CXF 2.7.x Woodstox Compatibility via Maven
Asked Answered
R

3

7

In the CXF's documentation it is said that the 2.7.x version requires the Woodstox jars not under the 4.2.0 version to be available in the classpath.

Can somebody, please, suggest Maven dependencies for Woodstox to work with CXF?

The main problem is when I try to use the cxf's client, an exception "Cannot create a secure XMLInputFactory" is raised. According to different forums (for example), it is possible to use the "org.apache.cxf.stax.allowInsecureParser" system property to solve the problem, but it seems not a good way. So that maven dependencies are the way to go...

Thanks in advance.

Rosado answered 3/6, 2013 at 18:18 Comment(5)
Why don't you want to update to Woodstox 4.2.0? It has same group and artifact ids as 4.0 and 4.1.Mooch
Yes, I've tried to add the woodstox-core-asl 4.2.0 maven dependency and also the woodstox stax2-api, but the "Cannot create a secure XMLInputFactory" exception is raised anywayRosado
Is it possible that somehow multiple Stax implementations might be included as dependencies (like BEA's reference implementation, or Sun SJSXP explicitly added)?Mooch
Well, I think it is possible. Do you know how to exclude these dependencies or maybe how to set the preferred (Woodstox) implementation for cxf in a .pom file?Rosado
That would be CXF specific actually. But you can explicitly exclude inclusion of others in pom; first need to see if they are getting in (using "mvn dependency:tree"). Problem is that if CXF uses SPI style stax impl detection, order of precedence between choices in unspecified. But it may have specific overrides.Mooch
R
6

Well, finally I've got a solution. First of all I'd like to thank StaxMan for a help.

My environment is: Weblogic 11g, CXF 2.7.5

The problem is WLS already contains implementations for StAX API and xml parsers that is why an application doesn't see the Woodstox parser when using CXF.

Here is the pom.xml:

        <!-- CXF -->
        <dependency>
            <groupId>org.apache.cxf</groupId>
            <artifactId>cxf-api</artifactId>
        </dependency>

        <dependency>
            <groupId>org.apache.cxf</groupId>
            <artifactId>cxf-rt-frontend-jaxws</artifactId>
        </dependency>

        <dependency>
            <groupId>org.apache.cxf</groupId>
            <artifactId>cxf-rt-transports-http</artifactId>
        </dependency>

and the main part -- the weblogic-application.xml located in the resources/META-INF/ :

    <prefer-application-packages>
        <package-name>com.ctc.wstx.*</package-name>
        <package-name>org.apache.*</package-name>
    </prefer-application-packages>

Be aware of the fact that if do so there may occure the "NoClassDefinition" errors. If so, please, add maven dependencies that contain missing classes.

Hope this helps somebody.

Rosado answered 10/7, 2013 at 7:57 Comment(6)
My friend, this is beautiful. Thanx a lot:)Eustis
And I think it is not an option for weblogic 10Eustis
@Neron, I think there are still some packages in your WLS that brake the configuration. Please, refer to this #12717173 post.Rosado
I have added the necessary ones as u gave in your solution but it did not helped. This should not be this much painfull:(Eustis
It's a pity but with CXF it is always really hard to make something work properly other than basic examples. Some people adviced to exclude the 'javax.xml.*' packages (with the 'prefer-application-packages'). Did you try this? This approach is also given in the post above.Rosado
For a .war only solution in weblogic 10.3.6, I added the same prefer-application-packages element in the container-descriptor element in the the WEB-INF/weblogic.xml file (this means you don't have to create a .ear file unnecessarily).Justis
E
4

This worked for me without prefer-application-packages impl:

<dependency>
            <groupId>org.apache.cxf</groupId>
            <artifactId>cxf-rt-frontend-jaxws</artifactId>
            <version>${cxf.version}</version>
            <exclusions>
                <exclusion>
                    <groupId>com.sun.xml.bind</groupId>
                    <artifactId>jaxb-impl</artifactId>
                </exclusion>
            </exclusions>
        </dependency>

        <dependency>
            <groupId>com.sun.xml.bind</groupId>
            <artifactId>jaxb-impl</artifactId>
            <version>2.2.2</version>
        </dependency>
        <dependency>
            <groupId>org.apache.cxf</groupId>
            <artifactId>cxf-rt-transports-http</artifactId>
            <version>${cxf.version}</version>
        </dependency>
        <!-- Jetty is needed if you're using the CXFServlet -->
        <dependency>
            <groupId>org.apache.cxf</groupId>
            <artifactId>cxf-rt-transports-http-jetty</artifactId>
            <version>${cxf.version}</version>
        </dependency>
Eustis answered 16/7, 2013 at 14:39 Comment(0)
R
3

The only way for now I can solve the problem is to add such lines in the spring's context:

<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
    <property name="targetObject">
        <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
            <property name="targetClass" value="java.lang.System" />
            <property name="targetMethod" value="getProperties" />
        </bean>
    </property>
    <property name="targetMethod" value="putAll" />
    <property name="arguments">
        <util:properties>
            <prop key="org.apache.cxf.stax.allowInsecureParser">true</prop>
        </util:properties>
    </property>
</bean>
Rosado answered 4/6, 2013 at 8:58 Comment(3)
Thanks Dmitry, I had the same issue and now it is resolved #38366524Boggess
@Boggess mentioned link is brokenLiebermann
@AzhaguSurya: Seems post removed by the community.Boggess

© 2022 - 2024 — McMap. All rights reserved.