Skip to Content
0

SOAP RCV AXIS failed to access method com.sap.aii.af.sdk.xi.net.SSLChainVerifier

Jan 15, 2017 at 10:46 PM

119

avatar image

Hello experts - I have a File -> PI -> SOAP RCV async scenario.

The WS being reached at the target is HTTPS and the certificate chain was imported in TrustedCAs view.

I'm using AXIS at the SOAP RCV channel in order to encapsulate WSSE UsernameToken and Password in the SOAP Envelope.

The issue is, whenever any message is sent I get the following error at the receiver.

Error:

Axis: fatal error in invocation: java.lang.IllegalAccessError: tried to access method com.sap.aii.af.sdk.xi.net.SSLChainVerifier.<init>([Ljava/security/cert/X509Certificate;)V (class loader library:com.sap.aii.af.sdk.lib@73833, resolved library:com.sap.aii.af.sdk.lib@73833) from class com.sap.aii.axis.transport.net.IAIKUtils (class loader library:com.sap.aii.af.axis.lib@73835)

Can anyone cast some light on what am I missing?

Few facts that might be relevant:

  • XIAxisAdapter/MessageServlet is green for all required components (details below)
  • XPI Inspector shows the certificate chain ok, but I simply deleted the certificates from TrustedCAs and updated/activated the channel and restarted SSL Provider. The same error persist. Unless it's necessary to restart Java, it seems the error is happening before the Certificate chain validation.

Axis Adapter Message Servlet

Component Versions

Adapter Common Library Version: 1.7.3007.20130625153404.0000, NW730EXT_07_REL (2013-06-25T22:17:34+0000)
Adapter Application Version: 1.7.3007.20130625153404.0000, NW730EXT_07_REL (2013-06-25T22:18:05+0000)
Axis Version: Apache Axis version: 1.4 Built on Apr 22, 2006 (06:55:48 PDT)

Required Components

  • Apache-Axis
    Found: org.apache.axis.AxisEngine at /usr/sap/P5D/DVEBMGS08/j2ee/cluster/bin/ext/com.sap.aii.af.axisproviderlib/lib/axis.jar
  • Jakarta-Commons Discovery
    Found: org.apache.commons.discovery.Resource at /usr/sap/P5D/DVEBMGS08/j2ee/cluster/bin/ext/com.sap.aii.af.axisproviderlib/lib/commons-discovery-0.2.jar
  • Jakarta-Commons Logging
    Found: org.apache.commons.logging.Log at /usr/sap/P5D/DVEBMGS08/j2ee/cluster/bin/ext/com.sap.aii.af.axisproviderlib/lib/commons-logging-1.2.jar

Number of Missing Components: 0
Status: OK

Optional Components

  • XML Security API
    Found: org.apache.xml.security.Init at /usr/sap/P5D/DVEBMGS08/j2ee/cluster/bin/ext/com.sap.aii.af.axisproviderlib/lib/xmlsec-1.4.4.jar
  • Apache Xalan
    Found: org.apache.xalan.Version at /usr/sap/P5D/DVEBMGS08/j2ee/cluster/bin/ext/com.sap.aii.af.axisproviderlib/lib/xalan-2.7.1.jar
  • Jakarta-Commons Codec
    Found: org.apache.commons.codec.Encoder at /usr/sap/P5D/DVEBMGS08/j2ee/cluster/bin/ext/com.sap.aii.af.axisproviderlib/lib/commons-codec-1.10.jar
  • Jakarta-Commons Net
    Warning: optional component missing --- looking for org.apache.commons.net.SocketFactory in com.sap.aii.af.axisproviderlib/commons-net.jar; see http://jakarta.apache.org/commons/net/
  • Jakarta-Commons HttpClient
    Found: org.apache.commons.httpclient.HttpClient at /usr/sap/P5D/DVEBMGS08/j2ee/cluster/bin/ext/com.sap.aii.af.axisproviderlib/lib/commons-httpclient-3.1.jar
  • Apache WSS4J
    Found: org.apache.ws.security.WSSConfig at /usr/sap/P5D/DVEBMGS08/j2ee/cluster/bin/ext/com.sap.aii.af.axisproviderlib/lib/wss4j-1.5.7.jar
  • Apache Addressing
    Found: org.apache.axis.message.addressing.Constants at /usr/sap/P5D/DVEBMGS08/j2ee/cluster/bin/ext/com.sap.aii.af.axisproviderlib/lib/addressing-1.1.1.jar
  • Apache Sandesha
    Warning: optional component missing --- looking for org.apache.sandesha.Constants in com.sap.aii.af.axisproviderlib/Sandesha.jar; see http://ws.apache.org/sandesha/

Number of Missing Components: 2

Status: Warning

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

2 Answers

Raghuraman S Jan 16, 2017 at 03:32 AM
0

Hello,

Just cross check whether the Jar files required for AXIS are imported.Below Link can be also useful for debugging

https://wiki.scn.sap.com/wiki/display/XI/SOAP+AXIS

Share
10 |10000 characters needed characters left characters exceeded
Elison Avila Chagas Lima Jan 24, 2017 at 11:11 AM
0

Hey Raghuraman - thank you for your feedback.

I ended up using XSLT to fulfill my need. Accodingly to SAP, I'd need to upgrade a component version in order to fix that AXIS certificate chain validation.

The XSLT code I used was:

<?xml version="1.0"
encoding="UTF-8"?>  

<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
    xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"      
    xmlns:urn="urn:NexxeraWS"
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"     
    version="1.0">   
 <xsl:output method="xml" version="1.0" encoding="UTF-8" />    
 <xsl:attribute-set name="attr-soap">   
  <xsl:attribute name="soapenv:mustUnderstand">1</xsl:attribute>  
 </xsl:attribute-set>    
 <xsl:attribute-set name="attr-pasw">    
  <xsl:attribute name="Type">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
  </xsl:attribute>  
 </xsl:attribute-set>   
 <xsl:template match="/">    
  <soapenv:Envelope>       
   <soapenv:Header>     
    <xsl:element name="wsse:Security"
        use-attribute-sets="attr-soap">
     <xsl:element name="wsse:UsernameToken">
      <xsl:element name="wsse:Username">user</xsl:element>          
      <xsl:element name="wsse:Password" use-attribute-sets="attr-pasw">password</xsl:element>                        
     </xsl:element>               
    </xsl:element>    
   </soapenv:Header>       
   <soapenv:Body>         
      <xsl:copy-of select="*"/>         
   </soapenv:Body>   
  </soapenv:Envelope>     
 </xsl:template>  
</xsl:stylesheet>
Share
10 |10000 characters needed characters left characters exceeded