Hi Nicklas,

I changed the Application.getAuthenticator() to use a separate 
classloader for external login plugin (attached a diff to the ticket 
#1575) and I was able to verify user's credentials using an STS service.

I got a bit unexpected behavior of BASE that tried to create a new 
account for the user after it failed finding it by an externalId. Of 
course, I had not set the externalId in advance. The logins of the 
external STS service and BASE account happened to be the same, so the 
whole process failed violating the unique-key constraint on login 
column. This is sth I will need to consider when integrating two sets of 
users from different applications.

But there is another problem I was struggling with. And apparently not 
only me [1]. Tomcat/axis/java has a problem when two 
axis2-kernel-x.x.jar jars are in the classpath. Even if the versions are 
the same. I tried multiple combinations with axis2 1.4 and 1.5.1. I 
downgraded the plugin to use axis2-1.3 and rampart1.3. I stripped-down 
the set of jars that my plugin uses, trying to use as many libraries 
shipped with BASE as possible. In principle it should work as long as 
all the dependencies were satisfied (by parent classloader of webapp), 
but when axis2-kernel was not loaded by the same classloader as Apache 
Rampart jars, I couldn't get rampart to engage.

It seems like it is impossible to have axis2 in more than one location 
in the classpath. The only way it works is when only one 
axis2-kernel.jar is loaded by tomcat. So I either need to include all 
dependencies of my plugin into the /WEB-INF/lib directory of BASE, and 
use axis2 shipped with BASE; or I remove the axis2-kernel-1.3.jar from 
WEB-INF/lib of BASE and load it together with my plugin and rest of its 
dependencies. The latter one will of course break BASE's Web Services. I 
haven't had problems with other jars, despite I use different version of 
(for example) axiom libraries. No conflicts with other axis2 libraries, 
only axis2-kernel.

I am happy because it works now, although with BASE's axis2 1.3. But I 
can imagine that in some time I might need to use newer axis2, and then 
I will have to try to upgrade it in BASE as well. If it is backwards 
compatible, it should go smooth, and the BASE Web Services will work. 
But it would be still good to test. Is there a test suite available for 
BASE Web Services that I could try? Or maybe you were considering 
upgrade yourself?


[1] https://issues.apache.org/jira/browse/AXIS2-2972

Nicklas Nordborg wrote:
> I added a ticket:http://base.thep.lu.se/ticket/1575
> /Nicklas
> ------------------------------------------------------------------------------
> Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
> Finally, a world-class log management solution at an even better price-free!
> Download using promo code Free_Logger_4_Dev2Dev. Offer expires
> February 28th, so secure your free ArcSight Logger TODAY!
> http://p.sf.net/sfu/arcsight-sfd2d
> _______________________________________________
> basedb-devel mailing list
> basedb-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/basedb-devel

Free Software Download: Index, Search & Analyze Logs and other IT data in 
Real-Time with Splunk. Collect, index and harness all the fast moving IT data 
generated by your applications, servers and devices whether physical, virtual
or in the cloud. Deliver compliance at lower cost and gain new business 
insights. http://p.sf.net/sfu/splunk-dev2dev 
basedb-devel mailing list

Reply via email to