The latest version of Aspose.Words for Java (21.5) breaks when the aspose-words.jar is used as an embedded dependency inside of another JAR file.
We are shipping our application as an OSGI bundle where are non-OSGI dependencies are embedded inside of our bundles JAR file (nested JAR files):
.
├── scroll-words.jar
│ ├── META-INF
│ │ ├── MANIFEST.MF
│ │ ├── lib
│ │ │ ├── aopalliance-repackaged-2.6.1.jar
│ │ │ ├── aspose-words-21.3-jdk17.jar
│ │ │ ├── commons-collections4-4.4.jar
│ │ │ ├── commons-compress-1.20.jar
…

This is the shortened stack trace we are seeing when we call new com.aspose.words.Document(…) in our code:

java.lang.ExceptionInInitializerError
	at com.aspose.words.zzZ85.zzZ(Unknown Source)
	at com.aspose.words.zzZ85.zzXg(Unknown Source)
	at com.aspose.words.zzZ81.zzXE(Unknown Source)
	at com.aspose.words.Document.zzY(Unknown Source)
	at com.aspose.words.Document.zzZ(Unknown Source)
	at com.aspose.words.Document.<init>(Unknown Source)
	at com.aspose.words.Document.<init>(Unknown Source)
	at com.aspose.words.Document.<init>(Unknown Source)
	at com.k15t.scroll.words.exporter.WordsExporter.parseDocument(WordsExporter.java:287)
	[... unrelated calls ... ]
Caused by: java.lang.IllegalArgumentException: bytes cannot be null
	at com.aspose.words.internal.zz1B.zzZp(Unknown Source)
	at com.aspose.words.zzZ87.<init>(Unknown Source)
	at com.aspose.words.zzZ87.<clinit>(Unknown Source)
	... 59 more

We have tracked this down to the introduction of a new check in 21.5 that likely is supposed to check if the aspose-words.jar is still signed:

if (this.getClass().getProtectionDomain().getCodeSource().getCertificates() == null) {
    throw new IllegalStateException();
}

When the jar is nested in a different jar this however checks if the outer jar is signed instead (our jar, which is not signed). The thrown exception is then caught and supposed to be rethrown with another message which is not initialized yet due to it happening in the static initialization, which in turn causes this “bytes cannot be null” message.

Due to this we are blocked from upgrading to 21.5. This sort of bundling of dependencies is not unusual. As far as I remember spring-boot also works in a similar way, so I would not be surprised if other users will run into this at some point as well.

@thomask15t

Could you please use the latest version of Aspose.Words for Java 21.5 in your final Jar file, ZIP and attach it here for testing?

Please also share all steps to reproduce the same issue at our side along with detail how to use your JAR file. We will investigate the issue and provide you information on it.

If you are facing this issue with specific document, please ZIP and attach it also.

We are trying to use the latest version 21.5 as mentioned, this is in fact the first version where this problem occurs. That directory listing above was just to show the general directory structure of our artifact and was done with an older build that still worked.

Here is an example when using Spring Boot (not the exact approach we use in our app but it also uses nested jars when bundling): aspose-demo.zip (8.9 KB)

To replicate build it with maven, then just run the resulting jar file:
mvn package
java -jar ./target/aspose-demo-0.0.1-SNAPSHOT.jar

@thomask15t

We have tested the scenario and managed to reproduce the same issue at our side. For the sake of correction, we have logged this problem in our issue tracking system as WORDSJAVA-2584. You will be notified via this forum thread once this issue is resolved.

We apologize for your inconvenience.

Hi @tahir.manzoor thanks for the issue creation.

Do you have a time frame for the fix? We want to update to the latest library version because it fixes a different issue which you’ve resolved but this new problem is blocking us from doing so.

Any ETA would be greatly appreciated so that we can factor this in to our own release schedule.

Cheers, ThomasR

@TR-K15t

We try our best to deal with every customer request in a timely fashion, we unfortunately cannot guarantee a delivery date to every customer issue. We work on issues on a first come, first served basis. We feel this is the fairest and most appropriate way to satisfy the needs of the majority of our customers.

Currently, your issue is pending for analysis and is in the queue. Once we complete the analysis of your issue, we will then be able to provide you an estimate.

You reported this issue in free support forum and it will be treated with normal priority. To speed up the progress of issue’s resolution, we suggest you please check our paid support policies from following link.
Paid Support Policies

@TR-K15t

As a temporary workaround, you can load Aspose.Words’ JAR as OSGI-compatible.

Thanks for reporting this issue thomask15t. I am facing the same issue and would also be interested in a fix date

+1 we’re also blocked from upgrading until there’s a fix for this (we’re using it in a Spring app rather than OSGI, but it’s the same fundamental issue).

@arronhardenels @chrisbeecham2 @TR-K15t @thomask15t The issue is already resolved. The fix will be included into the next version of Aspose.Words for Java, which we are going to release in approximately a week.

The issues you have found earlier (filed as WORDSJAVA-2584) have been fixed in this Aspose.Words for .NET 21.6 update and this Aspose.Words for Java 21.6 update.

