Random SSL error in custom trigger; compiled .jar - Forum - Rollbase - Progress Community

Random SSL error in custom trigger; compiled .jar

 Forum

Random SSL error in custom trigger; compiled .jar

This question is answered
SSLError.png
On startup of a 3.2.2 Private Cloud instance, occasionally a compiled .jar custom trigger is throwing the following error: com.sun.net.ssl.internal.www.protocol.https.httpsurlconnectionoldimpl cannot be cast to javax.net.ssl.httpsurlconnection See attached image. A reliable fix seems to be just stopping / starting the Rollbase instance. Has anyone else experienced this problem? And have a solution?
Verified Answer
All Replies
  • Hello,

    Is this issue re-occuring even after the server restart?

    Thank you,
    Gian
  • It has, yes. That is the concern.

    It happens randomly, and it occurs after any given restart, and remains in the condition of throwing the error until after another restart.

    This is going to be difficult to reproduce reliably. During the development of the Custom Trigger code, in Eclipse on Windows, I was seeing this on a Windows instance of Private Cloud 3.2.2. Thinking it was 'Windoze', I was totally surprised to have it happen when we installed the customt.jar into one of our cloud 3.2.2 Linux instances.

    Is there any other information I can gather that might help? The Java inside the custom trigger calls out over the web via https:// to fetch a ticket for another cross-platform product of ours. I had some SSL difficulties to work through during the development cycle, such as 2048-bit cipher keys on the cert. we use; and overriding TrustManger using one of its subclasses to remove the need to install the cert. in the local JRE keystore.

  • Hello,

    Can you file a support ticket for this so that support can assist you with your SSL issue in yourPrivate Cloud Instance?

    Thank you,
    Gian
  • You mentioned "The Java inside the custom trigger calls out over the web via https:// to fetch a ticket for another cross-platform product of ours."

    For doing this what did you use, did you write your HTTP client code or used Rollbase HTTP util methods ?

    Can you share the code that was used to make this call ?

  • See this thread on stackoverflow:

    stackoverflow.com/.../java-lang-classcastexception-com-sun-net-ssl-internal-www-protocol-https-httpsu

    EDIT: Nevermind, this code should be modified in rollbase classes, maybe it is useful for progress support instead.

  • Custom trigger involves writing Java classes and adding to Rollbase classpath. So once we see that code we can determine whether fixes are needed in Custom Trigger Code or Rollbase classes.

  • 00313849 in Rollbase Support was created per request from Gian T. I did attach the code I'm using on that Case.

  • Thanks. We have identified the issue. Gian, please create a defect linked to the support case.

    Meanwhile, can you try this workaround and respond if it works for you ?

    Add the following code to custom trigger before making calls to the HTTPs service.

    Remove the code if this causes any other side effects. I have not fully tested this yet.

    		String s = System.getProperty("java.protocol.handler.pkgs");
    		if("com.sun.net.ssl.internal.www.protocol".equals(s)){
    			System.clearProperty("java.protocol.handler.pkgs");
    		}
    


  • I placed your suggested code immediately before creating the java.net.URL. I deployed the new compiled custom.jar and have not seen the problem so far after a couple stop / start cycles of Rollbase. I will keep an eye on it, and try some stop / start cycles over the next few days. Otherwise, the trigger stills works, i.e. I have not seen any adverse effects.

                   //sun namespace work-around from Anoop Premachandran at Progress

           String s = System.getProperty("java.protocol.handler.pkgs");

    if("com.sun.net.ssl.internal.www.protocol".equals(s)){

    System.clearProperty("java.protocol.handler.pkgs");

    }

    //GET

           java.net.URL url = new java.net.URL(biURL + "/qvajaxzfc/getwebticket.aspx?cmd=%3CGlobal%20method%3D%27GetWebTicket%27%3E%3CUserId%3E" + biUser + "." + orgXref + "%3C%2FUserId%3E%3C%2FGlobal%3E");

    javax.net.ssl.HttpsURLConnection con = (javax.net.ssl.HttpsURLConnection)url.openConnection();

    con.setRequestMethod("GET");

    con.setHostnameVerifier(allHostsValid);

    con.connect();

  • This morning, after the long weekend, the Custom trigger code was throwing the errors below, found in the event.log.

    No errors were bubbled to the UI anywhere. I wonder if the code I added just hid the errors. I really would rather have the errors raised to the UI, rather than being hidden.

    I restarted Rollbase and all is well again.

    [2015-05-26 10:05:05,615] java.lang.ClassCastException: com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl cannot be cast to javax.net.ssl.HttpsURLConnection

    at trigger.CustomTrigger.trigger(CustomTrigger.java:160)

    at com.rb.core.services.event.TriggerRunner.runSelected(TriggerRunner.java:789)

    at p4.ApiController.runTrigger(ApiController.java:635)

    at p4.ApiController.dispatch(ApiController.java:103)

    at com.rb.core.logics.servlet.AjaxServlet.doGet(AjaxServlet.java:395)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

    at com.rb.util.web.NoCacheFilter.doFilter(NoCacheFilter.java:41)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)

    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)

    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)

    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)

    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)

    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)

    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)

    at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:200)

    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)

    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)

    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)

    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)

    at java.lang.Thread.run(Thread.java:745)

    [2015-05-26 10:05:16,752] ===> Error in thread ajp-bio-8009-exec-2 at 05/26/2015 10:05 AM: Error in trigger BinformedGetWebTicket

    [2015-05-26 10:05:16,752] java.lang.ClassCastException: com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl cannot be cast to javax.net.ssl.HttpsURLConnection

    at trigger.CustomTrigger.trigger(CustomTrigger.java:160)

    at com.rb.core.services.event.TriggerRunner.runSelected(TriggerRunner.java:789)

    at p4.ApiController.runTrigger(ApiController.java:635)

    at p4.ApiController.dispatch(ApiController.java:103)

    at com.rb.core.logics.servlet.AjaxServlet.doGet(AjaxServlet.java:395)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

    at com.rb.util.web.NoCacheFilter.doFilter(NoCacheFilter.java:41)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)

    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)

    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)

    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)

    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)

    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)

    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)

    at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:200)

    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)

    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)

    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)

    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)

    at java.lang.Thread.run(Thread.java:745)

  • We will be making the fix in our code. I was hoping the above code help with the fix in the interim

  • This is fixed in 4.0