todvora / eet-client Goto Github PK
View Code? Open in Web Editor NEWClient and library for #EET communication - http://www.etrzby.cz/ , written in Java
License: MIT License
Client and library for #EET communication - http://www.etrzby.cz/ , written in Java
License: MIT License
Usual problem with transition from playground to production is not enabled JCE (more info).
Check the current JRE settings during client key initialization and issue a warning with link to the documentation.
Hello,
I tried to install your library into my project and probably, there is something broken.
I added this into my pom.xml
<dependency>
<groupId>com.github.todvora</groupId>
<artifactId>eet-client</artifactId>
<version>3.0.0</version>
</dependency>
(I tried other versions as well), and I've got:
Could not find artifact com.github.todvora:eet-client:pom:3.0.0 in spring.milestone (https://repo.spring.io/milestone)
Also I cannot find it in here - https://mvnrepository.com/search?q=eet
cxf-bundle-compatible
can be replaced with:
cxf-rt-frontend-jaxws
cxf-rt-transports-http
Hello, InMemoryCRLStore is not download crl's parallel becouse of synchronization on getCRL method.
Proposition of fix:
private static final Map<URI, X509CRL> CACHE = new HashMap<URI, X509CRL>();
into
private static final Map<URI, X509CRL> CACHE = new ConcurrentHashMap<URI, X509CRL>();
private synchronized X509CRL getCRL
into
private X509CRL getCRL
Should fix that.
Pouzil jsem Vaseho klienta pro EET. Na mem pocitaci vse funguje v poradku, jak spustenim z NetBeans, tak i samostatne jar. Pokud ale nahraji jak na jiny pocitac, objevi se tato vyjimka. Clienta eet-client mam ve svem maven projektu
<dependency>
<groupId>cz.tomasdvorak</groupId>
<artifactId>eet-client</artifactId>
<version>2.0.3</version>
</dependency>
nekde jsem nasel, ze bouncycastle by mel mit provided, ale ve Vasem pom.xml to neni uvedeno.
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.55</version>
<scope>provided</scope>
</dependency>
Projekt je Java8, jce_policy-8 jsem nakopiroval, ale s timhle si nevim rady. Dekuji za pomoc.
cz.tomasdvorak.eet.client.exceptions.InvalidKeystoreException: java.io.IOException: error constructing MAC: java.lang.SecurityException: JCE cannot authenticate the provider BC
at cz.tomasdvorak.eet.client.security.ClientKey.getKeyStore(ClientKey.java:93)
at cz.tomasdvorak.eet.client.security.ClientKey.(ClientKey.java:51)
at cz.tomasdvorak.eet.client.EETServiceFactory.getInstance(EETServiceFactory.java:24)
at Main.sendEetRequestProduction(Main.java:73)
at Main.lambda$main$1(Main.java:56)
at spark.TemplateViewRouteImpl$1.handle(TemplateViewRouteImpl.java:66)
at spark.http.matching.Routes.execute(Routes.java:61)
at spark.http.matching.MatcherFilter.doFilter(MatcherFilter.java:126)
at spark.embeddedserver.jetty.JettyHandler.doHandle(JettyHandler.java:50)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:189)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:119)
at org.eclipse.jetty.server.Server.handle(Server.java:517)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:308)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:242)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:261)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:75)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceAndRun(ExecuteProduceConsume.java:213)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:147)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:654)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:572)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.IOException: error constructing MAC: java.lang.SecurityException: JCE cannot authenticate the provider BC
at org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi.engineLoad(Unknown Source)
at java.security.KeyStore.load(Unknown Source)
at cz.tomasdvorak.eet.client.security.ClientKey.getKeyStore(ClientKey.java:83)
... 22 more
There is a pretty significant part of the code which handles CRL parsing and download from EET certificates used to sign responses. I'd like to replace this part with several standard properties, which should force JRE to do the same procedure:
System.setProperty("com.sun.security.enableCRLDP", "true");
System.setProperty("com.sun.net.ssl.checkRevocation", "true");
Security.setProperty("com.sun.security.onlyCheckRevocationOfEECert", "true"); // verify only revocation of the last cert in path (the EET cert)
Any other ideas, recommendations or code snippets?
Thanks!
