Search

OUR API

API Developer Guides API Reference Sample Code [on GitHub]
SDKs [on GitHub] API Change Log System Change Log
Upgrade Guide

Hello World

Get Started Common Setup Questions How Payments Work
Testing Guide Go-Live Checklist

Support

Get Support News and Announcements Forums
Authorize.net on GitHub Authorize.net on Stack Overflow Developer Blog
Response (Error) Codes FAQs Knowledge Base

Sign In

Sandbox Affiliate

Search Developer Site

Integration and Testing

Authorize.Net API questions and help with your payment integration.

Reply
Contributor
eran
Posts: 13
Registered: ‎10-02-2011

NullPointerException in Java SDK

‎12-10-2011 10:53 PM

In our testing environment I see a NullPointerException that is originated from the Java SDK.

Looking deeper, this is triggered by a SSLPeerUnverifiedException that is not handled properly, returning a non initialized result object.

Here's the relevant log:

10:52:55,073 ERROR HttpClient:268 - HttpClient execution failed
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
    at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352)
    at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
    at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397)
    at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
    at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
    at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
    at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:573)
    at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:425)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:732)
    at net.authorize.util.HttpClient.executeXML(HttpClient.java:211)
    at net.authorize.Merchant.executeTransaction(Merchant.java:305)
    at net.authorize.Merchant.postTransaction(Merchant.java:294)
    at com.outbrain.paymentgateway.facade.chase.ChasePaymentGatewayFacade.createCustomerProfile(ChasePaymentGatewayFacade.java:81)

 
Followed by the NullPointerException:

java.lang.NullPointerException
    at net.authorize.cim.Result.importRefId(Result.java:105)
    at net.authorize.cim.Result.createResult(Result.java:46)
    at net.authorize.Merchant.p...

 I opened a ticket for this, but customer support have developers on their team...

 

My questions are:

  1. How come I get this exception? The tests normally pass, and about 1-3 times a day there's a random failure like this, in 1 or 2 of my tests - all using the same Merchant instance.
  2. Is anyone developing the Java SDK at all, or is this just a community library? I attempted to suggest a patch to another bug I found, but got no update on this, and the latest version doesn't contain my fix.
  3. Is there a way to contribute code fixes, or do I have to maintain a private version in my code base?
5 people had this problem.
Message 1 of 8 (128,825 Views)
0 Kudos
Contributor
eran
Posts: 13
Registered: ‎10-02-2011

Re: NullPointerException in Java SDK

‎01-07-2012 11:34 PM

Isn't there anybody who can at least answer parts of this post?

Message 2 of 8 (122,625 Views)
0 Kudos
TJPride
Posts: 1,609
Topics: 15
Kudos: 209
Solutions: 121
Registered: ‎06-23-2011

Re: NullPointerException in Java SDK

‎01-08-2012 12:31 AM

Well, it's not one of the commonly-used libraries. Most people seem to be using PHP or C#. So you're not going to get feedback as promptly. Judging by past experience, they'll have someone come by every now and then and pass along bugs / bug fixes people have posted, but it may be some time before they make it into the official code base. You could try sending Michelle a PM and see if she can hurry things along, however:

http://community.developer.authorize.net/t5/user/viewprofilepage/user-id/2

 

She seems to be the most common mod posting in here.

Message 3 of 8 (122,621 Views)
Member
jgathings
Posts: 2
Registered: ‎02-22-2012

Re: NullPointerException in Java SDK

‎02-22-2012 01:15 PM

Hi,

 

Were you able to resolve this issue?  I have code that has been stable for months and all of a sudden seeing this error.  Comments would be greatly appreciated.

 

Thanks

Message 4 of 8 (122,559 Views)
0 Kudos
Contributor
missbossy
Posts: 15
Registered: ‎10-14-2011

Re: NullPointerException in Java SDK

‎02-22-2012 02:12 PM

I'm having the same 'peer not authenticated' error all of a sudden. Please help.

 

Thanks,

Monique

Message 5 of 8 (122,552 Views)
0 Kudos
Contributor
eran
Posts: 13
Registered: ‎10-02-2011

Re: NullPointerException in Java SDK

‎02-22-2012 11:40 PM

@jgathings,  @missbossy

I haven't  resolved the issue, and I was told in support to ask for help here.

 

What I did manage to acheive, is to modify the source code so that at least I won't be getting a NPE, instead I get a failure response, which works better for me. There's no where to place my patches here so I keep a private version...

 

It kind of saddens me, that there's no where to contribute code here, and that the Java API development looks dead.

I'm seriously considering migrating to another payment gateway provider.

Message 6 of 8 (122,542 Views)
0 Kudos
Contributor
missbossy
Posts: 15
Registered: ‎10-14-2011

Re: NullPointerException in Java SDK

‎02-23-2012 10:22 AM

Is the  'peer not authenticated' error only a problem in test environments? Or is it also happening in production environments?

Message 7 of 8 (122,531 Views)
0 Kudos
Member
jgathings
Posts: 2
Registered: ‎02-22-2012

Re: NullPointerException in Java SDK

‎02-23-2012 01:32 PM

It appears to only occur in testing environments.  As a consultant I don't have access to production credentials, nor do I want them.  The solution we used to solve the problem was to modify net.authorize.util.HttpClient.  We added an inner class:

 

class WebClientDevWrapper {

    public static DefaultHttpClient wrapClient(DefaultHttpClient base) {
        try {
            SSLContext ctx = SSLContext.getInstance("TLS");
            X509TrustManager tm = new X509TrustManager() {

                public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {
                }

                public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {
                }

                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
            };
            X509HostnameVerifier verifier = new X509HostnameVerifier() {

                @Override
                public void verify(String string, SSLSocket ssls) throws IOException {
                }

                @Override
                public void verify(String string, X509Certificate xc) throws SSLException {
                }

                @Override
                public void verify(String string, String[] strings, String[] strings1) throws SSLException {
                }

                @Override
                public boolean verify(String string, SSLSession ssls) {
                    return true;
                }
            };
            ctx.init(null, new TrustManager[]{tm}, null);
            SSLSocketFactory ssf = new SSLSocketFactory(ctx);
            ssf.setHostnameVerifier(verifier);
            ClientConnectionManager ccm = base.getConnectionManager();
            SchemeRegistry sr = ccm.getSchemeRegistry();
            sr.register(new Scheme("https", ssf, 443));
            return new DefaultHttpClient(ccm, base.getParams());
        } catch (Exception ex) {
            ex.printStackTrace();
            return null;
        }
    }
}

 

And an additional modification:

 

                if(Environment.SANDBOX.equals(environment) ||
                        Environment.SANDBOX_TESTMODE.equals(environment)) {
                    InputStream outstream = (InputStream)httpPost.getEntity().getContent();
                    String requestData = convertStreamToString(outstream);
                    httpClient = WebClientDevWrapper.wrapClient(httpClient);
                    logger.debug("SANDBOX MODES ONLY>> Url-encoded request data: " + requestData);
                }

 

Check this url for a discussion of the technique: http://javaskeleton.blogspot.com/2010/07/avoiding-peer-not-authenticated-with.html.

 

I hope this post saves someone a lot of stress!

Message 8 of 8 (122,525 Views)
0 Kudos