Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-8566

cxf-ws-rt-security & ehcache: OSGi classloading

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.4.3
    • Fix Version/s: 3.4.5, 3.5.0
    • Component/s: OSGi
    • Labels:
      None
    • Estimated Complexity:
      Unknown

      Description

      Hello,

      during some tests in Karaf container, we faced this exception

      Caused by: java.lang.IllegalArgumentException: CacheTemplate 'org.apache.cxf.ws.security.tokenstore.TokenStore' declares value type of org.apache.cxf.ws.security.tokenstore.SecurityToken. Provided: class org.apache.cxf.ws.security.tokenstore.SecurityToken
      	at org.ehcache.xml.ConfigurationParser.checkTemplateTypeConsistency(ConfigurationParser.java:279) ~[bundleFile:3.8.1 a19322e8d4b3f7157e878112c2afc0b6e3090fdd]
      	at org.ehcache.xml.ConfigurationParser.access$000(ConfigurationParser.java:108) ~[bundleFile:3.8.1 a19322e8d4b3f7157e878112c2afc0b6e3090fdd]
      	at org.ehcache.xml.ConfigurationParser$1.builderFor(ConfigurationParser.java:255) ~[bundleFile:3.8.1 a19322e8d4b3f7157e878112c2afc0b6e3090fdd]
      	at org.ehcache.xml.XmlConfiguration.newCacheConfigurationBuilderFromTemplate(XmlConfiguration.java:277) ~[bundleFile:3.8.1 a19322e8d4b3f7157e878112c2afc0b6e3090fdd]
      	at org.apache.cxf.ws.security.tokenstore.EHCacheTokenStore.<init>(EHCacheTokenStore.java:66) ~[bundleFile:3.4.3]
      	at org.apache.cxf.ws.security.tokenstore.EHCacheTokenStoreFactory.newTokenStore(EHCacheTokenStoreFactory.java:45) ~[bundleFile:3.4.3]
      	at org.apache.cxf.ws.security.tokenstore.TokenStoreUtils.getTokenStore(TokenStoreUtils.java:58) ~[bundleFile:3.4.3]
      	at org.apache.cxf.ws.security.trust.DefaultSTSTokenCacher.storeToken(DefaultSTSTokenCacher.java:103) ~[bundleFile:3.4.3]
      	at org.apache.cxf.ws.security.trust.STSTokenRetriever.getToken(STSTokenRetriever.java:117) ~[bundleFile:3.4.3]
      	... 18 more
      

       

      It seems it's due to different class loaders for classes XmlConfiguration and SecurityToken.

      I tried to force the cacheClassLoaders from ehcache in EHCacheTokenStore (https://github.com/apache/cxf/blob/9387c3f65862bbe9356457ad4c111eda852fcc90/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/EHCacheTokenStore.java#L56-L76)

      try {
                  // Exclude the endpoint info bit added in TokenStoreUtils when getting the template name
                  String template = key;
                  if (template.contains("-")) {
                      template = key.substring(0, key.lastIndexOf('-'));
                  }
      
                  Map<String, ClassLoader> cacheClassLoaders = new HashMap<>();
                  cacheClassLoaders.put(template, SecurityToken.class.getClassLoader());
                  XmlConfiguration xmlConfig = new XmlConfiguration(configFileURL, ClassLoading.getDefaultClassLoader(),
                          cacheClassLoaders);
      
                  CacheConfigurationBuilder<String, SecurityToken> configurationBuilder =
                          xmlConfig.newCacheConfigurationBuilderFromTemplate(template,
                                  String.class, SecurityToken.class);
      
                  cacheManager = CacheManagerBuilder.newCacheManagerBuilder().withCache(key, configurationBuilder).build();
      
                  cacheManager.init();
                  cache = cacheManager.getCache(key, String.class, SecurityToken.class);
      
              } catch (Exception e) {
                  throw new TokenStoreException(e);
              }
      

       It seems to resolve the issue, but I'm not sure about the proper implementation, and the unit tests to set

      Thanks,

        Attachments

          Activity

            People

            • Assignee:
              ffang Freeman Yue Fang
              Reporter:
              jgreffe Julien Greffe
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: