SecurityException using CXF and Mule ( bouncycastle )

mountainman99 wrote:

I've been struggling with this issue for some time now, and I need help.  So I'm trying to get started using galaxy and mule, but galaxy plays no role in this issue.  I have a mule that config loads a spring config, and I use one of the beans in the spring config as a cxf endpoint.  I've been using this setup in mule 1.4 for a while now, and it has been great.  My migration to mule 2.1 has not been as smooth.  The error I'm getting is below, and is a java.lang.SecurityException that says it can't find a manifest section for a signature file for some bouncycastle file.  I get the error with both mule 2.1.1 and 2.1.2.  It occurs as soon as I attempt to view the wsdl for the service.  Here's my eclipse project all zipped up.  It includes my pom.xml, my spring config, my mule config, and my sample classes: test-project.zip

This is occurring when I run mule within eclipse using the following run configuration:

Project: test-project
Main Class: org.mule.MuleServer
Argument: -config mule\mule-config.xml

Thanks!

********************************************************************************
Message               : Component that caused exception is: _cxfServiceComponent{http://service.com/}TestServiceService27106317. Message payload is of type: String
Type                  : org.mule.api.service.ServiceException
Code                  : MULE_ERROR--2
JavaDoc               : http://www.mulesource.org/docs/site/current2/apidocs/org/mule/api/service/ServiceException.html
Payload               : /services/TestComponentUMO?wsdl
********************************************************************************
Exception stack is:
1. no manifiest section for signature file entry org/bouncycastle/asn1/DEREnumerated.class (java.lang.SecurityException)
  sun.security.util.SignatureFileVerifier:377 (http://java.sun.com/j2se/1.5.0/docs/api/java/lang/SecurityException.html)
2. Exception occurred while trying to process http://localhost:8081/services/TestComponentUMO?wsdl (org.apache.cxf.transport.http.WSDLQueryException)
  org.apache.cxf.transport.http.WSDLQueryHandler:214 (null)
3. Component that caused exception is: _cxfServiceComponent{http://service.com/}TestServiceService27106317. Message payload is of type: String (org.mule.api.service.ServiceException)
  org.mule.component.DefaultLifecycleAdapter:208 (http://www.mulesource.org/docs/site/current2/apidocs/org/mule/api/service/ServiceException.html)
********************************************************************************
Root Exception stack trace:
java.lang.SecurityException: no manifiest section for signature file entry org/bouncycastle/asn1/DEREnumerated.class
        at sun.security.util.SignatureFileVerifier.verifySection(SignatureFileVerifier.java:377)
        at sun.security.util.SignatureFileVerifier.processImpl(SignatureFileVerifier.java:231)
        at sun.security.util.SignatureFileVerifier.process(SignatureFileVerifier.java:176)
        at java.util.jar.JarVerifier.processEntry(JarVerifier.java:233)
        at java.util.jar.JarVerifier.update(JarVerifier.java:188)
        at java.util.jar.JarFile.initializeVerifier(JarFile.java:325)
        at java.util.jar.JarFile.getInputStream(JarFile.java:390)
        at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:136)
        at java.net.URL.openStream(URL.java:1007)
        at javax.xml.xpath.SecuritySupport$4.run(SecuritySupport.java:70)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.xml.xpath.SecuritySupport.getURLInputStream(SecuritySupport.java:67)
        at javax.xml.xpath.XPathFactoryFinder._newFactory(XPathFactoryFinder.java:201)
        at javax.xml.xpath.XPathFactoryFinder.newFactory(XPathFactoryFinder.java:121)
        at javax.xml.xpath.XPathFactory.newInstance(XPathFactory.java:150)
        at javax.xml.xpath.XPathFactory.newInstance(XPathFactory.java:65)
        at org.apache.cxf.helpers.XPathUtils.<init>(XPathUtils.java:36)
        at org.apache.cxf.helpers.XPathUtils.<init>(XPathUtils.java:40)
        at org.apache.cxf.wsdl11.ServiceWSDLBuilder.addRequiredSchemaImports(ServiceWSDLBuilder.java:263)
        at org.apache.cxf.wsdl11.ServiceWSDLBuilder.buildTypes(ServiceWSDLBuilder.java:318)
        at org.apache.cxf.wsdl11.ServiceWSDLBuilder.build(ServiceWSDLBuilder.java:191)
        at org.apache.cxf.wsdl11.ServiceWSDLBuilder.build(ServiceWSDLBuilder.java:151)
        at org.apache.cxf.transport.http.WSDLQueryHandler.writeResponse(WSDLQueryHandler.java:138)
        at org.mule.transport.cxf.CxfServiceComponent.generateWSDLOrXSD(CxfServiceComponent.java:164)
        at org.mule.transport.cxf.CxfServiceComponent.onCall(CxfServiceComponent.java:108)
        at org.mule.model.resolvers.CallableEntryPointResolver.invoke(CallableEntryPointResolver.java:52)
        at org.mule.model.resolvers.DefaultEntryPointResolverSet.invoke(DefaultEntryPointResolverSet.java:50)
        at org.mule.component.DefaultLifecycleAdapter.invoke(DefaultLifecycleAdapter.java:197)
        at org.mule.component.AbstractJavaComponent.invokeComponentInstance(AbstractJavaComponent.java:83)
        at org.mule.component.AbstractJavaComponent.doInvoke(AbstractJavaComponent.java:74)
        at org.mule.component.AbstractComponent.invokeInternal(AbstractComponent.java:125)
        at org.mule.component.AbstractComponent.invoke(AbstractComponent.java:153)
        at org.mule.service.AbstractService.invokeComponent(AbstractService.java:933)
        at org.mule.model.seda.SedaService.doSend(SedaService.java:234)
        at org.mule.service.AbstractService.sendEvent(AbstractService.java:506)
        at org.mule.DefaultMuleSession.sendEvent(DefaultMuleSession.java:354)
        at org.mule.routing.inbound.DefaultInboundRouterCollection.send(DefaultInboundRouterCollection.java:220)
        at org.mule.routing.inbound.DefaultInboundRouterCollection.route(DefaultInboundRouterCollection.java:180)
        at org.mule.transport.AbstractMessageReceiver$DefaultInternalMessageListener.onMessage(AbstractMessageReceiver.java:365)
        at org.mule.transport.AbstractMessageReceiver.routeMessage(AbstractMessageReceiver.java:253)
        at org.mule.transport.AbstractMessageReceiver.routeMessage(AbstractMessageReceiver.java:194)
        at org.mule.transport.http.HttpMessageReceiver$HttpWorker.doRequest(HttpMessageReceiver.java:272)
        at org.mule.transport.http.HttpMessageReceiver$HttpWorker.processRequest(HttpMessageReceiver.java:230)
        at org.mule.transport.http.HttpMessageReceiver$HttpWorker.run(HttpMessageReceiver.java:190)
        at org.mule.work.WorkerContext.run(WorkerContext.java:310)
        at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1061)
        at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:575)
        at java.lang.Thread.run(Thread.java:595)