WARNING: Interceptor for {http://fs.mfcr.cz/eet/schema/v3}EETService#{http://fs.mfcr.cz/eet/schema/v3}OdeslaniTrzby has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: Problem writing SAAJ model to stream: Connection reset
at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutEndingInterceptor.handleMessage(SAAJOutInterceptor.java:223)
at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutEndingInterceptor.handleMessage(SAAJOutInterceptor.java:174)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:514)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:423)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:324)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:277)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:139)
at com.sun.proxy.$Proxy76.odeslaniTrzby(Unknown Source)
at cz.tomasdvorak.eet.client.EETClientImpl.submitReceipt(EETClientImpl.java:25)
at cz.tomasdvorak.eet.client.EETClientTest.realCommunication(EETClientTest.java:40)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:86)
at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:459)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:675)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:382)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:192)
Caused by: com.ctc.wstx.exc.WstxIOException: Connection reset
at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:255)
at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutEndingInterceptor.handleMessage(SAAJOutInterceptor.java:215)
... 35 more
Caused by: java.net.SocketException: Connection reset
at java.net.SocketInputStream.read(SocketInputStream.java:209)
at java.net.SocketInputStream.read(SocketInputStream.java:141)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
at sun.security.ssl.InputRecord.read(InputRecord.java:503)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1283)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1258)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.setupWrappedStream(URLConnectionHTTPConduit.java:236)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1320)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1280)
at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:267)
at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47)
at org.apache.cxf.io.AbstractThresholdOutputStream.unBuffer(AbstractThresholdOutputStream.java:89)
at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:63)
at org.apache.cxf.io.CacheAndWriteOutputStream.write(CacheAndWriteOutputStream.java:80)
at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:51)
at com.ctc.wstx.io.UTF8Writer.flush(UTF8Writer.java:100)
at com.ctc.wstx.sw.BufferingXmlWriter.flush(BufferingXmlWriter.java:241)
at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:253)
... 36 more
23:02:15.519 [main] INFO cz.tomasdvorak.eet.client.security.ClientKey - Client certificate serial number: 16777221, CZ683555118, C=CZ,CN=GFR EET test CA 1,O=Generální finanční ředitelství
23:02:15.519 [main] INFO cz.tomasdvorak.eet.client.security.ServerKey - Server certificate serial number: 10500000, OU=I.CA - Accredited Provider of Certification Services, O="První certifikační autorita, a.s.", CN="I.CA - Qualified Certification Authority, 09/2009", C=CZ
Sep 10, 2016 11:02:15 PM org.apache.cxf.wsdl.service.factory.ReflectionServiceFactoryBean buildServiceFromClass
INFO: Creating Service {http://fs.mfcr.cz/eet/schema/v3}EETService from class cz.etrzby.xml.EET
Sep 10, 2016 11:02:16 PM org.apache.cxf.phase.PhaseInterceptorChain doDefaultLogging
WARNING: Interceptor for {http://fs.mfcr.cz/eet/schema/v3}EETService#{http://fs.mfcr.cz/eet/schema/v3}OdeslaniTrzby has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: Problem writing SAAJ model to stream: Connection reset
at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutEndingInterceptor.handleMessage(SAAJOutInterceptor.java:223)
at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutEndingInterceptor.handleMessage(SAAJOutInterceptor.java:174)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:514)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:423)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:324)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:277)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:139)
at com.sun.proxy.$Proxy76.odeslaniTrzby(Unknown Source)
at cz.tomasdvorak.eet.client.EETClientImpl.submitReceipt(EETClientImpl.java:25)
at cz.tomasdvorak.eet.client.EETClientTest.testCommunication(EETClientTest.java:48)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:86)
at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:459)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:675)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:382)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:192)
Caused by: com.ctc.wstx.exc.WstxIOException: Connection reset
at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:255)
at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutEndingInterceptor.handleMessage(SAAJOutInterceptor.java:215)
... 35 more
Caused by: java.net.SocketException: Connection reset
at java.net.SocketInputStream.read(SocketInputStream.java:209)
at java.net.SocketInputStream.read(SocketInputStream.java:141)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
at sun.security.ssl.InputRecord.read(InputRecord.java:503)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1283)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1258)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.setupWrappedStream(URLConnectionHTTPConduit.java:236)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1320)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1280)
at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:267)
at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47)
at org.apache.cxf.io.AbstractThresholdOutputStream.unBuffer(AbstractThresholdOutputStream.java:89)
at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:63)
at org.apache.cxf.io.CacheAndWriteOutputStream.write(CacheAndWriteOutputStream.java:80)
at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:51)
at com.ctc.wstx.io.UTF8Writer.flush(UTF8Writer.java:100)
at com.ctc.wstx.sw.BufferingXmlWriter.flush(BufferingXmlWriter.java:241)
at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:253)
... 36 more
Nebylo by efektivnejsi vytvorit crypto instanci objektu Merylin jednou v konstruktoru trid ServerKey a ClientKey? Takto se tento objekt asi zbytecne vyrabi pri kazdem volani submit.
Expired certs are causing MerlinWithCRLDistributionPointsExtensionTest
unit tests to fail.
see: openssl x509 -in src/test/resources/keys/crls-demo-cert.pem -text -noout -enddate
out: notAfter=Jun 8 05:54:52 2017 GMT
There are also integration test failures.
If you encounter this issue with Java 16, change cxf
dependency to latest version and it is resolved.
My pom.xml dependencies:
<eet.client.version>4.0.1</eet.client.version>
<cxf.version>3.4.4</cxf.version>
<!-- EET client dependencies -->
<dependency>
<groupId>cz.tomasdvorak</groupId>
<artifactId>eet-client</artifactId>
<version>${eet.client.version}</version>
<exclusions>
<exclusion>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-frontend-jaxws</artifactId>
<version>${cxf.version}</version>
<exclusions>
<exclusion>
<groupId>asm</groupId>
<artifactId>asm</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-http</artifactId>
<version>${cxf.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-security</artifactId>
<version>${cxf.version}</version>
<exclusions>
<exclusion>
<artifactId>geronimo-javamail_1.4_spec</artifactId>
<groupId>org.apache.geronimo.specs</groupId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<!-- Add bcprov jars to classpath -->
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.69</version>
</dependency>
<dependency>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
<version>2.3.1</version>
</dependency>
<dependency>
<groupId>com.sun.xml.bind</groupId>
<artifactId>jaxb-impl</artifactId>
<version>2.3.3</version>
</dependency>
<dependency>
<groupId>com.sun.xml.bind</groupId>
<artifactId>jaxb-core</artifactId>
<version>2.3.0.1</version>
</dependency>
<dependency>
<groupId>javax.xml.ws</groupId>
<artifactId>jaxws-api</artifactId>
<version>2.3.0</version>
</dependency>
<dependency>
<groupId>com.sun.xml.ws</groupId>
<artifactId>jaxws-rt</artifactId>
<version>2.3.0.2</version>
</dependency>
<dependency>
<groupId>com.sun.activation</groupId>
<artifactId>javax.activation</artifactId>
<version>1.2.0</version>
</dependency>
<dependency>
<groupId>com.sun.xml.messaging.saaj</groupId>
<artifactId>saaj-impl</artifactId>
<version>1.4.0</version>
</dependency>
<dependency>
<groupId>javax.annotation</groupId>
<artifactId>javax.annotation-api</artifactId>
</dependency>
<!-- EET client dependencies END -->
Error (solved with newer dependencies above):
java.lang.reflect.InaccessibleObjectException: Unable to make field private static volatile java.net.Authenticator java.net.Authenticator.theAuthenticator accessible: module java.base does not "opens java.net" to unnamed module @2f687a1a
at java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:357) ~[?:?]
at java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:297) ~[?:?]
at java.lang.reflect.Field.checkCanSetAccessible(Field.java:177) ~[?:?]
at java.lang.reflect.Field.setAccessible(Field.java:171) ~[?:?]
at org.apache.cxf.common.util.ReflectionUtil$11.run(ReflectionUtil.java:194) ~[org-apache-cxf-cxf-core-3.2.5.jar:3.2.5]
at org.apache.cxf.common.util.ReflectionUtil$11.run(ReflectionUtil.java:192) ~[org-apache-cxf-cxf-core-3.2.5.jar:3.2.5]
at java.security.AccessController.doPrivileged(AccessController.java:312) ~[?:?]
at org.apache.cxf.common.util.ReflectionUtil.setAccessible(ReflectionUtil.java:192) ~[org-apache-cxf-cxf-core-3.2.5.jar:3.2.5]
at org.apache.cxf.transport.http.CXFAuthenticator.addAuthenticator(CXFAuthenticator.java:55) ~[org-apache-cxf-cxf-rt-transports-http-3.2.5.jar:3.2.5]
at org.apache.cxf.transport.http.URLConnectionHTTPConduit.<init>(URLConnectionHTTPConduit.java:90) ~[org-apache-cxf-cxf-rt-transports-http-3.2.5.jar:3.2.5]
at org.apache.cxf.transport.http.HTTPTransportFactory.getConduit(HTTPTransportFactory.java:236) ~[org-apache-cxf-cxf-rt-transports-http-3.2.5.jar:3.2.5]
at org.apache.cxf.binding.soap.SoapTransportFactory.getConduit(SoapTransportFactory.java:226) ~[org-apache-cxf-cxf-rt-bindings-soap-3.2.5.jar:3.2.5]
at org.apache.cxf.endpoint.AbstractConduitSelector.createConduit(AbstractConduitSelector.java:153) ~[org-apache-cxf-cxf-core-3.2.5.jar:3.2.5]
at org.apache.cxf.endpoint.AbstractConduitSelector.getSelectedConduit(AbstractConduitSelector.java:108) ~[org-apache-cxf-cxf-core-3.2.5.jar:3.2.5]
at org.apache.cxf.endpoint.UpfrontConduitSelector.selectConduit(UpfrontConduitSelector.java:77) ~[org-apache-cxf-cxf-core-3.2.5.jar:3.2.5]
at org.apache.cxf.endpoint.ClientImpl.getConduit(ClientImpl.java:884) ~[org-apache-cxf-cxf-core-3.2.5.jar:3.2.5]
at cz.tomasdvorak.eet.client.security.SecureEETCommunication.configureTimeout(SecureEETCommunication.java:151) ~[cz-tomasdvorak-eet-client-3.0.0-java10-20180820.jar:?]
at cz.tomasdvorak.eet.client.security.SecureEETCommunication.getPort(SecureEETCommunication.java:91) ~[cz-tomasdvorak-eet-client-3.0.0-java10-20180820.jar:?]
at cz.tomasdvorak.eet.client.EETClientImpl.sendSync(EETClientImpl.java:54) ~[cz-tomasdvorak-eet-client-3.0.0-java10-20180820.jar:?]
