Problems with Spring WS Streaming Attachments with Security Interceptor

[craigwarren]

Hi,

I'm having problems getting Spring WS to receive a request which has a file attached and use streaming. The problem is I get the following exception whenever I try to use a security interceptor:

Code:

2011-01-11 15:10:05,132 DEBUG [org.springframework.ws.soap.server.SoapMessageDispatcher] - 
java.lang.IllegalArgumentException: Error in converting SOAP Envelope to Document
    at org.springframework.ws.soap.axiom.support.AxiomUtils.toDocument(AxiomUtils.java:135)
    at org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor.toDocument(Wss4jSecurityInterceptor.java:621)
    at org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor.validateMessage(Wss4jSecurityInterceptor.java:492)
    at org.springframework.ws.soap.security.AbstractWsSecurityInterceptor.handleRequest(AbstractWsSecurityInterceptor.java:104)
    at org.springframework.ws.server.MessageDispatcher.dispatch(MessageDispatcher.java:213)
    at org.springframework.ws.server.MessageDispatcher.receive(MessageDispatcher.java:168)
    at org.springframework.ws.transport.support.WebServiceMessageReceiverObjectSupport.handleConnection(WebServiceMessageReceiverObjectSupport.java:88)
    at org.springframework.ws.transport.http.WebServiceMessageReceiverHandlerAdapter.handle(WebServiceMessageReceiverHandlerAdapter.java:57)
    at org.springframework.ws.transport.http.MessageDispatcherServlet.doService(MessageDispatcherServlet.java:230)
    at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571)
    at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:511)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:530)
    at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:426)
    at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119)
    at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:457)
    at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:229)
    at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:931)
    at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:361)
    at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:186)
    at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:867)
    at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)
    at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:245)
    at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:126)
    at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:113)
    at org.eclipse.jetty.server.Server.handle(Server.java:337)
    at org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:581)
    at org.eclipse.jetty.server.HttpConnection$RequestHandler.content(HttpConnection.java:1020)
    at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:775)
    at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:228)
    at org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:417)
    at org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:474)
    at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:437)
    at java.lang.Thread.run(Thread.java:595)
Caused by: org.apache.axiom.om.OMException: java.util.NoSuchElementException
    at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:249)
    at org.apache.axiom.om.impl.llom.OMNodeImpl.build(OMNodeImpl.java:327)
    at org.apache.axiom.om.impl.llom.OMElementImpl.build(OMElementImpl.java:706)
    at org.springframework.ws.soap.axiom.support.AxiomUtils.toDocument(AxiomUtils.java:125)
    ... 34 more
Caused by: java.util.NoSuchElementException
    at com.ctc.wstx.sr.BasicStreamReader.next(BasicStreamReader.java:1083)
    at org.apache.axiom.om.impl.builder.StAXOMBuilder.parserNext(StAXOMBuilder.java:506)
    at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:161)
    ... 37 more

I am using the Axiom Message Factory:

Code:

<bean id="messageFactory" class="org.springframework.ws.soap.axiom.AxiomSoapMessageFactory">
    <property name="payloadCaching" value="false"/>
    <property name="attachmentCaching" value="true"/>
    <property name="attachmentCacheThreshold" value="1024" />
</bean>

My endpoint mapping uses the wss4jSecurityInterceptor:

Code:

<bean class="org.springframework.ws.server.endpoint.mapping.PayloadRootQNameEndpointMapping">
    <property name="mappings">
        <props>
            <prop key="{http://www.aquilauk.co.uk/hribulkupload}BulkHRRequest">hriBulkUploadEndpoint</prop>
        </props>
    </property>
     <property name="interceptors">
        <list>
            <!-- <bean class="org.springframework.ws.server.endpoint.interceptor.PayloadLoggingInterceptor"/> -->
            <ref bean="wss4jSecurityInterceptor"/>
        </list>            
    </property>
</bean>

and my security interceptor has been set up to not make use of the Payload:

Code:

<bean id="wss4jSecurityInterceptor" class="org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor">
    <property name="validationActions" value="UsernameToken" />
    <property name="validationCallbackHandler" ref="springWSS4JHandler"/>
    <property name="secureResponse" value="false"/>
    <property name="secureRequest" value="false" />
</bean> 


<bean id="acegiWSS4JHandler" 
    class="org.springframework.ws.soap.security.wss4j.callback.SpringPlainTextPasswordValidationCallbackHandler">
    <property name="authenticationManager" ref="authenticationManager"/>
</bean>

Thanks in advance,
Craig

[mada]

To correct this, set AxiomSoapMessageFactory's payloadCaching="true" which still exposes the app to OutOfMemory problems.
Or/ And try to to use axiom-impl 1.2.8. The 1.2.9 raises problems.

[craigwarren]

I've tried PayloadCaching=true, but as expected it results in an OutOfMemoryError when I transmit a large file.

I was using 1.2.7 of axiom and have upgraded to 1.2.8 but I still have the same problems.

[mada]

Is your goal is to send Big files in attachement without out of memory ?

Avoid AxiomSoapMessageFactory and use the default one and add SAAJ RI 1.3.4
& set the system property "saaj.use.mimepull" to "true". This would allowing handling of large attachments in incoming messages (store in fact in the temp directory).

See details here :
http://weblogs.java.net/blog/kumarja...es-saaj-ri-134

Test it by monitoring with jconsole. (i have try attachment of 150mo in a request without problem with tomcat with only basic unchanged settings (64mo)).

[craigwarren]

I found the problem:

my wss4jSecurityInterceptor had an incorrect setup:

Code:

<property name="secureRequest" value="false" />
<property name="secureResponse" value="false" />

should have been

Code:

<property name="validateRequest" value="false" />
<property name="validateResponse" value="false" />

The security interceptor now successfully validates the request.