[KARAF-806] ProxyLoginModule should actually be on the bootclasspath classpath right? - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Question
Status: Closed
Priority: Trivial
Resolution: Fixed
Affects Version/s: 2.2.2
Fix Version/s: 2.2.6, 3.0.0
Component/s: karaf
Labels:
None

Description

In Developers Guide, Security Framework, Architecture (section)
http://karaf.apache.org/manual/2.2.2/developers-guide/security-framework.html

It is mentioned that ProxyLoginModule must be "available from the system classloader". This does not seem correct. The LoginContext class calls Class.forName(<module class>, true, <context class loader>) to load the login module classes. When the context loader is null Class.forName() delegates to the loader of the current class, which in the case of LoginContext is the boot loader. So if we have ProxyLoginModule on the system classpath it will be bypassed.

In equinox we can get away with this because equinox sets a context class loader of it's own, which delegates to the system loader. I suspect on Felix this will not work.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Todor Boev

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 05/Aug/11 14:35

Updated:: 14/Sep/18 12:39

Resolved:: 26/Mar/12 07:00