Bylo by mozne ted odebrat dependency na BouncyCastle:
#27
Bug co tomu branil je davno opraveny:
http://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8175251
Using latest 4.0.1 release and Java 16:
org.xml.sax.SAXParseException: src-resolve: Cannot resolve the name 'tns:TrzbaType' to a(n) 'type definition' component.
at org.apache.xerces.util.ErrorHandlerWrapper.createSAXParseException(Unknown Source) ~[xerces-xercesImpl-2.7.1.jar:?]
at org.apache.xerces.util.ErrorHandlerWrapper.error(Unknown Source) ~[xerces-xercesImpl-2.7.1.jar:?]
at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source) ~[xerces-xercesImpl-2.7.1.jar:?]
at org.apache.xerces.impl.xs.traversers.XSDHandler.reportSchemaError(Unknown Source) ~[xerces-xercesImpl-2.7.1.jar:?]
at org.apache.xerces.impl.xs.traversers.XSDHandler.getGlobalDecl(Unknown Source) ~[xerces-xercesImpl-2.7.1.jar:?]
at org.apache.xerces.impl.xs.traversers.XSDElementTraverser.traverseNamedElement(Unknown Source) ~[xerces-xercesImpl-2.7.1.jar:?]
at org.apache.xerces.impl.xs.traversers.XSDElementTraverser.traverseGlobal(Unknown Source) ~[xerces-xercesImpl-2.7.1.jar:?]
at org.apache.xerces.impl.xs.traversers.XSDHandler.traverseSchemas(Unknown Source) ~[xerces-xercesImpl-2.7.1.jar:?]
at org.apache.xerces.impl.xs.traversers.XSDHandler.parseSchema(Unknown Source) ~[xerces-xercesImpl-2.7.1.jar:?]
at org.apache.xerces.impl.xs.XMLSchemaLoader.loadSchema(Unknown Source) ~[xerces-xercesImpl-2.7.1.jar:?]
at org.apache.xerces.impl.xs.XMLSchemaLoader.loadGrammar(Unknown Source) ~[xerces-xercesImpl-2.7.1.jar:?]
at org.apache.xerces.impl.xs.XMLSchemaLoader.loadGrammar(Unknown Source) ~[xerces-xercesImpl-2.7.1.jar:?]
at org.apache.xerces.jaxp.validation.XMLSchemaFactory.newSchema(Unknown Source) ~[xerces-xercesImpl-2.7.1.jar:?]
at org.apache.cxf.ws.addressing.EndpointReferenceUtils.createSchema(EndpointReferenceUtils.java:548) ~[org-apache-cxf-cxf-core-3.4.4.jar:3.4.4]
at org.apache.cxf.ws.addressing.EndpointReferenceUtils.getSchema(EndpointReferenceUtils.java:578) ~[org-apache-cxf-cxf-core-3.4.4.jar:3.4.4]
at org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor.setDataWriterValidation(AbstractOutDatabindingInterceptor.java:208) ~[org-apache-cxf-cxf-core-3.4.4.jar:3.4.4]
at org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor.getDataWriter(AbstractOutDatabindingInterceptor.java:199) ~[org-apache-cxf-cxf-core-3.4.4.jar:3.4.4]
at org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor.writeParts(AbstractOutDatabindingInterceptor.java:122) ~[org-apache-cxf-cxf-core-3.4.4.jar:3.4.4]
at org.apache.cxf.wsdl.interceptors.BareOutInterceptor.handleMessage(BareOutInterceptor.java:68) ~[org-apache-cxf-cxf-rt-wsdl-3.4.4.jar:3.4.4]
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308) ~[org-apache-cxf-cxf-core-3.4.4.jar:3.4.4]
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530) ~[org-apache-cxf-cxf-core-3.4.4.jar:3.4.4]
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:441) ~[org-apache-cxf-cxf-core-3.4.4.jar:3.4.4]
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:356) ~[org-apache-cxf-cxf-core-3.4.4.jar:3.4.4]
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:314) ~[org-apache-cxf-cxf-core-3.4.4.jar:3.4.4]
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96) ~[org-apache-cxf-cxf-rt-frontend-simple-3.4.4.jar:3.4.4]
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:140) ~[org-apache-cxf-cxf-rt-frontend-jaxws-3.4.4.jar:3.4.4]
at jdk.proxy2.$Proxy196.odeslaniTrzby(Unknown Source) ~[?:?]
at cz.tomasdvorak.eet.client.EETClientImpl.sendSync(EETClientImpl.java:61) ~[cz-tomasdvorak-eet-client-4.0.1.jar:?]
Solution - update xercesImpl to latest version:
xerces
xercesImpl
2.12.1
Dobrý den,
plánujete prosím kód přizpůsobit pro Javu 10?
Aktuálně knihovna pod Javou 10 nefunguje, je třeba přidat některé moduly (což je lepší udělat přidáním Maven závislostí), pak se ale změnily některé metody (např. wss4j Merlin verifyTrust
se změnila na protected
a ta public
vyžaduje navíc Collection<Pattern> issuerCertConstraints
).
Děkuji.
Hi,
your project stop work, because of certificate revocation.
Original Exception was java.security.cert.CertPathValidatorException: validity check failed
Caused by: java.security.cert.CertPathValidatorException: validity check failed
Caused by: java.security.cert.CertificateExpiredException: NotAfter: Wed May 23 13:04:11 CEST 2018
Could you repair it asap please? I need it for my school project, just need working playground connection for now.
