Thursday, October 29, 2015

How to resolve: java.lang.ClassCastException: weblogic.net.http.SOAPHttpsURLConnection cannot be cast to javax.net.ssl.HttpsURLConnection

Hi. Today I will share easy recipe to resolve following error:

<org.jsfportal.shiro.FacebookRealm> <FacebookRealm> <doGetAuthenticationInfo> <Throwable: weblogic.net.http.SOAPHttpsURLConnection cannot be cast to javax.net.ssl.HttpsURLConnection> 
java.lang.ClassCastException: weblogic.net.http.SOAPHttpsURLConnection cannot be cast to javax.net.ssl.HttpsURLConnection
    at pl.windroos.shiro.FacebookRealm.readURL(FacebookRealm.java:118)
    at pl.windroos.shiro.FacebookRealm.doGetAuthenticationInfo(FacebookRealm.java:84)
    at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
    at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doMultiRealmAuthentication(ModularRealmAuthenticator.java:219)
    at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:269)
    at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
    at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
    at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
    at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
    at pl.windroos.shiro.FacebookLoginServlet.doGet(FacebookLoginServlet.java:53)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:687)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:286)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:260)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:137)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:350)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:25)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
    at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61)
    at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
    at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
    at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
    at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
    at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
    at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
    at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
    at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
    at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
    at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
    at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
    at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:141)
    at java.security.AccessController.doPrivileged(Native Method)
    at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
    at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:649)
    at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:124)
    at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:232)
    at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:94)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
    at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:224)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
    at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:32)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3654)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3620)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:326)
    at weblogic.security.service.SecurityManager.runAsForUserCode(SecurityManager.java:196)
    at weblogic.servlet.provider.WlsSecurityProvider.runAsForUserCode(WlsSecurityProvider.java:203)
    at weblogic.servlet.provider.WlsSubjectHandle.run(WlsSubjectHandle.java:71)
    at weblogic.servlet.internal.WebAppServletContext.doSecuredExecute(WebAppServletContext.java:2423)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2280)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2258)
    at weblogic.servlet.internal.ServletRequestImpl.runInternal(ServletRequestImpl.java:1626)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1586)
    at weblogic.servlet.provider.ContainerSupportProviderImpl$WlsRequestExecutor.run(ContainerSupportProviderImpl.java:270)
    at weblogic.invocation.ComponentInvocationContextManager._runAs(ComponentInvocationContextManager.java:348)
    at weblogic.invocation.ComponentInvocationContextManager.runAs(ComponentInvocationContextManager.java:333)
    at weblogic.work.LivePartitionUtility.doRunWorkUnderContext(LivePartitionUtility.java:54)
    at weblogic.work.PartitionUtility.runWorkUnderContext(PartitionUtility.java:41)
    at weblogic.work.SelfTuningWorkManagerImpl.runWorkUnderContext(SelfTuningWorkManagerImpl.java:617)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:397)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:346)

The error can occur only when you deployed your appplication to the Weblogic Server and you try to run following (or simillar) code:

URL url;
url = new URL("https://yoururl.com");
HttpsURLConnection con = (HttpsURLConnection)url.openConnection();

There are two (or maybe more) ways to bypass this problem.
  1. Fix your code. You can create URL object in a following way:
    url = new URL(null,"https://yoururl.com",new sun.net.www.protocol.https.Handler());
  2. Using a more "general" solution you can force the usage of the Sun Http Handlers instead of the Weblogic specific. To do this you should add java option: -DUseSunHttpHandler in startWeblogic.sh or startWeblogic.cmd:
    set JAVA_OPTIONS=%JAVA_OPTIONS% -DUseSunHttpHandler=true

3 comments: