CXF web service client: “Cannot create a secure XMLInputFactory”

Question

I am wrote and deployed a CXF web service into a Tomcat server using the instructions here. The web service deploys fine as I can see the WSDL file in a web browser.

<

Answer 1

I hit this issue and it was because, when i upgraded from an older version of cxf, i did not change stax-api-*.jar to stax2-api-*.jar in my client classpath.

Answer 2

If you upgrade to 3.0.0 or later, you shouldn't add woodstock dependencies

Answer 3

I looked through my dependencies to find version conflicts with woodstox or stax-api.

Turns out that axis2-transport-http introduced these conflicts.

If you happen to have this dependency as well, add the following exclusion to your pom dependency that introduced it

<exclusions>
            <exclusion>
                <groupId>org.apache.axis2</groupId>
                <artifactId>axis2-transport-http</artifactId>
            </exclusion>
        </exclusions>

Answer 4

I had similar problem

After adding this -Dorg.apache.cxf.stax.allowInsecureParser=1 to the JAVA_OPTIONS in setDomainEnv.sh, It is working fine now.

Answer 5

I can solve this problem by adding weblogic.xml in the WEB-INF folder of my app with the following code:

<prefer-web-inf-classes>false</prefer-web-inf-classes>

<prefer-application-packages>
    <package-name>com.ctc.*</package-name>
</prefer-application-packages>

Answer 6

1: -Dorg.apache.cxf.stax.allowInsecureParser=1 to the JAVA_OPTIONS
or
2: rename woodstox-core-asl-4.4.1.jar -> awoodstox-core-asl-4.4.1.jar