Many Thanks
There are some flaws and imperfections in this EET client implementation which I'd like to fix in next major release 3.0
. Please feel free to add some more or comment on current:
OdpovedType.OdpovedChybaType
to proper exception, do not force user to check it manually.TrzbaType.TrzbaHlavickaType.uuidZpravy
, TrzbaType.TrzbaHlavickaType.datOdesl
or TrzbaType.TrzbaHlavickaType.prvniZaslani
OdpovedType.varovani
easier accessible and usable.Changes mentioned here will be implemented on branch client-interface-changes, if you want to review the code, send pull request or check, how is the client evolving.
Myslim, ze to overeni DNS lookupem nefunguje zcela korektne.
Provedel jsem nejake real testy v provozu s 5s lookup timeoutem a zaroven kazdou minutu pomoci utilitky dig
kotroluji query time na stejnem stroji, kde eetclient bezi. Zatimco vsechny query time jsou do 500ms v prumeru kolem 200ms, eetClient se do 5000ms limitu obcas nevejde.
the code:
final Enumeration<String> aliases = getAliases(keystore);
returns aliases of two types:
keystore.isKeyEntry(a) == true
and
keystore.isCertificateEntry(a) == true
But using method select first one can be randomly unvanted CertificateEntry (not required KeyEntry) ;)
So, sometimes initialisation fails with an error such as "bad key format", while using certificate as a key ;(
Hi,
We are working on the implementation of EET for one Czech client and we would need help with connecting to Czech Tax Authorities, so we decided to contact you with the hope that you can help us with your esteemed experience.
At this time, our development team is working on the solution, but we need someone who can help us to connect with Czech Tax Authorities by providing specific local inputs. This would take approximately 3-4 hours of your time per week, depending on the phase of integration. Of course, you would be paid for your time invested.
Please let us know if you are interested in cooperation so we can agree on terms.
Thank you and best regards, Kristian
Cxf dependencies are monstrous. Our project increased in size from 35 MB to 51MB.
We have two dependency conflicts:
org.apache.geronimo.specs
This one conflicts with tomcat. So we can't send emails.
javax.mail.NoSuchProviderException: Provider class does not have a constructor(Session, URLName): protocol=imaps; type=javax.mail.Provider$Type@4307b3c5; class=com.sun.mail.imap.IMAPSSLStore; vendor=Oracle
asm
This one conflict with new version of itself.
java.lang.IncompatibleClassChangeError: org/parboiled/transform/ParserClassNode
Both dependencies are not needed and can be removed from eet-client:
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-frontend-jaxws</artifactId>
<version>${cxf.version}</version>
<exclusions>
<exclusion>
<groupId>asm</groupId>
<artifactId>asm</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-security</artifactId>
<version>${cxf.version}</version>
<exclusions>
<exclusion>
<artifactId>geronimo-javamail_1.4_spec</artifactId>
<groupId>org.apache.geronimo.specs</groupId>
</exclusion>
</exclusions>
</dependency>
If not removed from eet-client, they can be removed by:
<dependency>
<groupId>com.github.todvora</groupId>
<artifactId>eet-client</artifactId>
<version>3.0.0-beta-5</version>
<exclusions>
<exclusion>
<artifactId>geronimo-javamail_1.4_spec</artifactId>
<groupId>org.apache.geronimo.specs</groupId>
</exclusion>
<exclusion>
<groupId>asm</groupId>
<artifactId>asm</artifactId>
</exclusion>
</exclusions>
</dependency>
Zmena na slf4j api umozni kazdemu si vybrat logovaci knihovnu. Kdo chce dal pouzivat log4j tak si ho prida do pom.xml, kdo ne tak si tam da jinou knihovnu (my ted napr pouzivame logback).
pom.xml:
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.22</version>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-api</artifactId>
<version>${log4j.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
<version>${log4j.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-slf4j-impl</artifactId>
<version>${log4j.version}</version>
<scope>test</scope>
</dependency>
zmeny ve tridach napr:
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
private static final Logger logger = LoggerFactory.getLogger(SecureEETCommunication.class);
public class FikGenerater {
private EETClient eetService;
{
/*
* Client's key pair, used to sign requests
*/
final InputStream clientKey = getClass().getResourceAsStream("/keys/01000005.p12");
/*
* EET's server certificate, issued by I.CA, used to verify response
* signature
*/
final InputStream serverCertificate = getClass().getResourceAsStream("/keys/qica.der");
try {
System.out.println(clientKey.toString());
System.out.println(serverCertificate.toString());
this.eetService = EETServiceFactory.getInstance(clientKey, "eet", serverCertificate);
} catch (InvalidKeystoreException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public static void fikGenerate() {
FikGenerater t = new FikGenerater();
final TrzbaDataType data = t.getData();
OdpovedType odpovedType = null;
try {
System.out.println();
odpovedType = t.eetService.submitReceipt(data, CommunicationMode.REAL, EndpointType.PLAYGROUND,
SubmissionType.REPEATED_ATTEMPT);
String fik = odpovedType.getPotvrzeni().getFik();
System.out.println(fik);
} catch (DataSigningException e) {
// TODO Auto-generated catch block
System.out.println(e.getMessage());
e.printStackTrace();
}
}
private TrzbaDataType getData() {
return new TrzbaDataType().withDicPopl("CZ683555118").withIdProvoz(243).withIdPokl("24/A-6/Brno_2")
.withPoradCis("#135433c/11/2016").withDatTrzby(new Date()).withCelkTrzba(new BigDecimal("3264.00"));
}
when i tried to call fikGenerate() method on button click of a jsp page then i face this problem.
