JazzRootServicesHelper giving RootServicesException while deploying our java application on a server

deepakr · October 6, 2023, 6:54am

We are deploying our java based application on a server and getting following Exception-

"2023-10-05 03:18:15 ERROR WorkItemWebService:294 - Number of Tasks == 1
2023-10-05 03:18:15 ERROR WorkItemWebService:502 - Mfg Indicator == X
2023-10-05 03:18:15 ERROR WorkItemWebService:300 - Creating Task : Task~AravindGCL~1221683324397709~Modified
2023-10-05 03:18:15 ERROR WorkItemWebService:367 - Create Task Job Started from the web Service call*****************
2023-10-05 03:18:15 ERROR EnoviaHttpClient:262 - OSLCC003: An error occurred processing the root services document. Server location: https://qa-clm.pw.ge.com/ccm.
org.eclipse.lyo.client.exception.RootServicesException: OSLCC003: An error occurred processing the root services document. Server location: https://qa-clm.pw.ge.com/ccm.
at org.eclipse.lyo.client.oslc.jazz.JazzRootServicesHelper.processRootServices(JazzRootServicesHelper.java:193) ~[oslc-java-client-2.1.0.jar:?]
at org.eclipse.lyo.client.oslc.jazz.JazzRootServicesHelper.(JazzRootServicesHelper.java:116) ~[oslc-java-client-2.1.0.jar:?]
at org.eclipse.lyo.oslc4j.enovia.utils.EnoviaUtility.CheckRTCService(EnoviaUtility.java:253) [classes/:?]
at org.eclipse.lyo.oslc4j.enovia.services.WorkItemWebService.createTaskData(WorkItemWebService.java:372) [classes/:?]
at org.eclipse.lyo.oslc4j.enovia.services.WorkItemWebService.getPLMObjectDetails(WorkItemWebService.java:303) [classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90) ~[?:1.8.0]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55) ~[?:1.8.0]
at java.lang.reflect.Method.invoke(Method.java:508) ~[?:1.8.0]
at org.apache.wink.server.internal.handlers.InvokeMethodHandler.handleRequest(InvokeMethodHandler.java:63) [com.ibm.websphere.appserver.thirdparty.jaxrs_1.0.41.jar:?]
Caused by: org.apache.wink.client.ClientRuntimeException: java.lang.RuntimeException: java.lang.RuntimeException: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at org.apache.wink.client.internal.ResourceImpl.invoke(ResourceImpl.java:240) ~[com.ibm.websphere.appserver.thirdparty.jaxrs_1.0.41.jar:?]
"

We have used following code in our application-

JazzRootServicesHelper helper = new JazzRootServicesHelper(cnfprop.getWebContextUrl(),

				OSLCConstants.OSLC_CM_V2);

		JazzFormAuthClient client = helper.initFormClient(cnfprop.getUser(), cnfprop.getPassword());

Now from google, I have got an information that initFormClient() method has been deprecated and most probably this initFormClient() method is giving RootServicesException only.

Our concern is that we are using the same initFormClient() method in our production and that can cause an issue in future. So we want information and your help regarding that.?

The JazzRootServicesHelper.java is a part of oslc-java-client-2.1.0.jar and initFormClient() method Creates a form auth client for authenticating with the Jazz server. So, Please confirm if you know that something got changed here?

Also confirm that OSLCConstants.OSLC_CM_V2, id this the right constant to be used here?

andrew · October 6, 2023, 7:16am

Hello @deepakr,

Great to see you using OSLC and Lyo in your project.

Lyo 2.1.0 was released in 2014 and is not supported any more.

Lyo 5.1.1 is the latest release. 5.0.0 addressed two important CVEs related to security vulnerabilities around RDF/XML input processing, one in Lyo itself and one in Jena, our main dependency.

I strongly urge you to update to Lyo 5 or ask your vendor/contractor to do so.

Regarding your questions, I recall specifically that we had some fixes for the RootServices class around Lyo 2.4.0 and constants fixes because some of their values were misleading around Lyo 4.1/5.0. So, you may indeed be hitting some bugs in Lyo that we addressed in later versions.

Best regards,
Andrew

deepakr · October 6, 2023, 7:48am

Hi @andrew, Thank you very much for your response. I just want to add one more information related to above case. With the same code, it is working fine on other environments and that too without any error/exception using same Lyo 2.1.0.

andrew · October 6, 2023, 8:00am

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated indicates some SSL/TLS problems. Check that your Java version is recent (as in, if you are on Java 8, make sure you run 8u382+), the certs are not expired, that the server you are trying to talk to uses TLS version supported in your Java version etc (you may need to pass some special -Djdk.tls.client.protocols flag to the JVM).

jad · October 6, 2023, 9:02am

Are the other environments using http or https?
the use of self-signed certificates is also a source of such problems.

My guess is that the other environments are either (a) using http or (b) have proper certificates.
And that would be the main reason for your problems, and not the code.