I was hitting same NPE type things when doing some scalability testing
> > with
> > CXF back in march.    Took quite a while to track that down.
> >
> > Dan
> >
> > On Tue October 20 2009 11:32:10 am carpmike wrote:
> >> Our application (wss4j 1.5.6, cxf 2.2, tomcat 6.0) is getting an
> >>  intermittent NullPointer Exception on Signature Creation (see stack
> >> trace
> >>  below). This occurs in a non-deterministic fashion thus making
> >>  reproduction near impossible (to date). I had hope when I saw the wiki
> >>  page
> >> (http://wiki.apache.org/ws/FrontPage/WsFx/wss4jFAQ#npe) but - as is
> >> recommended on the page - i printed out our XML parser and it is
> >> org.apache.xerces.jaxp.DocumentBuilderFactoryImpl. When this occurs it
> >> is always in the same part of our application - 6 parallel SOAP requests
> >> are sent (to a separate server) and 1 or 2 end up failing
> >> (intermittently) in the WSS4JOutInterceptor used by CXF.
> >>
> >> Has anyone seen this before and have a solution?
> >>
> >> Should this be a JIRA item?
> >>
> >> Thanks a bunch for any help!
> >>
> >> org.apache.cxf.binding.soap.SoapFault: Security processing failed.
> >>         at
> >> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptor
> >>Int ernal.handleMessage(WSS4JOutInterceptor.java:236) at
> >> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptor
> >>Int ernal.handleMessage(WSS4JOutInterceptor.java:107) at
> >> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC
> >>hai n.java:236) at
> >>  org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:469) at
> >>  org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299) at
> >>  org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251) at
> >> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> >>         at
> >> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
> >>         at $Proxy60.findInstitutionalMetaData(Unknown Source)
> >>         at
> >> edu.cmu.s3.ui.billing.internal.server.service.aging.report.AgingReportSe
> >>rvi ceImpl.getFilterData(AgingReportServiceImpl.java:107) at
> >> edu.cmu.s3.ui.billing.internal.server.service.aging.report.AgingReportSe
> >>rvi ceImpl.getAllColleges(AgingReportServiceImpl.java:50) at
> >>  sun.reflect.GeneratedMethodAccessor95.invoke(Unknown Source) at
> >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
> >>Imp l.java:25) at java.lang.reflect.Method.invoke(Method.java:597)
> >>         at
> >> com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:527)
> >>         at
> >> edu.cmu.s3.ui.billing.common.server.dispatcher.GwtRpcDispatcher.processC
> >>all (GwtRpcDispatcher.java:66) at
> >> com.google.gwt.user.server.rpc.RemoteServiceServlet.doPost(RemoteService
> >>Ser vlet.java:86) at
> >> edu.cmu.s3.ui.billing.common.server.dispatcher.GwtRpcDispatcher.handleRe
> >>que st(GwtRpcDispatcher.java:47) at
> >> org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handl
> >>e(S impleControllerHandlerAdapter.java:48) at
> >> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherS
> >>erv let.java:875) at
> >> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherSe
> >>rvl et.java:807) at
> >> org.springframework.web.servlet.FrameworkServlet.processRequest(Framewor
> >>kSe rvlet.java:571) at
> >> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet
> >>.ja va:511) at
> >> javax.servlet.http.HttpServlet.service(HttpServlet.java:637) at
> >>  javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at
> >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
> >>tio nFilterChain.java:290) at
> >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
> >>erC hain.java:206) at
> >> edu.cmu.s3.ui.billing.common.server.servlet.ServiceContextLoginFilter.do
> >>Fil ter(ServiceContextLoginFilter.java:72) at
> >> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(Dele
> >>gat ingFilterProxy.java:236) at
> >> org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegating
> >>Fil terProxy.java:167) at
> >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
> >>tio nFilterChain.java:235) at
> >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
> >>erC hain.java:206) at
> >> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv
> >>e.j ava:233) at
> >> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv
> >>e.j ava:191) at
> >> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java
> >>:12 8) at
> >> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
> >>:10 2) at
> >> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.
> >>jav a:109) at
> >> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:2
> >>93) at
> >> org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
> >>         at
> >> org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
> >>         at
> >>  org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:769) at
> >> org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:
> >>698 ) at
> >> org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.
> >>jav a:891) at
> >> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool
> >>.ja va:690) at java.lang.Thread.run(Thread.java:619)
> >> Caused by: org.apache.ws.security.WSSecurityException: Error during
> >> Signature: ; nested exception is:
> >>         org.apache.ws.security.WSSecurityException: Signature creation
> >> failed; nested exception is:
> >>         java.lang.NullPointerException
> >>         at
> >> org.apache.ws.security.action.SignatureAction.execute(SignatureAction.ja
> >>va: 57) at
> >> org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:2
> >>01) at
> >> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOut
> >>Int erceptor.java:47) at
> >> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptor
> >>Int ernal.handleMessage(WSS4JOutInterceptor.java:221) ... 44 more
> >> Caused by: org.apache.ws.security.WSSecurityException: Signature
> >> creation failed; nested exception is:
> >>         java.lang.NullPointerException
> >>         at
> >> org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSign
> >>atu re.java:715) at
> >> org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:
> >>772 ) at
> >> org.apache.ws.security.action.SignatureAction.execute(SignatureAction.ja
> >>va: 54) ... 47 more
>