Community
Participate
Working Groups
Build Identifier: 8.0.4.v20111024 when using JAAS on OSGi platform like Felix 4.0.2, there is error reported: java.lang.ClassNotFoundException: javax.security.auth.login.LoginException not found by org.eclipse.jetty.plus [31] at org.apache.felix.framework.BundleWiringImpl.findClassOrResourceByDelegation(BundleWiringImpl.java:1460) ....... at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.newObj(XmlConfiguration.java:748) .... at org.eclipse.jetty.osgi.boot.internal.webapp.JettyContextHandlerServic ... at java.lang.Thread.run(Thread.java:662) added javax.security.* in the Import-Package solve the issue. 7.5.4 has no such issue. Reproducible: Always
Guofeng reported some more work on this item on the mailing list: ---------- Forwarded message ---------- From: Guofeng Zhang <guofeng@***> Date: Fri, Dec 9, 2011 at 3:14 PM Subject: Re: [jetty-users] why does jetty-plus bundle not import javax.security.* package? To: JETTY user mailing list <jetty-users@eclipse.org> This issue is for 8.0.4. 7.5.4 works well for my application. The following share what I have done for our application. I deployed Jetty 8.0.4 on Felix framework 4.0.2. I used to use JAAS for my web application. When the framework deploy jetty-plus, it said that: Caused by: java.lang.ClassNotFoundException: javax.security.auth.login.LoginException not found by org.eclipse.jetty.plus [31] at org.apache.felix.framework.BundleWiringImpl.findClassOrResourceByDelegation(BundleWiringImpl.java:1460) ....... at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.newObj(XmlConfiguration.java:748) .... at org.eclipse.jetty.osgi.boot.internal.webapp.JettyContextHandlerServic ... at java.lang.Thread.run(Thread.java:662) so I added javax.security.* in Import-Package for jetty-plus. For my web bundle, I need to import com.sun.security.auth.login in Import-Package for com.sun.security.auth.login.ConfigFile. I use jetty-web.xml configure JAASLoginService. Then it works well. It also needs to add: com.sun.xml.internal.bind.v2,\ --- this line is for jetty-jaspi com.sun.security.auth.login in felix’s config.properties to make the system bundle export the required package. Anyway, if jetty-plus works well, for other missing package, we could deal it with well. By fixing bug 359329 (https://bugs.eclipse.org/bugs/show_bug.cgi?id=359329), and add the following in maven-bundle-plugin of jetty-jaspi’s pom.xml, JASPI also works well on Felix. <configuration> <instructions> <Import-Package> * </Import-Package> <Export-Package> org.eclipse.jetty.security.jaspi, org.eclipse.jetty.security.jaspi.modules </Export-Package> </instructions> </configuration> I opened a bug 336140 for it. Thanks Guofeng
Thanks Guofeng, I compared the import/export instructions on jetty-plus and jetty-jaspi and this is clearly an oversight. I applied the fixes suggested and they match what we were doing in jetty-7. Here is the commit: http://git.eclipse.org/c/jetty/org.eclipse.jetty.project.git/commit/?h=jetty-8&id=49556c0f406908786cc8075119a8289c6defc105 Just curious for jetty-jaspi your suggestion is to export only the 2 packages: org.eclipse.jetty.security.jaspi, org.eclipse.jetty.security.jaspi.modules Should we keep org.eclipse.jetty.security.jaspi.callback private to the bundle? Thanks!
(In reply to comment #2) > Here is the commit: > http://git.eclipse.org/c/jetty/org.eclipse.jetty.project.git/commit/?h=jetty-8&id=49556c0f406908786cc8075119a8289c6defc105 > > Just curious for jetty-jaspi your suggestion is to export only the 2 packages: > org.eclipse.jetty.security.jaspi, > org.eclipse.jetty.security.jaspi.modules > > Should we keep org.eclipse.jetty.security.jaspi.callback private to the bundle? > Thanks! org.eclipse.jetty.security.jaspi is for JaspiAuthenticatorFactory in jetty-web.xml. org.eclipse.jetty.security.jaspi.modules is for the built-in auth module defined in this package and could be referenced in JASPI configuration file. I upload my test environment for you. go to felix-4.0.2, run startup, this will launch the felix and test app. http://localhost:8080/foo/secured/s.html, this pop up the BASIC login window, type admin/admin for password. this is a JASPI auth. http://localhost:8080/system/console, type admin/admin to use Felix's WebConsole to check the deployed bundle data.
Created attachment 208156 [details] the test runtime
Created attachment 208157 [details] the test source code
This seems to have been fixed by Hugues' commit of 9/12/2011. Please reopen if there is still a problem. thanks Jan
