Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
2.0.0
-
None
Description
As reported to dev mailing list need to add an exclusion to xml-apis to fix a classloader problem in tomcat when security manger is enabled.
Here excerpt :
The ldap api has a dependency on xml-apis jar. I can verify this by running mvn dependency:tree
[INFO] | | +- org.apache.directory.api:api-all:jar:1.0.0:compile
[INFO] | | | +- xml-apis:xml-apis:jar:1.0.b2:compile
Which causes trouble when the Fortress Realm is runnning inside tomcat with java security manager enabled. Here's the exception reported in tomcat logs:
Caused by: javax.xml.parsers.FactoryConfigurationError: Provider for javax.xml.parsers.SAXParserFactory cannot be found
I can work around it by adding an exclusion to the fortress core's pom file:
<dependency>
<groupId>org.apache.directory.api</groupId>
<artifactId>api-all</artifactId>
<version>${version.api.all}</version>
<type>jar</type>
<exclusions>
<exclusion>
<groupId>xml-apis</groupId>
<artifactId>xml-apis</artifactId>
</exclusion>
</exclusions>
</dependency>
It's worth noting this issue first appeared when running tomcat with -security enabled. Not sure if others using the api have experienced similar difficulties in Tomcat.