cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Kulp <dk...@apache.org>
Subject Re: svn commit: r1448003 - /cxf/trunk/rt/transports/http/pom.xml
Date Wed, 20 Feb 2013 13:41:34 GMT

This is a bug in the jetty JAAS bundles then, not CXF.   Get a bug logged there.  We should
not be importing things we don't actually use.  We should be importing the Principal and SecurityContext
things and such, but not any specific implementations.

This still needs to be reverted.

Dan


On Feb 20, 2013, at 7:56 AM, Freeman Fang <freeman.fang@gmail.com> wrote:

> Hi Dan,
> 
> In AbstractHTTPDestination, we have code like
> 
> inMessage.put(SecurityContext.class, new SecurityContext() {
>             public Principal getUserPrincipal() {
>                 return pp;
>             }
>             public boolean isUserInRole(String role) {
>                 return req.isUserInRole(role);
>             }
>         });
> 
> This can cause exception if we enable org.eclipse.jetty.plus.jaas.JAASLoginService in
Karaf,  something like have 
> 
> <Call name="addBean">
>         <Arg>
>             <New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
>                 <Set name="name">karaf</Set>
>                 <Set name="loginModuleName">karaf</Set>
>                 <Set name="roleClassNames">
>                     <Array type="java.lang.String">
>                         <Item>org.apache.karaf.jaas.boot.principal.RolePrincipal</Item>
>                     </Array>
>                 </Set>
>             </New>
>         </Arg>
>     </Call>
> in $KARAF_HOME/etc/jetty.xml
> 
> 
>  the exception could be
> 
> Caused by: java.lang.RuntimeException: java.lang.ClassNotFoundException: org.eclipse.jetty.plus.jaas.JAASRole
not found by org.apache.cxf.cxf-rt-transports-http [178]
> 	at org.eclipse.jetty.plus.jaas.JAASLoginService.getGroups(JAASLoginService.java:327)
> 	at org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:244)
> 	at org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:88)
> 	at org.eclipse.jetty.security.authentication.DeferredAuthentication.authenticate(DeferredAuthentication.java:108)
> 	at org.eclipse.jetty.server.Request.getUserPrincipal(Request.java:1251)
> 	at org.apache.cxf.transport.http.AbstractHTTPDestination.setupMessage(AbstractHTTPDestination.java:332)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT]
> 	at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:219)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT]
> 	at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:213)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT]
> 	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:154)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT]
> 	at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:130)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT]
> 	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:221)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT]
> 	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:141)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT]
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:713)[95:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
> 	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:197)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT]
> 	... 32 more
> Caused by: java.lang.ClassNotFoundException: org.eclipse.jetty.plus.jaas.JAASRole not
found by org.apache.cxf.cxf-rt-transports-http [178]
> 	at org.apache.felix.framework.BundleWiringImpl.findClassOrResourceByDelegation(BundleWiringImpl.java:1499)
> 	at org.apache.felix.framework.BundleWiringImpl.access$400(BundleWiringImpl.java:75)
> 	at org.apache.felix.framework.BundleWiringImpl$BundleClassLoader.loadClass(BundleWiringImpl.java:1882)
> 	at java.lang.ClassLoader.loadClass(ClassLoader.java:356)[:1.7.0_07]
> 	at org.apache.felix.framework.Felix.loadBundleClass(Felix.java:1814)
> 	at org.apache.felix.framework.BundleImpl.loadClass(BundleImpl.java:929)
> 	at org.ops4j.pax.swissbox.core.BundleClassLoader.findClass(BundleClassLoader.java:176)
> 	at org.ops4j.pax.swissbox.core.BundleClassLoader.loadClass(BundleClassLoader.java:194)
> 	at java.lang.ClassLoader.loadClass(ClassLoader.java:356)[:1.7.0_07]
> 	at org.eclipse.jetty.plus.jaas.JAASLoginService.getGroups(JAASLoginService.java:315)
> 	... 45 more
> 
> 
> 
> and 
> 
> 
> Caused by: java.lang.RuntimeException: java.lang.ClassNotFoundException: org.apache.karaf.jaas.boot.principal.RolePrincipal
not found by org.apache.cxf.cxf-rt-transports-http [178]
> 	at org.eclipse.jetty.plus.jaas.JAASLoginService.getGroups(JAASLoginService.java:327)
> 	at org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:244)
> 	at org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:88)
