Karaf
  1. Karaf
  2. KARAF-806

ProxyLoginModule should actually be on the bootclasspath classpath right?

    Details

    • Type: Question Question
    • Status: Closed
    • Priority: Trivial Trivial
    • Resolution: Fixed
    • Affects Version/s: 2.2.2
    • Fix Version/s: 2.2.6, 3.0.0
    • Component/s: karaf-documentation
    • Labels:
      None

      Description

      In Developers Guide, Security Framework, Architecture (section)
      http://karaf.apache.org/manual/2.2.2/developers-guide/security-framework.html

      It is mentioned that ProxyLoginModule must be "available from the system classloader". This does not seem correct. The LoginContext class calls Class.forName(<module class>, true, <context class loader>) to load the login module classes. When the context loader is null Class.forName() delegates to the loader of the current class, which in the case of LoginContext is the boot loader. So if we have ProxyLoginModule on the system classpath it will be bypassed.

      In equinox we can get away with this because equinox sets a context class loader of it's own, which delegates to the system loader. I suspect on Felix this will not work.

        Activity

        Hide
        Jean-Baptiste Onofré added a comment -

        Good point Todor.

        I think that you are right. I gonna make a try to update the documentation.

        Show
        Jean-Baptiste Onofré added a comment - Good point Todor. I think that you are right. I gonna make a try to update the documentation.
        Hide
        Jamie goodyear added a comment -

        Reading the note in jaas/boot/src/main/java/org/apache/karaf/jaas/boot/ProxyLoginModule.java:

        "An OSGi proxy login module that should be used instead of a plain reference to a given login module. Two properties must be set, the name of the login module class and the bundle to be used to load it.
        This class must be available from all modules, so it has to be either in a fragment bundle attached to the system bundle or be made available through the boot delegation class path."

        Sounds like it should be on the BootClasspath, so an -Xbootclasspath entry may be required here?

        Show
        Jamie goodyear added a comment - Reading the note in jaas/boot/src/main/java/org/apache/karaf/jaas/boot/ProxyLoginModule.java: "An OSGi proxy login module that should be used instead of a plain reference to a given login module. Two properties must be set, the name of the login module class and the bundle to be used to load it. This class must be available from all modules, so it has to be either in a fragment bundle attached to the system bundle or be made available through the boot delegation class path." Sounds like it should be on the BootClasspath, so an -Xbootclasspath entry may be required here?
        Hide
        Jean-Baptiste Onofré added a comment -

        After digging, it should be in the boot classloader.

        Show
        Jean-Baptiste Onofré added a comment - After digging, it should be in the boot classloader.

          People

          • Assignee:
            Unassigned
            Reporter:
            Todor Boev
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development