Background As per the following recommendation, we had updated all our hibernate mapping files to refer dtd files with https scheme The markup declarations contained or pointed to by the document type declaration must be well-formed - Hibernate ORM - Hibernate i,e we had updated our hibernate mapping files to use the recommended dtd urls updated existing urls from http://www.hibernate.org/dtd/hibernate-mapping-3.0.dtd to https[://hibernate.org/dtd/hibernate-mapping-3.0.dtd|https://hibernate.org/dtd/hibernate-mapping-3.0.dtd%22] Also, we had upgraded hibernate version to version 5.6.6 (which has a fix  HHH-15094 Closed ) Problem Hibernate does not resolve dtd files locally when using https scheme, But, it resolves the dtd files locally when using http scheme Analysis Following is a snippet of code from LocalXmlResourceResolver, 
When HTTP scheme is used, Hibernate uses startsWith to compare with the identifierBase, But, when HTTPS scheme is used, Hibernate uses matches to compare with the identiferBase For example, Consider a hibernate mapping file with the following DOCTYPE (changed as per above recommendation) <!DOCTYPE hibernate-mapping PUBLIC
"-//Hibernate/Hibernate Mapping DTD//EN"
"https://hibernate.org/dtd/hibernate-mapping-3.0.dtd"> In the LocalXmlResourceResolver, The condition which checks whether to return local resource, fails and returns false when https scheme is used i,e if ( systemId.startsWith( httpBase )
| systemId.matches( httpsBase ) ) { return true; } |
checks as follows "https://hibernate.org/dtd/hibernate-mapping-3.0.dtd".matches("hibernate.org/dtd/hibernate-mapping") which returns false Proposed solution
- Change systemId.matches() to either systemId.startsWith() or systemId.contains()
|