********************************************************************************

sblanford wrote:

I ran into this same issue today. Looking at the contents of my dependencies I see a lot of near duplicates, those with and without osgi in the name. Example:

mail.osgi-1.4.jar and mail-1.4.jar

After removing all of the dupped osgi versions my app will now start up without the SecurityException. No clue yet if its resolved the issue for good but its looking better than it has for the last few hours. hth.

Stew

mountainman99 wrote:

I've been struggling with this issue for some time now, and I need help.  So I'm trying to get started using galaxy and mule, but galaxy plays no role in this issue.  I have a mule that config loads a spring config, and I use one of the beans in the spring config as a cxf endpoint.  I've been using this setup in mule 1.4 for a while now, and it has been great.  My migration to mule 2.1 has not been as smooth.  The error I'm getting is below, and is a java.lang.SecurityException that says it can't find a manifest section for a signature file for some bouncycastle file.  I get the error with both mule 2.1.1 and 2.1.2.  It occurs as soon as I attempt to view the wsdl for the service.  Here's my eclipse project all zipped up.  It includes my pom.xml, my spring config, my mule config, and my sample classes: test-project.zip

This is occurring when I run mule within eclipse using the following run configuration:

Project: test-project
Main Class: org.mule.MuleServer
Argument: -config mule\mule-config.xml

Thanks!

