river-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Craig L Russell <craig.russ...@oracle.com>
Subject Re: PAM - Pluggable Authentication Modules Any Ideas?
Date Thu, 13 May 2010 16:49:07 GMT
Hi Gregg,

On May 13, 2010, at 8:23 AM, Gregg Wonderly wrote:

> If you use System.load(), then you can use a static initialization  
> block to copy the jni bits from the jar into a temp directory and  
> then load it from that path.

My understanding is that you need to start the VM with the knowledge  
of where all the jni libraries are. You can either put them into the  
"standard" place (varies by platform) or in a special place and name  
that special directory using the -Djava.library.path system property  
when you start the VM. It doesn't work to set the system property  
after you start the VM.

> Associated permissions need to be granted of course.

Of course.


> Gregg Wonderly
> Sent from my iPad
> On May 13, 2010, at 9:59 AM, Dennis Reedy <dennis.reedy@gmail.com>  
> wrote:
>> On May 12, 2010, at 714PM, Peter Firmstone wrote:
>>> I like the sound of that.
>>> We can have an Authentication Service, we could place the  
>>> constraint of a key signature on that particular service (don't  
>>> want untrusted parties providing authentication), but once loaded,  
>>> the smart proxy could contain the JNI code required to perform the  
>>> authentication?
>> I'm not really sure if (and how) a smart proxy that once download  
>> can (or should be given permission to) load a native library. From  
>> what I have seen, the native library needs to be loaded from a  
>> location that the JVM knows about (a priori). Would that native  
>> library need to be installed onto the machine to the location where  
>> the JVM has been configured to load native libraries from before  
>> that native library was loaded?
>> Would the native library need to be loaded by a class loader that  
>> is hierarchically a parent of class loaders that load services?  
>> This is because the same JNI native library cannot be loaded into  
>> more than one class loader, but different child class loaders of a  
>> class loader that loaded the JNI library can gain access to the  
>> loaded library such that System.loadLibrary will succeed (this  
>> naturally assumes that other class loaders in the JVM would want  
>> the capability to load the native library).
>> Dennis

Craig L Russell
Architect, Oracle
408 276-5638 mailto:Craig.Russell@oracle.com
P.S. A good JDO? O, Gasp!

View raw message