Hi Dan,
In AbstractHTTPDestination, we have code like
inMessage.put(SecurityContext.class, new SecurityContext() {
public Principal getUserPrincipal() {
return pp;
}
public boolean isUserInRole(String role) {
return req.isUserInRole(role);
}
});
This can cause exception if we enable
org.eclipse.jetty.plus.jaas.JAASLoginService in Karaf, something like have
<Call name="addBean">
<Arg>
<New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
<Set name="name">karaf</Set>
<Set name="loginModuleName">karaf</Set>
<Set name="roleClassNames">
<Array type="java.lang.String">
<Item>org.apache.karaf.jaas.boot.principal.RolePrincipal</Item>
</Array>
</Set>
</New>
</Arg>
</Call>
in $KARAF_HOME/etc/jetty.xml
the exception could be
Caused by: java.lang.RuntimeException: java.lang.ClassNotFoundException:
org.eclipse.jetty.plus.jaas.JAASRole not found by
org.apache.cxf.cxf-rt-transports-http [178]
at
org.eclipse.jetty.plus.jaas.JAASLoginService.getGroups(JAASLoginService.java:327)
at
org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:244)
at
org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:88)
at
org.eclipse.jetty.security.authentication.DeferredAuthentication.authenticate(DeferredAuthentication.java:108)
at org.eclipse.jetty.server.Request.getUserPrincipal(Request.java:1251)
at
org.apache.cxf.transport.http.AbstractHTTPDestination.setupMessage(AbstractHTTPDestination.java:332)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT]
at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:219)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT]
at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:213)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT]
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:154)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT]
at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:130)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT]
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:221)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT]
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:141)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT]
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:713)[95:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:197)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT]
... 32 more
Caused by: java.lang.ClassNotFoundException:
org.eclipse.jetty.plus.jaas.JAASRole not found by
org.apache.cxf.cxf-rt-transports-http [178]
at
org.apache.felix.framework.BundleWiringImpl.findClassOrResourceByDelegation(BundleWiringImpl.java:1499)
at
org.apache.felix.framework.BundleWiringImpl.access$400(BundleWiringImpl.java:75)
at
org.apache.felix.framework.BundleWiringImpl$BundleClassLoader.loadClass(BundleWiringImpl.java:1882)
at java.lang.ClassLoader.loadClass(ClassLoader.java:356)[:1.7.0_07]
at org.apache.felix.framework.Felix.loadBundleClass(Felix.java:1814)
at org.apache.felix.framework.BundleImpl.loadClass(BundleImpl.java:929)
at
org.ops4j.pax.swissbox.core.BundleClassLoader.findClass(BundleClassLoader.java:176)
at
org.ops4j.pax.swissbox.core.BundleClassLoader.loadClass(BundleClassLoader.java:194)
at java.lang.ClassLoader.loadClass(ClassLoader.java:356)[:1.7.0_07]
at
org.eclipse.jetty.plus.jaas.JAASLoginService.getGroups(JAASLoginService.java:315)
... 45 more
and
Caused by: java.lang.RuntimeException: java.lang.ClassNotFoundException:
org.apache.karaf.jaas.boot.principal.RolePrincipal not found by
org.apache.cxf.cxf-rt-transports-http [178]
at
org.eclipse.jetty.plus.jaas.JAASLoginService.getGroups(JAASLoginService.java:327)
at
org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:244)
at
org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:88)
at
org.eclipse.jetty.security.authentication.DeferredAuthentication.authenticate(DeferredAuthentication.java:108)
at org.eclipse.jetty.server.Request.getUserPrincipal(Request.java:1251)
at
org.apache.cxf.transport.http.AbstractHTTPDestination.setupMessage(AbstractHTTPDestination.java:332)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:219)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:213)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:154)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:130)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:221)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:141)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:713)[95:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:197)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
... 32 more
Caused by: java.lang.ClassNotFoundException:
org.apache.karaf.jaas.boot.principal.RolePrincipal not found by
org.apache.cxf.cxf-rt-transports-http [178]
at
org.apache.felix.framework.BundleWiringImpl.findClassOrResourceByDelegation(BundleWiringImpl.java:1499)
at
org.apache.felix.framework.BundleWiringImpl.access$400(BundleWiringImpl.java:75)
at
org.apache.felix.framework.BundleWiringImpl$BundleClassLoader.loadClass(BundleWiringImpl.java:1882)
at java.lang.ClassLoader.loadClass(ClassLoader.java:356)[:1.7.0_07]
at org.apache.felix.framework.Felix.loadBundleClass(Felix.java:1814)
at org.apache.felix.framework.BundleImpl.loadClass(BundleImpl.java:929)
at
org.ops4j.pax.swissbox.core.BundleClassLoader.findClass(BundleClassLoader.java:176)
at
org.ops4j.pax.swissbox.core.BundleClassLoader.loadClass(BundleClassLoader.java:194)
at java.lang.ClassLoader.loadClass(ClassLoader.java:356)[:1.7.0_07]
at
org.eclipse.jetty.plus.jaas.JAASLoginService.getGroups(JAASLoginService.java:315)
... 45 more
The
org.eclipse.jetty.plus.jaas.JAASLoginService.getGroups(JAASLoginService.java:315)
is
Class load_class =
Thread.currentThread().getContextClassLoader().loadClass(roleClassName);
And in the cxf 2.5.x all-in-one bundle, we have imported
org.eclipse.jetty.plus.jaas package.
-------------
Freeman(Yue) Fang
Red Hat, Inc.
FuseSource is now part of Red Hat
Web: http://fusesource.com | http://www.redhat.com/
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com
http://blog.sina.com.cn/u/1473905042
weibo: @Freeman小屋
On 2013-2-20, at 下午8:00, Daniel Kulp wrote:
>
> Freeman,
>
> Can I ask why this is necessary? The HTTP module does not reference any of
> these classes. Thus, it shouldn't be importing them. What are the
> symptoms/stack traces? This sounds like more of a problem someplace else.
>
> I'm -1 on this commit until we can understand why it's needed.
>
> Dan
>
>
> On Feb 19, 2013, at 11:58 PM, [email protected] wrote:
>
>> Author: ffang
>> Date: Wed Feb 20 04:58:42 2013
>> New Revision: 1448003
>>
>> URL: http://svn.apache.org/r1448003
>> Log:
>> [CXF-4840]add more optional Import-Package for cxf-rt-transports-http module
>>
>> Modified:
>> cxf/trunk/rt/transports/http/pom.xml
>>
>> Modified: cxf/trunk/rt/transports/http/pom.xml
>> URL:
>> http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/pom.xml?rev=1448003&r1=1448002&r2=1448003&view=diff
>> ==============================================================================
>> --- cxf/trunk/rt/transports/http/pom.xml (original)
>> +++ cxf/trunk/rt/transports/http/pom.xml Wed Feb 20 04:58:42 2013
>> @@ -36,7 +36,9 @@
>>
>> <cxf.bundle.activator>org.apache.cxf.transport.http.osgi.HTTPTransportActivator</cxf.bundle.activator>
>> <cxf.osgi.import>
>> javax.servlet*;version="${cxf.osgi.javax.servlet.version}",
>> - org.apache.aries*;version="${cxf.aries.version.range}"
>> + org.apache.aries*;version="${cxf.aries.version.range}",
>> + org.apache.karaf.jaas.boot.principal;resolution:=optional,
>> + org.eclipse.jetty.plus.jaas;resolution:=optional
>> </cxf.osgi.import>
>> <cxf.osgi.export>
>> '=META-INF.cxf.osgi',
>>
>>
>
> --
> Daniel Kulp
> [email protected] - http://dankulp.com/blog
> Talend Community Coder - http://coders.talend.com
>