********************************************************************************
Message               : Component that caused exception is: _cxfServiceComponent{http://service.com/}TestServiceService27106317. Message payload is of type: String
Type                  : org.mule.api.service.ServiceException
Code                  : MULE_ERROR--2
JavaDoc               : http://www.mulesource.org/docs/site/current2/apidocs/org/mule/api/service/ServiceException.html
Payload               : /services/TestComponentUMO?wsdl
********************************************************************************
Exception stack is:
1. no manifiest section for signature file entry org/bouncycastle/asn1/DEREnumerated.class (java.lang.SecurityException)
  sun.security.util.SignatureFileVerifier:377 (http://java.sun.com/j2se/1.5.0/docs/api/java/lang/SecurityException.html)
2. Exception occurred while trying to process http://localhost:8081/services/TestComponentUMO?wsdl (org.apache.cxf.transport.http.WSDLQueryException)
  org.apache.cxf.transport.http.WSDLQueryHandler:214 (null)
3. Component that caused exception is: _cxfServiceComponent{http://service.com/}TestServiceService27106317. Message payload is of type: String (org.mule.api.service.ServiceException)
  org.mule.component.DefaultLifecycleAdapter:208 (http://www.mulesource.org/docs/site/current2/apidocs/org/mule/api/service/ServiceException.html)
********************************************************************************
Root Exception stack trace:
java.lang.SecurityException: no manifiest section for signature file entry org/bouncycastle/asn1/DEREnumerated.class
        at sun.security.util.SignatureFileVerifier.verifySection(SignatureFileVerifier.java:377)
        at sun.security.util.SignatureFileVerifier.processImpl(SignatureFileVerifier.java:231)
        at sun.security.util.SignatureFileVerifier.process(SignatureFileVerifier.java:176)
        at java.util.jar.JarVerifier.processEntry(JarVerifier.java:233)
        at java.util.jar.JarVerifier.update(JarVerifier.java:188)
        at java.util.jar.JarFile.initializeVerifier(JarFile.java:325)
        at java.util.jar.JarFile.getInputStream(JarFile.java:390)
        at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:136)
        at java.net.URL.openStream(URL.java:1007)
        at javax.xml.xpath.SecuritySupport$4.run(SecuritySupport.java:70)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.xml.xpath.SecuritySupport.getURLInputStream(SecuritySupport.java:67)
        at javax.xml.xpath.XPathFactoryFinder._newFactory(XPathFactoryFinder.java:201)
        at javax.xml.xpath.XPathFactoryFinder.newFactory(XPathFactoryFinder.java:121)
        at javax.xml.xpath.XPathFactory.newInstance(XPathFactory.java:150)
        at javax.xml.xpath.XPathFactory.newInstance(XPathFactory.java:65)
        at org.apache.cxf.helpers.XPathUtils.<init>(XPathUtils.java:36)
        at org.apache.cxf.helpers.XPathUtils.<init>(XPathUtils.java:40)
        at org.apache.cxf.wsdl11.ServiceWSDLBuilder.addRequiredSchemaImports(ServiceWSDLBuilder.java:263)
        at org.apache.cxf.wsdl11.ServiceWSDLBuilder.buildTypes(ServiceWSDLBuilder.java:318)
        at org.apache.cxf.wsdl11.ServiceWSDLBuilder.build(ServiceWSDLBuilder.java:191)
        at org.apache.cxf.wsdl11.ServiceWSDLBuilder.build(ServiceWSDLBuilder.java:151)
        at org.apache.cxf.transport.http.WSDLQueryHandler.writeResponse(WSDLQueryHandler.java:138)
        at org.mule.transport.cxf.CxfServiceComponent.generateWSDLOrXSD(CxfServiceComponent.java:164)
        at org.mule.transport.cxf.CxfServiceComponent.onCall(CxfServiceComponent.java:108)
        at org.mule.model.resolvers.CallableEntryPointResolver.invoke(CallableEntryPointResolver.java:52)
        at org.mule.model.resolvers.DefaultEntryPointResolverSet.invoke(DefaultEntryPointResolverSet.java:50)
        at org.mule.component.DefaultLifecycleAdapter.invoke(DefaultLifecycleAdapter.java:197)
        at org.mule.component.AbstractJavaComponent.invokeComponentInstance(AbstractJavaComponent.java:83)
        at org.mule.component.AbstractJavaComponent.doInvoke(AbstractJavaComponent.java:74)
        at org.mule.component.AbstractComponent.invokeInternal(AbstractComponent.java:125)
        at org.mule.component.AbstractComponent.invoke(AbstractComponent.java:153)
        at org.mule.service.AbstractService.invokeComponent(AbstractService.java:933)
        at org.mule.model.seda.SedaService.doSend(SedaService.java:234)
        at org.mule.service.AbstractService.sendEvent(AbstractService.java:506)
        at org.mule.DefaultMuleSession.sendEvent(DefaultMuleSession.java:354)
        at org.mule.routing.inbound.DefaultInboundRouterCollection.send(DefaultInboundRouterCollection.java:220)
        at org.mule.routing.inbound.DefaultInboundRouterCollection.route(DefaultInboundRouterCollection.java:180)
        at org.mule.transport.AbstractMessageReceiver$DefaultInternalMessageListener.onMessage(AbstractMessageReceiver.java:365)
        at org.mule.transport.AbstractMessageReceiver.routeMessage(AbstractMessageReceiver.java:253)
        at org.mule.transport.AbstractMessageReceiver.routeMessage(AbstractMessageReceiver.java:194)
        at org.mule.transport.http.HttpMessageReceiver$HttpWorker.doRequest(HttpMessageReceiver.java:272)
        at org.mule.transport.http.HttpMessageReceiver$HttpWorker.processRequest(HttpMessageReceiver.java:230)
        at org.mule.transport.http.HttpMessageReceiver$HttpWorker.run(HttpMessageReceiver.java:190)
        at org.mule.work.WorkerContext.run(WorkerContext.java:310)
        at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1061)
        at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:575)
        at java.lang.Thread.run(Thread.java:595)

********************************************************************************