Random SSL error in custom trigger; compiled .jar

Posted by mmcallister on 20-May-2015 09:30

On startup of a 3.2.2 Private Cloud instance, occasionally a compiled .jar custom trigger is throwing the following error: com.sun.net.ssl.internal.www.protocol.https.httpsurlconnectionoldimpl cannot be cast to javax.net.ssl.httpsurlconnection See attached image. A reliable fix seems to be just stopping / starting the Rollbase instance. Has anyone else experienced this problem? And have a solution?

Posted by Anoop Premachandran on 07-Sep-2015 09:59

This is fixed in 4.0

All Replies

Posted by Gian Torralba on 21-May-2015 08:00
Hello,

Is this issue re-occuring even after the server restart?

Thank you,
Gian
Posted by mmcallister on 21-May-2015 08:30

It has, yes. That is the concern.

It happens randomly, and it occurs after any given restart, and remains in the condition of throwing the error until after another restart.

This is going to be difficult to reproduce reliably. During the development of the Custom Trigger code, in Eclipse on Windows, I was seeing this on a Windows instance of Private Cloud 3.2.2. Thinking it was 'Windoze', I was totally surprised to have it happen when we installed the customt.jar into one of our cloud 3.2.2 Linux instances.

Is there any other information I can gather that might help? The Java inside the custom trigger calls out over the web via https:// to fetch a ticket for another cross-platform product of ours. I had some SSL difficulties to work through during the development cycle, such as 2048-bit cipher keys on the cert. we use; and overriding TrustManger using one of its subclasses to remove the need to install the cert. in the local JRE keystore.

Posted by Gian Torralba on 22-May-2015 07:07
Hello,

Can you file a support ticket for this so that support can assist you with your SSL issue in yourPrivate Cloud Instance?

Thank you,
Gian
Posted by Anoop Premachandran on 22-May-2015 08:04

You mentioned "The Java inside the custom trigger calls out over the web via https:// to fetch a ticket for another cross-platform product of ours."

For doing this what did you use, did you write your HTTP client code or used Rollbase HTTP util methods ?

Can you share the code that was used to make this call ?

Posted by Harrie Kuijper on 22-May-2015 08:09

See this thread on stackoverflow:

stackoverflow.com/.../java-lang-classcastexception-com-sun-net-ssl-internal-www-protocol-https-httpsu

EDIT: Nevermind, this code should be modified in rollbase classes, maybe it is useful for progress support instead.

Posted by Anoop Premachandran on 22-May-2015 09:23

Custom trigger involves writing Java classes and adding to Rollbase classpath. So once we see that code we can determine whether fixes are needed in Custom Trigger Code or Rollbase classes.

Posted by mmcallister on 22-May-2015 09:34

00313849 in Rollbase Support was created per request from Gian T. I did attach the code I'm using on that Case.

Posted by Anoop Premachandran on 22-May-2015 11:56

Thanks. We have identified the issue. Gian, please create a defect linked to the support case.

Meanwhile, can you try this workaround and respond if it works for you ?

Add the following code to custom trigger before making calls to the HTTPs service.

Remove the code if this causes any other side effects. I have not fully tested this yet.

		String s = System.getProperty("java.protocol.handler.pkgs");
		if("com.sun.net.ssl.internal.www.protocol".equals(s)){
			System.clearProperty("java.protocol.handler.pkgs");
		}


Posted by mmcallister on 22-May-2015 15:27

I placed your suggested code immediately before creating the java.net.URL. I deployed the new compiled custom.jar and have not seen the problem so far after a couple stop / start cycles of Rollbase. I will keep an eye on it, and try some stop / start cycles over the next few days. Otherwise, the trigger stills works, i.e. I have not seen any adverse effects.

               //sun namespace work-around from Anoop Premachandran at Progress

       String s = System.getProperty("java.protocol.handler.pkgs");

if("com.sun.net.ssl.internal.www.protocol".equals(s)){

System.clearProperty("java.protocol.handler.pkgs");

}

//GET

       java.net.URL url = new java.net.URL(biURL + "/qvajaxzfc/getwebticket.aspx?cmd=%3CGlobal%20method%3D%27GetWebTicket%27%3E%3CUserId%3E" + biUser + "." + orgXref + "%3C%2FUserId%3E%3C%2FGlobal%3E");

javax.net.ssl.HttpsURLConnection con = (javax.net.ssl.HttpsURLConnection)url.openConnection();

con.setRequestMethod("GET");

con.setHostnameVerifier(allHostsValid);

con.connect();

Posted by mmcallister on 26-May-2015 09:19

This morning, after the long weekend, the Custom trigger code was throwing the errors below, found in the event.log.

No errors were bubbled to the UI anywhere. I wonder if the code I added just hid the errors. I really would rather have the errors raised to the UI, rather than being hidden.

I restarted Rollbase and all is well again.

[2015-05-26 10:05:05,615] java.lang.ClassCastException: com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl cannot be cast to javax.net.ssl.HttpsURLConnection

at trigger.CustomTrigger.trigger(CustomTrigger.java:160)

at com.rb.core.services.event.TriggerRunner.runSelected(TriggerRunner.java:789)

at p4.ApiController.runTrigger(ApiController.java:635)

at p4.ApiController.dispatch(ApiController.java:103)

at com.rb.core.logics.servlet.AjaxServlet.doGet(AjaxServlet.java:395)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

at com.rb.util.web.NoCacheFilter.doFilter(NoCacheFilter.java:41)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)

at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)

at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)

at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)

at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)

at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)

at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)

at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:200)

at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)

at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)

at java.lang.Thread.run(Thread.java:745)

[2015-05-26 10:05:16,752] ===> Error in thread ajp-bio-8009-exec-2 at 05/26/2015 10:05 AM: Error in trigger BinformedGetWebTicket

[2015-05-26 10:05:16,752] java.lang.ClassCastException: com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl cannot be cast to javax.net.ssl.HttpsURLConnection

at trigger.CustomTrigger.trigger(CustomTrigger.java:160)

at com.rb.core.services.event.TriggerRunner.runSelected(TriggerRunner.java:789)

at p4.ApiController.runTrigger(ApiController.java:635)

at p4.ApiController.dispatch(ApiController.java:103)

at com.rb.core.logics.servlet.AjaxServlet.doGet(AjaxServlet.java:395)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

at com.rb.util.web.NoCacheFilter.doFilter(NoCacheFilter.java:41)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)

at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)

at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)

at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)

at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)

at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)

at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)

at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:200)

at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)

at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)

at java.lang.Thread.run(Thread.java:745)

Posted by Anoop Premachandran on 26-May-2015 10:13

We will be making the fix in our code. I was hoping the above code help with the fix in the interim

Posted by Anoop Premachandran on 07-Sep-2015 09:59

This is fixed in 4.0

This thread is closed