CXF - Invalid UTF-8 start byte 0x8b (at char #2, byte #-1)

Problem/Cause

You get this error when you are working with a CXF client which receives a response with content encoding GZIP.

In my case I was working with Apache Camel, using a cxfEndPoint and simulating the server with SoapUI.

Content-Encoding: gzip
Server: Jetty(6.1.26)
Transfer-Encoding: chunked
Content-Type: text/xml; charset=utf-8

Solution

Just add org.apache.cxf.transport.common.gzip.GZIPInInterceptor as interceptor for incoming messages. This class will parse the response and decompressit.

<bean id="loggingOutInterceptor" class="org.apache.cxf.interceptor.LoggingOutInterceptor"/>
<bean id="loggingInInterceptor" class="org.apache.cxf.interceptor.LoggingInInterceptor"/>
<bean id="gziptInterceptor" class="org.apache.cxf.transport.common.gzip.GZIPInInterceptor"/>

<cxf:cxfEndpoint id="dllCrytpoWSEndpoint"
 address="https://localhost:9443/mockDllCryptoServiceSoap"
 serviceClass="XXXXX.DllCryptoServiceSoap" serviceName="ssp:DllCryptoService"
 endpointName="{http://XXXXX}DllCryptoServiceSoap"
 wsdlURL="src/main/resources/wsdl/DllCryptoServiceSoap.wsdl" xmlns:ssp="http://XXXXX"
 loggingFeatureEnabled="true">

 <cxf:outInterceptors>
  <ref bean="loggingOutInterceptor" />
 </cxf:outInterceptors>

 <cxf:inInterceptors>
  <ref bean="gziptInterceptor" />
  <ref bean="loggingInInterceptor" />
 </cxf:inInterceptors>

</cxf:cxfEndpoint>

SQLServer Could not open error log file ''. Operating system error = 3(The system cannot find the path specified.).

Problem

SQLServer fail on service start. Checking Windows Event Viewer you see Could not open error log file ''. Operating system error = 3

Cause

This is a problem related with user permissions. SQLServer does not has permissions in some folder.

Solution

Go to Services, select SQL Servers service, go to properties and finally Log On tab. In thid tab, check Log on as Local System account.

javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name

This error occurs when you are trying to connect to a https direction and the host name does not match de server name returned in the response message.

javax.net.ssl.SSLProtocolException: handshake alert:  unrecognized_name
        sun.security.ssl.ClientHandshaker.handshakeAlert(ClientHandshaker.java:1292)
        sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1952)
        sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1077)
        sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
        sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
        sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
        sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
        sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
        sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1300)
        sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
        org.apache.xerces.impl.XMLEntityManager.setupCurrentEntity(XMLEntityManager.java:986)
        org.apache.xerces.impl.XMLVersionDetector.determineDocVersion(XMLVersionDetector.java:143)
        org.apache.xerces.parsers.XML11Configuration.parse(XML11Configuration.java:802)
        org.apache.xerces.parsers.XML11Configuration.parse(XML11Configuration.java:768)
        org.apache.xerces.parsers.XMLParser.parse(XMLParser.java:108)
        org.apache.xerces.parsers.DOMParser.parse(DOMParser.java:230)
        org.apache.xerces.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:285)
        com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2101)
        com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2303)
        com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2335)
        org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.java:263)
        org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.java:206)
        org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.java:98)
        org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:204)
        org.apache.cxf.jaxws.ServiceImpl.<init>(ServiceImpl.java:149)
        org.jboss.wsf.stack.cxf.client.ProviderImpl$JBossWSServiceImpl.<init>(ProviderImpl.java:509)
        org.jboss.wsf.stack.cxf.client.ProviderImpl.createServiceDelegate(ProviderImpl.java:204)
        javax.xml.ws.Service.<init>(Service.java:57)
        javax.xml.ws.Service.create(Service.java:687)
        org.springframework.remoting.jaxws.LocalJaxWsServiceFactory.createJaxWsService(LocalJaxWsServiceFactory.java:137)
        org.springframework.remoting.jaxws.JaxWsPortClientInterceptor.prepare(JaxWsPortClientInterceptor.java:334)
        org.springframework.remoting.jaxws.JaxWsPortClientInterceptor.invoke(JaxWsPortClientInterceptor.java:484)
        org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
        org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
        com.sun.proxy.$Proxy118.getPerfilesUsuario(Unknown Source)

Using apache, you have to configure propertly the virtual host. Set ServerName and ServerAlias to match de domain name.

<VirtualHost _default_:443>

(..)

ServerName jboss01.localdomain:443
ServerAlias jboss01.localdomain

(...)

SSLCertificateFile /etc/httpd/keystores/server_jboss01.cer
SSLCertificateKeyFile /etc/httpd/keystores/server_jboss01.key
SSLCertificateChainFile /etc/httpd/keystores/server_cas.pem

(...)
</VirtualHost>

In this case, the URL should be https://jboss01.localdomain/xxxxxx.

Note, in the server certificate, the Common Name (CN) must be also jboss01.localdomain

CXF Repository

Just for my remind.

https://svn.apache.org/repos/asf/cxf/

Export SpringBean as Servlet Context Attribute

Suppouse you have a bean callede "oneSpringBean" in your Root Application Context and you want to read it from a Servlet.

