0

我们有一个使用 CXF 实现并在 JBoss 5.1 上运行的 Web 服务。最近我们将 CXF 从 2.3.1 升级到了 2.5.9。我们还在我们的服务中添加了 WS-Policy,因此来自客户端的 soap 请求包括一个 x509 证书令牌。但是,在处理请求时,框架ClassNotFoundException在尝试加载org.apache.ws.security.components.crypto.Merlin时抛出,位于wss4j-1.6.9.jar. 这是异常的完整调用堆栈:

java.lang.ClassNotFoundException: org.apache.ws.security.components.crypto.Merlin 
at java.net.URLClassLoader$1.run(URLClassLoader.java:200)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
at java.lang.ClassLoader.loadClass(ClassLoader.java:303)
at java.lang.ClassLoader.loadClass(ClassLoader.java:248)
at org.apache.ws.security.util.Loader.loadClass(Loader.java:252)
at org.apache.ws.security.util.Loader.loadClass(Loader.java:245)
at org.apache.ws.security.util.Loader.loadClass(Loader.java:239)
at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:109)
at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:78)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.getSignatureCrypto(PolicyBasedWSS4JInInterceptor.java:383)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.checkAsymmetricBinding(PolicyBasedWSS4JInInterceptor.java:221)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.computeAction(PolicyBasedWSS4JInInterceptor.java:585)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:238)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:100)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:122)
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:233)
at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:209)
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:189)
at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:129)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:223)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:143)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:199)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)

有趣的是,同一个 JAR 中的其他类已成功加载。例如org.apache.ws.security.util.Loader,可以在调用堆栈中看到。我试图将 JAR 放在我的 WAR 和 JBoss lib 文件夹中,但它没有解决任何问题。

有任何想法吗?

4

1 回答 1

1

找到了解决方案:从属性文件中获取的类名有一个尾随空格。删除空格后,加载类没有问题。

于 2013-03-10T15:45:29.057 回答