Dear Paul,
I understood problem thanks to you again... The bank we are cooperating gave
us a payment library but now I can see that they included xerces
implementation inside in their jar unfortunately. I am not sure what I
should to do solve this problem. And of course it can cause a lot of other
problems...
:(
Thanks
Paul Sandoz wrote:
>
>
> On Dec 30, 2009, at 12:42 PM, Cemo Koc wrote:
>
>>
>> Hi Paul,
>>
>> I am using JAXB implementation of Sun.
>>
>> <dependency>
>> <groupId>com.sun.xml.bind</groupId>
>> <artifactId>jaxb-impl</artifactId>
>> <version>2.1.12</version>
>> </dependency>
>>
>> But I do not know why it is raising exceptions?
>>
>
> It is not JAXB but the SAXParser implementation supplied by Apache
> Xerces.
>
> I think some other dependency must be including Apache Xerces that
> does not support the feature.
>
> What does the following output:
>
> mvn dependency:tree
>
> Paul.
>
>> Thanks
>>
>>
>>
>>
>>
>> Paul Sandoz wrote:
>>>
>>> Hi Cemo,
>>>
>>> On Dec 29, 2009, at 6:28 PM, Cemo Koc wrote:
>>>
>>>>
>>>> Hi all,
>>>>
>>>> I have GFv3 server with 5 application. Each of them has own client
>>>> module
>>>> with Jersey Client. I am using latest snapshot of Jersey...
>>>>
>>>> My problem is about SAX...
>>>>
>>>> [#|2009-12-29T18:15:09.879+0200|WARNING|glassfishv3.0|
>>>> com.sun.jersey.core.impl.provider.xml.SAXParserContextProvider|
>>>> _ThreadID=27;_ThreadName=Thread-1;|JAXP
>>>> feature XMLConstants.FEATURE_SECURE_PROCESSING cannot be set on a
>>>> SAXParserFactory. External general entity processing is disbaled but
>>>> other
>>>> potential securty related features will not be enabled.
>>>> org.xml.sax.SAXNotRecognizedException: Feature
>>>> 'http://javax.xml.XMLConstants/feature/secure-processing' is not
>>>> recognized.
>>>> at
>>>> org.apache.xerces.parsers.AbstractSAXParser.setFeature(Unknown
>>>> Source)
>>>> at org.apache.xerces.jaxp.SAXParserImpl.setFeatures(Unknown
>>>> Source)
>>>> at org.apache.xerces.jaxp.SAXParserImpl.<init>(Unknown Source)
>>>>
>>>>
>>>> 1) Is there anyone who has idea about what is causing this
>>>> exception?
>>>>
>>>
>>> The Apache Xerces implementation that you are using, and included in
>>> the war?, does not support the feature
>>> "http://javax.xml.XMLConstants/feature/secure-processing
>>> ":
>>>
>>>
>>> http://java.sun.com/javase/6/docs/api/javax/xml/XMLConstants.html#FEATURE_SECURE_PROCESSING
>>>
>>> By default Jersey will enabled secure XML processing where possible
>>> and log a warning if this cannot be set.
>>>
>>>
>>>>
>>>> My second attempt to solve problem in my client to prohibit its
>>>> usage I
>>>> tried to use
>>>>
>>>>
>>>> DefaultClientConfig config = new DefaultClientConfig();
>>>>
>>>> config
>>>> .getProperties().put(ClientConfig.FEATURE_DISABLE_XML_SECURITY,
>>>> "true");
>>>> client = Client.create(config);
>>>>
>>>
>>>
>>> You need to do the following:
>>>
>>> config.getFeatures().put(ClientConfig.FEATURE_DISABLE_XML_SECURITY,
>>> true);
>>>
>>>
>>>> and
>>>>
>>>>
>>>> <param-name>com.sun.jersey.config.feature.DisableXmlSecurity</param-
>>>> name>
>>>> <param-value>true</param-value>
>>>>
>>>
>>> The above is correct for server configuration in the web.xml.
>>>
>>>
>>>> But when I am debugging I could sometimes successfully see another
>>>> Config
>>>> which has that feature enabled...
>>>>
>>>> disableXmlSecurity =
>>>> fps.getFeature(FeaturesAndProperties.FEATURE_DISABLE_XML_SECURITY);
>>>>
>>>>
>>>> 2 ) Is this behaviour expected?
>>>>
>>>>
>>>> 3 ) How can I fix these errors?
>>>>
>>>
>>> Upgrade Xerces to a JAXP supported version (assuming there is one) or
>>> use the default provided by the JDK.
>>>
>>> Paul.
>>>
>>>
>>
>> --
>> View this message in context:
>> http://n2.nabble.com/SAXParserContextProvider-and-secure-processing-Exception-tp4228536p4231890.html
>> Sent from the Jersey mailing list archive at Nabble.com.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe_at_jersey.dev.java.net
>> For additional commands, e-mail: users-help_at_jersey.dev.java.net
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_jersey.dev.java.net
> For additional commands, e-mail: users-help_at_jersey.dev.java.net
>
>
>
--
View this message in context: http://n2.nabble.com/SAXParserContextProvider-and-secure-processing-Exception-tp4228536p4232241.html
Sent from the Jersey mailing list archive at Nabble.com.