Describe the bug
We run an EMR cluster and at runtime assume a cross account role to read
from an s3 bucket, which seems to work, but then randomly fails.
Unfortunately we can't see the error because this parsing error.
Unable to configure DocumentBuilderFactory to protect against XXE attacks
java.lang.IllegalArgumentException: Property 'http://xml.org/sax/features/external-general-entities' is not recognized.
at org.apache.xerces.jaxp.DocumentBuilderFactoryImpl.setAttribute(Unknown Source)
at com.amazonaws.util.XpathUtils.configureXercesFactory(XpathUtils.java:675)
Expected Behavior
Xerces should be happy
Current Behavior
Xerces is not happy
Log snippet
Unable to configure DocumentBuilderFactory to protect against XXE attacks
java.lang.IllegalArgumentException: Property 'http://xml.org/sax/features/external-general-entities' is not recognized.
at org.apache.xerces.jaxp.DocumentBuilderFactoryImpl.setAttribute(Unknown Source)
at com.amazonaws.util.XpathUtils.configureXercesFactory(XpathUtils.java:675)
at com.amazonaws.util.XpathUtils.initialConfigureDocumentBuilderFactory(XpathUtils.java:655)
at com.amazonaws.util.XpathUtils.configureDocumentBuilderFactory(XpathUtils.java:643)
at com.amazonaws.util.XpathUtils.documentFrom(XpathUtils.java:173)
at com.amazonaws.util.XpathUtils.documentFrom(XpathUtils.java:187)
at com.amazonaws.http.DefaultErrorResponseHandler.parseXml(DefaultErrorResponseHandler.java:124)
at com.amazonaws.http.DefaultErrorResponseHandler.documentFromContent(DefaultErrorResponseHandler.java:105)
at com.amazonaws.http.DefaultErrorResponseHandler.createAse(DefaultErrorResponseHandler.java:84)
at com.amazonaws.http.DefaultErrorResponseHandler.handle(DefaultErrorResponseHandler.java:71)
at com.amazonaws.http.DefaultErrorResponseHandler.handle(DefaultErrorResponseHandler.java:47)
at com.amazonaws.http.AwsErrorResponseHandler.handleAse(AwsErrorResponseHandler.java:58)
at com.amazonaws.http.AwsErrorResponseHandler.handle(AwsErrorResponseHandler.java:45)
at com.amazonaws.http.AwsErrorResponseHandler.handle(AwsErrorResponseHandler.java:27)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleErrorResponse(AmazonHttpClient.java:1793)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleServiceErrorResponse(AmazonHttpClient.java:1395)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1371)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1145)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:802)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:770)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:744)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:704)
at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:686)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:550)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:530)
at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.doInvoke(AWSSecurityTokenServiceClient.java:1719)
at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.invoke(AWSSecurityTokenServiceClient.java:1686)
at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.invoke(AWSSecurityTokenServiceClient.java:1675)
at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.executeAssumeRole(AWSSecurityTokenServiceClient.java:589)
at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.assumeRole(AWSSecurityTokenServiceClient.java:561)
Steps to Reproduce
assume a cross account role and try to use NativeS3FileSystem.class.
Possible Solution
Context
see log snippet
Your Environment
- AWS Java SDK version used: 1.11.1034
- JDK version used: 1.8
- Operating System and version: i think centos
Describe the bug
We run an EMR cluster and at runtime assume a cross account role to read
from an s3 bucket, which seems to work, but then randomly fails.
Unfortunately we can't see the error because this parsing error.
Expected Behavior
Xerces should be happy
Current Behavior
Xerces is not happy
Log snippet
Steps to Reproduce
assume a cross account role and try to use
NativeS3FileSystem.class.Possible Solution
Context
see log snippet
Your Environment