> 	at org.eclipse.jetty.security.authentication.DeferredAuthentication.authenticate(DeferredAuthentication.java:108)
> 	at org.eclipse.jetty.server.Request.getUserPrincipal(Request.java:1251)
> 	at org.apache.cxf.transport.http.AbstractHTTPDestination.setupMessage(AbstractHTTPDestination.java:332)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
> 	at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:219)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
> 	at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:213)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
> 	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:154)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
> 	at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:130)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
> 	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:221)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
> 	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:141)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:713)[95:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
> 	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:197)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
> 	... 32 more
> Caused by: java.lang.ClassNotFoundException: org.apache.karaf.jaas.boot.principal.RolePrincipal
not found by org.apache.cxf.cxf-rt-transports-http [178]
> 	at org.apache.felix.framework.BundleWiringImpl.findClassOrResourceByDelegation(BundleWiringImpl.java:1499)
> 	at org.apache.felix.framework.BundleWiringImpl.access$400(BundleWiringImpl.java:75)
> 	at org.apache.felix.framework.BundleWiringImpl$BundleClassLoader.loadClass(BundleWiringImpl.java:1882)
> 	at java.lang.ClassLoader.loadClass(ClassLoader.java:356)[:1.7.0_07]
> 	at org.apache.felix.framework.Felix.loadBundleClass(Felix.java:1814)
> 	at org.apache.felix.framework.BundleImpl.loadClass(BundleImpl.java:929)
> 	at org.ops4j.pax.swissbox.core.BundleClassLoader.findClass(BundleClassLoader.java:176)
> 	at org.ops4j.pax.swissbox.core.BundleClassLoader.loadClass(BundleClassLoader.java:194)
> 	at java.lang.ClassLoader.loadClass(ClassLoader.java:356)[:1.7.0_07]
> 	at org.eclipse.jetty.plus.jaas.JAASLoginService.getGroups(JAASLoginService.java:315)
> 	... 45 more
> 
> The org.eclipse.jetty.plus.jaas.JAASLoginService.getGroups(JAASLoginService.java:315)
is
> Class load_class = Thread.currentThread().getContextClassLoader().loadClass(roleClassName);
> 
> And in the cxf 2.5.x all-in-one bundle, we have imported org.eclipse.jetty.plus.jaas
package.
> -------------
> Freeman(Yue) Fang
> 
> Red Hat, Inc. 
> FuseSource is now part of Red Hat
> Web: http://fusesource.com | http://www.redhat.com/
> Twitter: freemanfang
> Blog: http://freemanfang.blogspot.com
> http://blog.sina.com.cn/u/1473905042
> weibo: @Freeman小屋
> 
> On 2013-2-20, at 下午8:00, Daniel Kulp wrote:
> 
>> 
>> Freeman,
>> 
>> Can I ask why this is necessary?   The HTTP module does not reference any of these
classes.  Thus, it shouldn't be importing them.   What are the symptoms/stack traces?   This
sounds like more of a problem someplace else.
>> 
>> I'm -1 on  this commit until we can understand why it's needed.
>> 
>> Dan
>> 
>> 
>> On Feb 19, 2013, at 11:58 PM, ffang@apache.org wrote:
>> 
>>> Author: ffang
>>> Date: Wed Feb 20 04:58:42 2013
>>> New Revision: 1448003
>>> 
>>> URL: http://svn.apache.org/r1448003
>>> Log:
>>> [CXF-4840]add more optional Import-Package for cxf-rt-transports-http module
>>> 
>>> Modified:
>>>   cxf/trunk/rt/transports/http/pom.xml
>>> 
>>> Modified: cxf/trunk/rt/transports/http/pom.xml
>>> URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/pom.xml?rev=1448003&r1=1448002&r2=1448003&view=diff
>>> ==============================================================================
>>> --- cxf/trunk/rt/transports/http/pom.xml (original)
>>> +++ cxf/trunk/rt/transports/http/pom.xml Wed Feb 20 04:58:42 2013
>>> @@ -36,7 +36,9 @@
>>>        <cxf.bundle.activator>org.apache.cxf.transport.http.osgi.HTTPTransportActivator</cxf.bundle.activator>
>>>        <cxf.osgi.import>
>>>            javax.servlet*;version="${cxf.osgi.javax.servlet.version}",
>>> -            org.apache.aries*;version="${cxf.aries.version.range}"
>>> +            org.apache.aries*;version="${cxf.aries.version.range}",
>>> +            org.apache.karaf.jaas.boot.principal;resolution:=optional,
>>> +            org.eclipse.jetty.plus.jaas;resolution:=optional
>>>        </cxf.osgi.import>
>>>        <cxf.osgi.export>
>>>            '=META-INF.cxf.osgi',
>>> 
>>> 
>> 
>> -- 
>> Daniel Kulp
>> dkulp@apache.org - http://dankulp.com/blog
>> Talend Community Coder - http://coders.talend.com
>> 
> 

-- 
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message