java.lang.NoSuchMethodError: org.apache.xml.security.encryption.XMLCipher.martial(Document;ReferenceList;)

Question

I m trying to encrypt my XMl with this call:

XMlCipher.martial(Document context,ReferenceList referenceList)

for this the Project is referencing the xmlsec-1.5.3.jar

I'm able to build and deploy the code successfully on weblogic server , but post execution I'm getting the below error in logs.

Caused by: java.lang.NoSuchMethodError: 
org.apache.xml.security.encryption.XMLCipher.martial(Lorg/w3c/dom/Document;Lorg/apache/xml/security/encryption/ReferenceList;)Lorg/w3c/dom/Element;
at com.ally.util.encryption.EncryptionUtil.generateEncryptedXML(EncryptionUtil.java:381)
at com.ally.util.encryption.EncryptionUtil.getEnryptedXMLDocument(EncryptionUtil.java:443)
at com.ally.partner.fis.acctinq.FISSoapHandler.getFISEncryptedHeader(FISSoapHandler.java:154)

Answer 1

This kind of error is ALWAYS caused by having more than one reference of the XMlCipher on your classpath. It could be a duplicate xmlsec.jar or another instance of the XMlCipher in a different jar.

You have a few options to debug the problem:

• Edit your war file to remove the duplicate jar and/or different version of the XMlCipher class
• Connect to your weblogic managed server with jconsole and look at the classpath. See if you notice another instance of the xmlsec.jar being included

You may need to tell weblogic to prefer the instance of the class that lives within your .war/.ear file by specifying the following in your weblogic.xml:

<container-descriptor>
    <prefer-web-inf-classes>true</prefer-web-inf-classes>
</container-descriptor>

<wls:container-descriptor>
     <wls:prefer-application-packages>
         <wls:package-name>org.apache.xml.security.*</wls:package-name>
     </wls:prefer-application-packages>
</wls:container-descriptor>

See the docs for more details and similar questions like: Weblogic 10.3.1.0 is using com.bea.core.apache.commons.net_1.0.0.0_1-4-1.jar... I want to use commons-net-2.0.jar from my code

Answer 2

I realize you didn't mention the use of Maven or SoapUI, but I was receiving a similar exception (java.lang.NoSuchMethodError: org.apache.xml.security.encryption.XMLCipher.setSecureValidation) when attempting to use the soapui-maven-plugin and wanted to post my solution to hopefully help.

The fix for me was to add an xml-security dependency to the soapui-maven-plugin inside the pom.xml like so:

<!-- To run, enter this command from the module directory:  mvn soapui:test -->
<build>
 <plugins>
    <plugin>
        <groupId>com.smartbear.soapui</groupId>
        <artifactId>soapui-maven-plugin</artifactId>
        <version>5.1.1</version>
        <dependencies>
            <dependency>
                <groupId>org.apache.santuario</groupId>
                <artifactId>xmlsec</artifactId>
                <version>1.5.2</version>
            </dependency>
        </dependencies>
        <configuration>
            <projectFile>src/test/soap-ui/your-soapui-xml-file.xml</projectFile>
        </configuration>
    </plugin>
</plugins>

In my case, I didn't have an xml security dependency anywhere else in my project.

In other cases, it seems like some may be experiencing this error due to having multiple xml security dependencies throughout their project (and they are conflicting, like one answer is already alluding to). So, if the above fix doesn't work for you in that scenario, you may need to look into which dependencies in your project are including xml security and deciding which one you want to include and which one you want to exclude (e.g. using Maven's exclusion or provided scope markings in the given pom).