23:36:17.460 [tomcat-http--4] INFO cz.eet.client.security.ClientKey - Client certificate serial number: 16777221, cz683555118, O=Generální finan?ní ?editelství, CN=GFR EET test CA 1, C=CZ
23:36:17.485 [tomcat-http--4] INFO cz.eet.client.security.ServerKey - Server certificate serial number: 10500000, OU=I.CA - Accredited Provider of Certification Services, O="První certifika?ní autorita, a.s.", CN="I.CA - Qualified Certification Authority, 09/2009", C=CZ
ID: 1
Address: https://pg.eet.cz:443/eet/services/EETServiceSOAP/v3
Encoding: UTF-8
Http-Method: POST
Content-Type: text/xml
Headers: {Accept=[/], SOAPAction=["http://fs.mfcr.cz/eet/OdeslaniTrzby"]}
ID: 1
Response-Code: 200
Encoding: UTF-8
Content-Type: text/xml; charset=UTF-8
Headers: {connection=[close], content-type=[text/xml; charset=UTF-8], Set-Cookie=[f5avrbbbbbbbbbbbbbbbb=AHOEPFBKIGJAGJDNANDDNPEDEBJHCOPOIGJFGJFEEHBOBAKBJBIKNKPGBNCGIEGDPMKDEMNNFAFOPIOPBCNAPFODGBEMFLGFHPNNIDBMKCLMDFKJLAKILKPMHBDPFKIP; HttpOnly; secure], X-Backside-Transport=[FAIL FAIL]}
Payload:
23:36:30.020 [tomcat-http--4] WARN cz.eet.client.security.ClientKey - Validation error, no response signature verification available!
Remove cxf-rt-transports-http from 3.0.0-beta-5
How can I use it on Android with gradle?
I tried to integrate it into my app, but I have a problem with Oracle JDK classes inside the library, which are not supported by Android.
The dependency has been introduced in earlier versions to handle manual handling of CRLs (see issue #21). It shouldn't be needed anymore and causes some troubles:
The BC dependency is removed now on the client-interface-changes branch and the change will reach 3.0.0-beta releases soon.
Please report any key / certificate related issues and problems, which could be affected by this change.
I had to add following dependencies to my project to run it on JDK 11:
<dependency>
<groupId>javax.xml.ws</groupId>
<artifactId>jaxws-api</artifactId>
<version>2.3.1</version>
</dependency>
<dependency>
<groupId>com.sun.xml.ws</groupId>
<artifactId>jaxws-ri</artifactId>
<version>2.3.2</version>
</dependency>
<dependency>
<groupId>javax.activation</groupId>
<artifactId>javax.activation-api</artifactId>
<version>1.2.0</version>
</dependency>
<dependency>
<groupId>com.sun.xml.messaging.saaj</groupId>
<artifactId>saaj-impl</artifactId>
<version>1.5.1</version>
</dependency>
However during reporting I still get:
org.apache.cxf.phase.PhaseInterceptorChain.doDefaultLogging Interceptor for {http://fs.mfcr.cz/eet/schema/v3}EETService#{http://fs.mfcr.cz/eet/schema/v3}OdeslaniTrzby has thrown exception, unwinding now
org.w3c.dom.DOMException: WRONG_DOCUMENT_ERR: A node is used in a different document than the one that created it.
at java.xml/com.sun.org.apache.xerces.internal.dom.ParentNode.internalInsertBefore(ParentNode.java:356)
at java.xml/com.sun.org.apache.xerces.internal.dom.ParentNode.insertBefore(ParentNode.java:287)
at java.xml/com.sun.org.apache.xerces.internal.dom.NodeImpl.appendChild(NodeImpl.java:237)
at org.apache.wss4j.dom.util.WSSecurityUtil.prependChildElement(WSSecurityUtil.java:709)
at org.apache.wss4j.dom.util.WSSecurityUtil.findWsseSecurityHeaderBlock(WSSecurityUtil.java:803)
at org.apache.wss4j.dom.message.WSSecHeader.insertSecurityHeader(WSSecHeader.java:134)
at org.apache.wss4j.dom.handler.WSHandler.doSenderAction(WSHandler.java:101)
at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$100(WSS4JOutInterceptor.java:54)
at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessageInternal(WSS4JOutInterceptor.java:267)
at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:135)
at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:122)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
at com.sun.proxy.$Proxy181.odeslaniTrzby(Unknown Source)
at cz.tomasdvorak.eet.client.EETClientImpl.sendSync(EETClientImpl.java:61)
Hi,
I was struggling with EET integration because of the following exception for quite a while:
Caused by: java.io.IOException: exception unwrapping private key - java.security.InvalidKeyException: Illegal key size
at org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi.unwrapKey(Unknown Source)
at org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi.engineLoad(Unknown Source)
at java.security.KeyStore.load(KeyStore.java:1445)
at cz.tomasdvorak.eet.client.security.ClientKey.getKeyStore(ClientKey.java:83)
The problem was that the code from example was working fine with test keys & certificates, but it was not working with production keys & certificates. It took me a while to find out that the problem is that you need to install a Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy in to your environment (Download the JCE, read their ReadMe, replace files in your current Java installation and restart the app.)