Hi,

unfortunately this is still not fixed for us. As my colleague @thomask15t pointed out earlier, the spring-boot scenario was just one example - the fastest way to provide you with a standalone application.

Our real use case is a Confluence server plugin. Confluence uses Apache Felix as OSGi container and we believe that the classloader for Confluence plugins handles nested JARs a little bit different from the way the spring-boot classloader does wrt. to the URL representing the resources in nested JARs.

With the latest version we’re running into this error:

java.lang.ExceptionInInitializerError
	at com.aspose.words.zzXjl.zzWXs(Unknown Source)
	at com.aspose.words.zzXjl.zzXHL(Unknown Source)
	at com.aspose.words.zzWh8.zzpw(Unknown Source)
	at com.aspose.words.Document.zzYl6(Unknown Source)
	at com.aspose.words.Document.zzWXs(Unknown Source)
	at com.aspose.words.Document.<init>(Unknown Source)
	at com.aspose.words.Document.<init>(Unknown Source)
	at com.aspose.words.Document.<init>(Unknown Source)
	...
	at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.IllegalStateException: Invalid license signature. Please make sure the license file was not modified.
	at com.aspose.words.zzWS3.<init>(Unknown Source)
	at com.aspose.words.zzWS3.<clinit>(Unknown Source)
	... 59 more

How can we move forward here?

• We can use a debugger to provide you the resource URL causing the issue, so you could compare it with your logic.
• We could also create a simple Confluence plugin demonstrating this, if it would be useful.

This issue prevents us from upgrading to future versions so we need a solution eventually.

Thanks,
Jens

@jensk15t

We logged separate issue as WORDSJAVA-2587 to test different use cases of Jar signature check. We will inform you once this issue is resolved.

Please share this detail with complete steps to test your use case. We will investigate the issue and log it in our issue tracking system.

Thanks for your response. We’'ll collect all necessary details and post them here.

One question though: Would a Confluence plugin demonstrating this be helpful here? I’m asking because it will be some effort for us to create this and it would be only useful if one of your developers would actually run a Confluence instance to install this plugin into. Let us know if you still want such a plugin.

@jensk15t

Could you please try the latest version of Aspose.Words for Java 21.7 at your end and let us know how it goes on your side?

A post was split to a new topic: Invalid license signature exception is thrown after upgrade

Hi @tahir.manzoor.

I’m still running into an error with 21.7. Here’s the stacktrace and some details I retrieved by attaching a debugger from an IDE to the Confluence process.

Stacktrace:

java.lang.ExceptionInInitializerError
	at com.aspose.words.zzWnD.zzXMZ(Unknown Source)
	at com.aspose.words.zzWnD.zzZuc(Unknown Source)
	at com.aspose.words.zzXCP.zzWcj(Unknown Source)
	at com.aspose.words.Document.zzZTj(Unknown Source)
	at com.aspose.words.Document.zzXMZ(Unknown Source)
	at com.aspose.words.Document.<init>(Unknown Source)
	at com.aspose.words.Document.<init>(Unknown Source)
	at com.aspose.words.Document.<init>(Unknown Source)
    ... <snip>
Caused by: java.lang.IllegalStateException: Invalid license signature. Please make sure the license file was not modified.
	at com.aspose.words.zzWh2.<init>(Unknown Source)
	at com.aspose.words.zzWh2.<clinit>(Unknown Source)
	... 59 more

The origin of the IllegalStateException is in com.aspose.words.zzWh2#zzWCe. Here are some details from its execution:

• var1 = this.getClass(); --> class com.aspose.words.zzWh2
• var1.getClassLoader(); --> com.k15t.scroll.word-server [348]
• var1.getClassLoader().getClass(); --> org.apache.felix.framework.BundleWiringImpl
• var1.getClassLoader().getResource("com/aspose/words/resources/3dBubble.jpg") --> bundle://348.0:28/com/aspose/words/resources/3dBubble.jpg
• var1.getProtectionDomain().getCodeSource().getLocation().toString(); --> file:/Users/jens/k15t/confluence-7.12/home/plugins-cache/1626677415041scroll-word-server-5.2.6-SNAPSHOT.jar
• var1.getProtectionDomain().getCodeSource().getCertificates() --> null

That last line explains why the check fails.

Please note how the codesource refers to our jar, not the aspose-words.jar which is bundled in META-INF/libs. Result of unzip -l scroll-word-server-5.2.6-SNAPSHOT.jar | grep aspose:

15957335  07-19-2021 08:29   META-INF/lib/aspose-words-21.7-jdk17.jar

Please let me know if you need further information.

Thanks,
Jens

@jensk15t

We have logged this issue as WORDSJAVA-2621 in our issue tracking system. If we need any further detail, we will let you know. We will inform you via this forum thread once this issue is resolved. We apologize for your inconvenience.

Im also having the same issue

@brett5d90e

We have already answered your query [here](https://forum.aspose.com/t/invalid-license-signature-exception-is-thrown-after-upgrade/232505/4) in this post. Please follow that thread for further proceedings.