Karaf
  1. Karaf
  2. KARAF-806

ProxyLoginModule should actually be on the bootclasspath classpath right?

    Details

    • Type: Question Question
    • Status: Closed
    • Priority: Trivial Trivial
    • Resolution: Fixed
    • Affects Version/s: 2.2.2
    • Fix Version/s: 2.2.6, 3.0.0
    • Component/s: karaf-documentation
    • Labels:
      None

      Description

      In Developers Guide, Security Framework, Architecture (section)
      http://karaf.apache.org/manual/2.2.2/developers-guide/security-framework.html

      It is mentioned that ProxyLoginModule must be "available from the system classloader". This does not seem correct. The LoginContext class calls Class.forName(<module class>, true, <context class loader>) to load the login module classes. When the context loader is null Class.forName() delegates to the loader of the current class, which in the case of LoginContext is the boot loader. So if we have ProxyLoginModule on the system classpath it will be bypassed.

      In equinox we can get away with this because equinox sets a context class loader of it's own, which delegates to the system loader. I suspect on Felix this will not work.

        Activity

        Transition Time In Source Status Execution Times Last Executer Last Execution Date
        Open Open Resolved Resolved
        233d 16h 24m 1 Jean-Baptiste Onofré 26/Mar/12 08:00
        Resolved Resolved Closed Closed
        32d 16h 6m 1 Jamie goodyear 28/Apr/12 00:07
        Jamie goodyear made changes -
        Status Resolved [ 5 ] Closed [ 6 ]
        Jean-Baptiste Onofré made changes -
        Resolution Fixed [ 1 ]
        Status Open [ 1 ] Resolved [ 5 ]
        Hide
        Jean-Baptiste Onofré added a comment -

        After digging, it should be in the boot classloader.

        Show
        Jean-Baptiste Onofré added a comment - After digging, it should be in the boot classloader.
        Hide
        Jamie goodyear added a comment -

        Reading the note in jaas/boot/src/main/java/org/apache/karaf/jaas/boot/ProxyLoginModule.java:

        "An OSGi proxy login module that should be used instead of a plain reference to a given login module. Two properties must be set, the name of the login module class and the bundle to be used to load it.
        This class must be available from all modules, so it has to be either in a fragment bundle attached to the system bundle or be made available through the boot delegation class path."

        Sounds like it should be on the BootClasspath, so an -Xbootclasspath entry may be required here?

        Show
        Jamie goodyear added a comment - Reading the note in jaas/boot/src/main/java/org/apache/karaf/jaas/boot/ProxyLoginModule.java: "An OSGi proxy login module that should be used instead of a plain reference to a given login module. Two properties must be set, the name of the login module class and the bundle to be used to load it. This class must be available from all modules, so it has to be either in a fragment bundle attached to the system bundle or be made available through the boot delegation class path." Sounds like it should be on the BootClasspath, so an -Xbootclasspath entry may be required here?
        Jamie goodyear made changes -
        Fix Version/s 2.2.6 [ 12319142 ]
        Fix Version/s 2.2.5 [ 12317857 ]
        Jean-Baptiste Onofré made changes -
        Fix Version/s 2.2.5 [ 12317857 ]
        Fix Version/s 2.2.4 [ 12317342 ]
        Hide
        Jean-Baptiste Onofré added a comment -

        Good point Todor.

        I think that you are right. I gonna make a try to update the documentation.

        Show
        Jean-Baptiste Onofré added a comment - Good point Todor. I think that you are right. I gonna make a try to update the documentation.
        Jean-Baptiste Onofré made changes -
        Field Original Value New Value
        Fix Version/s 2.2.4 [ 12317342 ]
        Fix Version/s 3.0.0 [ 12316040 ]
        Fix Version/s 2.2.3 [ 12316685 ]
        Todor Boev created issue -

          People

          • Assignee:
            Unassigned
            Reporter:
            Todor Boev
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development