karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jamie goodyear (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (KARAF-806) ProxyLoginModule should actually be on the bootclasspath classpath right?
Date Fri, 16 Mar 2012 18:23:39 GMT

    [ https://issues.apache.org/jira/browse/KARAF-806?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13231481#comment-13231481

Jamie goodyear commented on KARAF-806:

Reading the note in jaas/boot/src/main/java/org/apache/karaf/jaas/boot/ProxyLoginModule.java:

"An OSGi proxy login module that should be used instead of a plain reference to a given login
module.  Two properties must be set, the name of the login module class and the bundle to
be used to load it.
This class must be available from all modules, so it has to be either in a fragment bundle
attached to the system bundle or be made available through the boot delegation class path."

Sounds like it should be on the BootClasspath, so an -Xbootclasspath entry may be required
> ProxyLoginModule should actually be on the bootclasspath classpath right?
> -------------------------------------------------------------------------
>                 Key: KARAF-806
>                 URL: https://issues.apache.org/jira/browse/KARAF-806
>             Project: Karaf
>          Issue Type: Question
>          Components: karaf-documentation
>    Affects Versions: 2.2.2
>            Reporter: Todor Boev
>            Priority: Trivial
>             Fix For: 2.2.6, 3.0.0
> In Developers Guide,  Security Framework, Architecture (section)
> http://karaf.apache.org/manual/2.2.2/developers-guide/security-framework.html
> It is mentioned that ProxyLoginModule must be "available from the system classloader".
This does not seem correct. The LoginContext class calls Class.forName(<module class>,
true, <context class loader>) to load the login module classes. When the context loader
is null Class.forName() delegates to the loader of the current class, which in the case of
LoginContext is the boot loader. So if we have ProxyLoginModule on the system classpath it
will be bypassed.
> In equinox we can get away with this because equinox sets a context class loader of it's
own, which delegates to the system loader. I suspect on Felix this will not work.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message