Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
269 views
in Technique[技术] by (71.8m points)

Calling Java from Oracle, PLSQL causing oracle.aurora.vm.ReadOnlyObjectException

My problem is linked to this topic Calling Java from PLSQL causing oracle.aurora.vm.ReadOnlyObjectException

All of a sudden since today we are getting an error in our Production when a Java code is being executed from PLSQL, note that we have this error sometimes and don't know why, in past by deleting all classes and reloads them solved the issue but this time not :

Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production

java.version = 1.6.0_71

sonic_Client = 8.6.0

PROCEDURE LOG_AND_SEND_TO_QUEUE_PR(
    msg                                             VARCHAR2,
    clientID                                        VARCHAR2,
    typeMessage                                     VARCHAR2,
    providerUrl                                     VARCHAR2,
    destination                                     VARCHAR2,
    usr                                             VARCHAR2,
    pwd                                             VARCHAR2,
    isTopic                                         VARCHAR2,
    ENABLED_HTTPS_ALGORITHM VARCHAR2 )
AS
  LANGUAGE JAVA NAME 'jms.cxmessenger.SonicSender.doSend(java.lang.String, java.lang.String,java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String)';

jms.cxmessenger.SecureTrustManager is set by System property used by SonicMQ client.

package jms.cxmessenger;

import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;
import java.util.NoSuchElementException;

import javax.naming.InvalidNameException;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

public class SecureTrustManager implements X509TrustManager {
    private static final X509Certificate[] EMPTY_X509CERTIFICATE_ARRAY = new X509Certificate[0];
    private CustomDefaultHostnameVerifier verifier = new CustomDefaultHostnameVerifier();

    private TrustManager[] trustManagers;

    {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory
                    .getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            trustManagers = trustManagerFactory.getTrustManagers();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public void check(X509Certificate[] chain, String authType) throws CertificateException {
        boolean trusted = false;
        if (chain.length > 0) {
            for (TrustManager trustManager : trustManagers) {
                try {
                    if (trustManager instanceof X509TrustManager) {
    /* line 43 */       ((X509TrustManager) trustManager).checkServerTrusted(chain, authType);//line 43
                        trusted = true;
                    }
                } catch (CertificateException e) {
                }
            }
        }
        if (!trusted && !Boolean.getBoolean("DEACTIVATE_HOSTNAME_VALIDATION")) {
            checkCN(chain);
        }
    }

    public X509Certificate[] getValidCertificates(X509Certificate[] chain, String peerHost) {
        return verifier.getValidCertificates(chain, peerHost);
    }

    private void checkCN(X509Certificate[] chains) throws CertificateException {
        if (Boolean.getBoolean("DEBUG")) {
            System.out.println("checkCN(X509Certificate[] chains) : " + Arrays.toString(chains));
        }
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < chains.length; i++) {
            String cn = extractCN(chains[i].getIssuerX500Principal().getName());
            if (cn == null) {
                sb.append("
	Failed to authenticate Server CA : Name = "
                        + chains[i].getIssuerX500Principal().getName());
            } else {
                return;
            }
        }
        if (Boolean.getBoolean("DEBUG")) {
            System.out.println("sb.toString : " + sb.toString());
        }
        throw new CertificateException(sb.toString());
    }

    private String extractCN(final String subjectPrincipal) {
        if (subjectPrincipal == null) {
            return null;
        }
        try {
            final LdapName subjectDN = new LdapName(subjectPrincipal);
            final List<Rdn> rdns = subjectDN.getRdns();
            for (int i = rdns.size() - 1; i >= 0; i--) {
                final Rdn rds = rdns.get(i);
                final Attributes attributes = rds.toAttributes();
                final Attribute cn = attributes.get("cn");
                if (cn != null) {
                    try {
                        final Object value = cn.get();
                        if (value != null) {
                            return value.toString();
                        }
                    } catch (final NoSuchElementException ignore) {
                    } catch (final NamingException ignore) {
                    }
                }
            }
        } catch (final InvalidNameException e) {
        }
        return null;
    }

    @Override
    public void checkClientTrusted(X509Certificate[] certificates, String paramString) throws CertificateException {
        for (X509Certificate certificate : certificates) {
            certificate.checkValidity();
        }
        check(certificates, paramString);
    }

    @Override
    public void checkServerTrusted(X509Certificate[] certificates, String paramString) throws CertificateException {
        for (X509Certificate certificate : certificates) {
            certificate.checkValidity();
        }
        check(certificates, paramString);
    }

    @Override
    public X509Certificate[] getAcceptedIssuers() {
        return trustManagers != null && trustManagers.length > 0 && trustManagers[0] instanceof X509TrustManager
                ? ((X509TrustManager) trustManagers[0]).getAcceptedIssuers() : EMPTY_X509CERTIFICATE_ARRAY;
    }

}

javax.net.ssl.SSLException: oracle.aurora.vm.ReadOnlyObjectException at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java) at jms.cxmessenger.JSSESSLImpl.createSSLSocket(JSSESSLImpl.java) at jms.cxmessenger.JSSESSLImpl.createSSLSocket(JSSESSLImpl.java:69) at progress.message.net.ssl.ProgressSslSocket.(ProgressSslSocket.java) at progress.message.net.ssl.ProgressSslSocket.(ProgressSslSocket.java:163) at progress.message.net.ssl.ProgressSslSocketFactory.createProgressSocket(ProgressSslSocketFactory.java:172) at progress.message.net.ProgressSocketFactory.createProgressSocket(ProgressSocketFactory.java:180) at progress.message.zclient.Connection.openSocket(Connection.java:3660) at progress.message.zclient.Connection.connectWithRecoveryOpt(Connection.java) at progress.message.zclient.ReconnectHelper.connectAndChaseSingleFailoverRedirect(ReconnectHelper.java:534) at progress.message.zclient.ReconnectHelper.connect(ReconnectHelper.java) at progress.message.zclient.Connection.connect(Connection.java:1585) at progress.message.jimpl.Connection.(Connection.java:886) at progress.message.jclient.ConnectionFactory.createConnection(ConnectionFactory.java:2316) at jms.cxmessenger.SonicSender.doSend(SonicSender.java:73)

Caused by: oracle.aurora.vm.ReadOnlyObjectException at jms.cxmessenger.SecureTrustManager.check(SecureTrustManager.java:43) at jms.cxmessenger.SecureTrustManager.checkServerTrusted(SecureTrustManager.java) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java) at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java) at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java) ... 16 more

Can some one help

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Are you sure you got the right jar version? I wouldn't expect jms.cxmessenger.* until cx messenger or sonic 2015(not sure). cxmessenger is the latest version.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...