There are two solutions.
Simple way, when there is not context mess:

In the servlet you get the bean using WebApplicationContextUtils.getWebApplicationContext(getServletContext()).getBean("oneSpringBean")


Complex way, when you have custom context scopes:

<bean class="org.springframework.web.context.support.ServletContextAttributeExporter">
 <property name="attributes">
  <map>
   <entry key="myAttribute" value-ref="oneSpringBean" />
  </map>
 </property>
</bean>

In the servlet you get the bean using getServletContext().getAttribute("myAttribute")

JBoss CLI enable SSL

Domain Mode, profile full-ha:

/profile=full-ha/subsystem=web/connector=HTTPS/:add(socket-binding=https,scheme=https,protocol=HTTP/1.1,secure=true)
/profile=full-ha/subsystem=web/connector=HTTPS/ssl=configuration:add(name=https)

/profile=full-ha/subsystem=web/connector=HTTPS/ssl=configuration/:write-attribute(name=certificate-key-file,value="/opt/jboss/domain/configuration/certificates/jboss_identity(1234).jks")
/profile=full-ha/subsystem=web/connector=HTTPS/ssl=configuration/:write-attribute(name=password,value="1234")
/profile=full-ha/subsystem=web/connector=HTTPS/ssl=configuration/:write-attribute(name=key-alias,value="jboss-identity")
/profile=full-ha/subsystem=web/connector=HTTPS/ssl=configuration/:write-attribute(name=keystore-type,value=jks)

/profile=full-ha/subsystem=web/connector=HTTPS/ssl=configuration/:write-attribute(name=certificate-file,value="/opt/jboss/domain/configuration/certificates/jboss_truststore(1234).jks")
/profile=full-ha/subsystem=web/connector=HTTPS/ssl=configuration/:write-attribute(name=truststore-type,value=jks)


/host=master/system-property="javax.net.ssl.trustStore":add(value="/opt/jboss/domain/configuration/certificates/jboss_truststore(1234).jks")
/host=master/system-property="javax.net.ssl.trustStorePassword":add(value="1234")

Standalone Mode:

/subsystem=web/connector=HTTPS/:add(socket-binding=https,scheme=https,protocol=HTTP/1.1,secure=true)
/subsystem=web/connector=HTTPS/ssl=configuration:add(name=https)

/subsystem=web/connector=HTTPS/ssl=configuration/:write-attribute(name=certificate-key-file,value="/opt/jboss/standalone/configuration/certificates/jboss_identity(1234).jks")
/subsystem=web/connector=HTTPS/ssl=configuration/:write-attribute(name=password,value="1234")
/subsystem=web/connector=HTTPS/ssl=configuration/:write-attribute(name=key-alias,value="jboss-identity")
/subsystem=web/connector=HTTPS/ssl=configuration/:write-attribute(name=keystore-type,value=jks)

/subsystem=web/connector=HTTPS/ssl=configuration/:write-attribute(name=certificate-file,value="/opt/jboss/standalone/configuration/certificates/jboss_truststore(1234).jks")
/subsystem=web/connector=HTTPS/ssl=configuration/:write-attribute(name=truststore-type,value=jks)


/system-property="javax.net.ssl.trustStore":add(value="/opt/jboss/standalone/configuration/certificates/jboss_truststore(1234).jks")
/system-property="javax.net.ssl.trustStorePassword":add(value="1234")

Note. You can replace "/opt/jboss" (my jboss home dir) with "${jboss.home.dir}"

mod_cluster + JBoss + SSL: Network is unreachable

 Working with mod_cluster and SSL you can get this exception:

ERROR [org.jboss.modcluster] (ContainerBackgroundProcessor[StandardEngine[jboss.web]]) MODCLUSTER000043: Failed to send INFO to 255.255.255.255/255.255.255.255:443: java.net.ConnectException: Network is unreachable
        at java.net.PlainSocketImpl.socketConnect(Native Method) [rt.jar:1.7.0_75]
        at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339) [rt.jar:1.7.0_75]
        at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200) [rt.jar:1.7.0_75]
        at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182) [rt.jar:1.7.0_75]
        at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) [rt.jar:1.7.0_75]
        at java.net.Socket.connect(Socket.java:579) [rt.jar:1.7.0_75]
        at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:625) [jsse.jar:1.7.0_75]
        at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler$Proxy.getConnection(DefaultMCMPHandler.java:818)
        at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler$Proxy.getConnectionWriter(DefaultMCMPHandler.java:841)
        at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler.sendRequest(DefaultMCMPHandler.java:482)
        at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler.sendRequest(DefaultMCMPHandler.java:583)
        at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler.status(DefaultMCMPHandler.java:370)
        at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler.status(DefaultMCMPHandler.java:350)
        at org.jboss.modcluster.ModClusterService.status(ModClusterService.java:458)
        at org.jboss.modcluster.container.catalina.CatalinaEventHandlerAdapter.lifecycleEvent(CatalinaEventHandlerAdapter.java:249)
        at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:115) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
        at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1323) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1588) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1574) [jbossweb-7.2.2.Final-redhat-1.jar:7.2.2.Final-redhat-1]
        at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_75]

You need to set apache server (httpd) in the proxy list:

The error will not disapear, but at least apache will bind with JBoss and work propertly.