rakesh-roshan / geocoder-java

Automatically exported from code.google.com/p/geocoder-java
0 stars 0 forks source link

Google maps URL conflicts with Weblogic security #41

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. On WebLogic server 10.35

2. Use Google Business license, clientId & clientKey
   //Used following constructor
   Geocoder gglGeoCoder = new Geocoder(gglClientId, gglClientKey);

   //In request method url.openStream() gives Security Exception
   protected GeocodeResponse request(Gson gson, String urlString){}

   Though generated urlString is good and opens JSON object in the browser.

   Error is like :
   <Apr 10, 2014 9:33:22 PM EDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=KEYNECTIS ROOT CA,OU=ROOT,O=KEYNECTIS,C=FR". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Apr 10, 2014 9:33:22 PM EDT> <Notice> <Security> <BEA-090898> <Ignoring the 
trusted CA certificate "CN=GeoTrust Primary Certification Authority - G3,OU=(c) 
2008 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US". The loading 
of the trusted certificate list raised a certificate parsing exception PKIX: 
Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Apr 10, 2014 9:33:22 PM EDT> <Warning> <Security> <BEA-090504> <Certificate 
chain received from maps.googleapis.com - 74.125.196.95 failed hostname 
verification check. Certificate contained *.googleapis.com but check expected 
maps.googleapis.com>

It seems there is some conflict with Weblogic digital security. 

3. a- This whole thing works fine if I execute this as stand alone   
application (from main method). It gives security Error only when running on 
Weblogic server with Google license. 
b- Same application works good on Weblogic also if we don't use clientId and 
clientKey (like Geocoder gglGeoCoder = new Geocoder();)

Expected output should be GSON object without this security error. 

Geocoder-java version 0.15 with jdk1.6.0_17 is being used on windows 7 (32bit) 
and on Linux.

I think this API is doing its job very correctly but there is some security 
conflict coming from Weblogic when 
URL url = new URL(urlString);
url.openStream(urlString); //Security Error comes here

Please let me know if you came across before or already know how to bypass
this security conflict on weblogic server.

Thanks a ton

Original issue reported on code.google.com by sjan...@gmail.com on 11 Apr 2014 at 11:34

GoogleCodeExporter commented 9 years ago
Looks like this is Java environment issue 
Plewase try with latest java 1.6 version

Original comment by panchmp on 12 Apr 2014 at 12:51

GoogleCodeExporter commented 9 years ago
I implemented a work around bypassing the WebLogic security issue. It is 
working now.
Thanks . . . Javed 

Original comment by sjan...@gmail.com on 12 Apr 2014 at 2:53

GoogleCodeExporter commented 9 years ago

Original comment by panchmp on 30 Apr 2014 at 10:25