This is far not obvious and I didn't see a single note about this in the documentation. I suggest to put it on this repo and maybe to the main ReadMe file for future troubleshooting.
Pokud v okamziku, kdy dochazi k update te CRL cache (doba behu cca 4s), se provede EET submit, odeslani nodobehne a konci vyjimkou. Uz se mi to takto potkalo asi 4x a konci vyjimkou javax.xml.ws.soap.SOAPFaultException: Fault string, and possibly fault code, not set
[2017-04-19T13:51:06.621+0200] [Payara 4.1] [WARNING] [] [org.apache.cxf.phase.PhaseInterceptorChain] [tid: _ThreadID=27 _ThreadName=http-thread-pool(3)] [timeMillis: 1492602666621] [levelValue: 900] [[
Interceptor for {http://fs.mfcr.cz/eet/schema/v3}EETService#{http://fs.mfcr.cz/eet/schema/v3}OdeslaniTrzby has thrown exception, unwinding now
java.util.concurrent.CancellationException
at java.util.concurrent.FutureTask.report(FutureTask.java:121)
at java.util.concurrent.FutureTask.get(FutureTask.java:192)
at cz.tomasdvorak.eet.client.security.crl.InMemoryCRLStore.getCRLStore(InMemoryCRLStore.java:53)
at cz.tomasdvorak.eet.client.security.MerlinWithCRLDistributionPointsExtension.verifyTrust(MerlinWithCRLDistributionPointsExtension.java:49)
at org.apache.wss4j.dom.validate.SignatureTrustValidator.verifyTrustInCerts(SignatureTrustValidator.java:108)
at org.apache.wss4j.dom.validate.SignatureTrustValidator.validate(SignatureTrustValidator.java:64)
at org.apache.wss4j.dom.processor.SignatureProcessor.handleToken(SignatureProcessor.java:185)
at org.apache.wss4j.dom.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:428)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:278)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:190)
at cz.tomasdvorak.eet.client.security.WSS4JEetInInterceptor.handleMessage(WSS4JEetInInterceptor.java:29)
at cz.tomasdvorak.eet.client.security.WSS4JEetInInterceptor.handleMessage(WSS4JEetInInterceptor.java:16)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:802)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1673)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1551)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1348)
at org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:56)
at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:215)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:651)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
at com.sun.proxy.$Proxy391.odeslaniTrzby(Unknown Source)
at cz.tomasdvorak.eet.client.EETClientImpl.submitReceipt(EETClientImpl.java:48)
2017-04-19 13:51:05.383 [pool-6646-thread-3] INFO cz.tomasdvorak.eet.client.security.crl.InMemoryCRLStore - CRL loaded from URI http://qcrldp3.ica.cz/2qca16_rsa.crl, storing in cache. Next update: Thu Apr 2
0 13:51:02 CEST 2017
2017-04-19 13:51:05.407 [pool-6646-thread-2] INFO cz.tomasdvorak.eet.client.security.crl.InMemoryCRLStore - CRL loaded from URI http://qcrldp2.ica.cz/2qca16_rsa.crl, storing in cache. Next update: Thu Apr 2
0 13:51:02 CEST 2017
2017-04-19 13:51:09.618 [pool-6646-thread-1] INFO cz.tomasdvorak.eet.client.security.crl.InMemoryCRLStore - CRL loaded from URI http://qcrldp1.ica.cz/2qca16_rsa.crl, storing in cache. Next update: Thu Apr 2
0 13:51:02 CEST 2017
Jde videt podle casu jak se to potkalo.
I can´t find package cz.etrzby.xml it is part of the project ?
Thanks
Zdravim,
rozhodol som sa pouzit tuto libku ale mam problem s nasledovnym. Skusam playground a dostavam neustale toto v logoch:
WARN WSS4JInInterceptor - Security processing failed (actions mismatch) | Neplatny podpis SOAP zpravy
Copy&paste examplu z readme s tym ze som dal spravne cesty k certifikatom :)
Viete mi poradit ?
Jeste mam zde tip pro nasazani v prostredi, kde se standardne pouzivaji knihovny JDK javax.ws, napr. J2EE Glassfish.
WS client stubs je potreba vytvaret pres factory knihovny WS Apache CXF, nebot classloader ws provider primarne pouzije knihovnou z javax.ws. Je potreba pozmenit kod metody getPort
ve tride SecureEETCommunication
/tak aby WS client byl implementovan vzdy knihovnou Apachace CXF/ nasledovne:
protected EET getPort(final CommunicationMode mode, final EndpointType endpointType) {
/*
* Pro Payara JEE nutno vytvaret stub pres factory kvuli zakazane delegaci javax
* https://github.com/payara/Payara/issues/1249
*/
final org.apache.cxf.jaxws.JaxWsProxyFactoryBean factory = new org.apache.cxf.jaxws.JaxWsProxyFactoryBean();
factory.setServiceClass(EET.class);
factory.getClientFactoryBean().getServiceFactory().setWsdlURL(WEBSERVICE.getWSDLDocumentLocation());
factory.setServiceName(WEBSERVICE.getServiceName());
final EET port = (EET) factory.create();
/* Puvodni verze
final EET port = WEBSERVICE.getEETServiceSOAP();
*/
final Client clientProxy = ClientProxy.getClient(port);
...
Vice k tomuto problemu je mozno docist se zde
The new wsdl under v3.0 does not have the WS-Policy as a part of its Source. I used to set the Signature and Digest Algorithm based on the policy described in the WSDL file (EETServiceSOAP). Now when i manually copy paste the policy from V2 it doesnot work. The Signature algorithm seem to be SHA1 rather than the required SHA256. Could you let me know if i am missing something?
EETServiceSOAP_v3.zip
I'm unable to generate FIK and BKP, because I get the following warning.
I've tried installing the I.CA Root certificate with keytool, but that didn't help.
I'm using the example code in the Usage section in readme.
Thanks for any help.
WARNING: Interceptor for {http://fs.mfcr.cz/eet/schema/v3}EETService#{http://fs.mfcr.cz/eet/schema/v3}OdeslaniTrzby has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: Error during certificate path validation: No trusted certs found
at org.apache.cxf.ws.security.wss4j.WSS4JUtils.createSoapFault(WSS4JUtils.java:277)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:333)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:190)
at cz.tomasdvorak.eet.client.security.SecureEETCommunication$1.handleMessage(SecureEETCommunication.java:135)
at cz.tomasdvorak.eet.client.security.SecureEETCommunication$1.handleMessage(SecureEETCommunication.java:119)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:802)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1673)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1551)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1348)
at org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:56)
at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:215)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:651)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
at com.sun.proxy.$Proxy70.odeslaniTrzby(Unknown Source)
at cz.tomasdvorak.eet.client.EETClientImpl.submitReceipt(EETClientImpl.java:35)
at application.Main.main(Main.java:49)
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Error during certificate path validation: No trusted certs found
at org.apache.wss4j.common.crypto.Merlin.verifyTrust(Merlin.java:877)
at cz.tomasdvorak.eet.client.security.MerlinWithCRLDistributionPointsExtension.verifyTrust(MerlinWithCRLDistributionPointsExtension.java:34)
at org.apache.wss4j.dom.validate.SignatureTrustValidator.verifyTrustInCerts(SignatureTrustValidator.java:108)
at org.apache.wss4j.dom.validate.SignatureTrustValidator.validate(SignatureTrustValidator.java:64)
at org.apache.wss4j.dom.processor.SignatureProcessor.handleToken(SignatureProcessor.java:185)
at org.apache.wss4j.dom.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:428)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:278)
... 23 more
Dobrý den,
děkuji za skvělou knihovnu! Mám dotaz na získání BKP v případě chyby. BKP by měl být dostupný a tisknout se na účtenku vždy.
Když server odpoví, ale nedostanu FIK (SubmitResult result = client.submitReceipt(..)
), volání result.getBKP()
vrátí NULL
.
Když dojde k chybě komunikace (catch (final CommunicationException e)
), není metoda pro získání BKP k dispozici. Možná by šel BKP získat přes e.getRequest().getKontrolniKody().getBkp()
?
Jak prosím dostat BKP vždy? Děkuji.
Neni zbytecne 2x podepisovat stejny zdroj dat pri vytvareni requestu?
public String getBKP(final TrzbaDataType data)
vola jiz volany getPKP
public String getBKP(final TrzbaDataType data)
-> public String getBKP(final byte[] pkp)
a volat
new BkpElementType().withValue(securityCodesGenerator.getBKP(pkp.getValue()))...
BKP otisk je podminen existenci PKP a navic pokud by se pouzil nedeterministicky podepisovaci algoritmus byla by stavajici implementace chybna
Ahoj Tome,
Díky za super práci na EET pro Javu, cením si toho nesmírně, kód a navržené API je super!
Pokud přistupuju na PRODUCTION
endpoint s modem TEST
a odopvěď od EET je code: 0, content: "Datovou zpravu evidovane trzby v overovacim modu se podarilo zpracovat", pak v objektu OdpovedChybaType
je test
field null a v cz.tomasdvorak.eet.client.errors.EetErrorConverter#getErrorType to vylítne na NPE, viz stacktrace.
Koumnikaci zkouším s posledním 3.0.0-beta6 verzí.
Caused by: java.lang.NullPointerException
at cz.tomasdvorak.eet.client.errors.EetErrorConverter.getErrorType(EetErrorConverter.java:16)
at cz.tomasdvorak.eet.client.EETClientImpl.convertToSubmitResult(EETClientImpl.java:105)
at cz.tomasdvorak.eet.client.EETClientImpl.sendSync(EETClientImpl.java:61)
S pozdravem
Pepa
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.