Thanks Dan, it works perfectly. ------------- Freeman(Yue) Fang
Red Hat, Inc. FuseSource is now part of Red Hat Web: http://fusesource.com | http://www.redhat.com/ Twitter: freemanfang Blog: http://freemanfang.blogspot.com http://blog.sina.com.cn/u/1473905042 weibo: @Freeman小屋 On 2013-2-20, at 下午10:00, Daniel Kulp wrote: > > OK. I think I see the real problem… > > In ServletController, we're setting the ContextClassloader in the case where > a destination can be found based on the path, but we're apparently not > setting it in the the other cases. This should be deferred down to the > application level bundles via the context classloader, but we're not setting > it in that particular case. Working on that. > > > Dan > > > > On Feb 20, 2013, at 8:41 AM, Daniel Kulp <[email protected]> wrote: > >> >> This is a bug in the jetty JAAS bundles then, not CXF. Get a bug logged >> there. We should not be importing things we don't actually use. We should >> be importing the Principal and SecurityContext things and such, but not any >> specific implementations. >> >> This still needs to be reverted. >> >> Dan >> >> >> On Feb 20, 2013, at 7:56 AM, Freeman Fang <[email protected]> wrote: >> >>> Hi Dan, >>> >>> In AbstractHTTPDestination, we have code like >>> >>> inMessage.put(SecurityContext.class, new SecurityContext() { >>> public Principal getUserPrincipal() { >>> return pp; >>> } >>> public boolean isUserInRole(String role) { >>> return req.isUserInRole(role); >>> } >>> }); >>> >>> This can cause exception if we enable >>> org.eclipse.jetty.plus.jaas.JAASLoginService in Karaf, something like have >>> >>> <Call name="addBean"> >>> <Arg> >>> <New class="org.eclipse.jetty.plus.jaas.JAASLoginService"> >>> <Set name="name">karaf</Set> >>> <Set name="loginModuleName">karaf</Set> >>> <Set name="roleClassNames"> >>> <Array type="java.lang.String"> >>> >>> <Item>org.apache.karaf.jaas.boot.principal.RolePrincipal</Item> >>> </Array> >>> </Set> >>> </New> >>> </Arg> >>> </Call> >>> in $KARAF_HOME/etc/jetty.xml >>> >>> >>> the exception could be >>> >>> Caused by: java.lang.RuntimeException: java.lang.ClassNotFoundException: >>> org.eclipse.jetty.plus.jaas.JAASRole not found by >>> org.apache.cxf.cxf-rt-transports-http [178] >>> at >>> org.eclipse.jetty.plus.jaas.JAASLoginService.getGroups(JAASLoginService.java:327) >>> at >>> org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:244) >>> at >>> org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:88) >>> at >>> org.eclipse.jetty.security.authentication.DeferredAuthentication.authenticate(DeferredAuthentication.java:108) >>> at org.eclipse.jetty.server.Request.getUserPrincipal(Request.java:1251) >>> at >>> org.apache.cxf.transport.http.AbstractHTTPDestination.setupMessage(AbstractHTTPDestination.java:332)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT] >>> at >>> org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:219)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT] >>> at >>> org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:213)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT] >>> at >>> org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:154)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT] >>> at >>> org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:130)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT] >>> at >>> org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:221)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT] >>> at >>> org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:141)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT] >>> at >>> javax.servlet.http.HttpServlet.service(HttpServlet.java:713)[95:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2] >>> at >>> org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:197)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-SNAPSHOT] >>> ... 32 more >>> Caused by: java.lang.ClassNotFoundException: >>> org.eclipse.jetty.plus.jaas.JAASRole not found by >>> org.apache.cxf.cxf-rt-transports-http [178] >>> at >>> org.apache.felix.framework.BundleWiringImpl.findClassOrResourceByDelegation(BundleWiringImpl.java:1499) >>> at >>> org.apache.felix.framework.BundleWiringImpl.access$400(BundleWiringImpl.java:75) >>> at >>> org.apache.felix.framework.BundleWiringImpl$BundleClassLoader.loadClass(BundleWiringImpl.java:1882) >>> at java.lang.ClassLoader.loadClass(ClassLoader.java:356)[:1.7.0_07] >>> at org.apache.felix.framework.Felix.loadBundleClass(Felix.java:1814) >>> at org.apache.felix.framework.BundleImpl.loadClass(BundleImpl.java:929) >>> at >>> org.ops4j.pax.swissbox.core.BundleClassLoader.findClass(BundleClassLoader.java:176) >>> at >>> org.ops4j.pax.swissbox.core.BundleClassLoader.loadClass(BundleClassLoader.java:194) >>> at java.lang.ClassLoader.loadClass(ClassLoader.java:356)[:1.7.0_07] >>> at >>> org.eclipse.jetty.plus.jaas.JAASLoginService.getGroups(JAASLoginService.java:315) >>> ... 45 more >>> >>> >>> >>> and >>> >>> >>> Caused by: java.lang.RuntimeException: java.lang.ClassNotFoundException: >>> org.apache.karaf.jaas.boot.principal.RolePrincipal not found by >>> org.apache.cxf.cxf-rt-transports-http [178] >>> at >>> org.eclipse.jetty.plus.jaas.JAASLoginService.getGroups(JAASLoginService.java:327) >>> at >>> org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:244) >>> at >>> org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:88) >>> at >>> org.eclipse.jetty.security.authentication.DeferredAuthentication.authenticate(DeferredAuthentication.java:108) >>> at org.eclipse.jetty.server.Request.getUserPrincipal(Request.java:1251) >>> at >>> org.apache.cxf.transport.http.AbstractHTTPDestination.setupMessage(AbstractHTTPDestination.java:332)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047] >>> at >>> org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:219)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047] >>> at >>> org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:213)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047] >>> at >>> org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:154)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047] >>> at >>> org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:130)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047] >>> at >>> org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:221)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047] >>> at >>> org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:141)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047] >>> at >>> javax.servlet.http.HttpServlet.service(HttpServlet.java:713)[95:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2] >>> at >>> org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:197)[178:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047] >>> ... 32 more >>> Caused by: java.lang.ClassNotFoundException: >>> org.apache.karaf.jaas.boot.principal.RolePrincipal not found by >>> org.apache.cxf.cxf-rt-transports-http [178] >>> at >>> org.apache.felix.framework.BundleWiringImpl.findClassOrResourceByDelegation(BundleWiringImpl.java:1499) >>> at >>> org.apache.felix.framework.BundleWiringImpl.access$400(BundleWiringImpl.java:75) >>> at >>> org.apache.felix.framework.BundleWiringImpl$BundleClassLoader.loadClass(BundleWiringImpl.java:1882) >>> at java.lang.ClassLoader.loadClass(ClassLoader.java:356)[:1.7.0_07] >>> at org.apache.felix.framework.Felix.loadBundleClass(Felix.java:1814) >>> at org.apache.felix.framework.BundleImpl.loadClass(BundleImpl.java:929) >>> at >>> org.ops4j.pax.swissbox.core.BundleClassLoader.findClass(BundleClassLoader.java:176) >>> at >>> org.ops4j.pax.swissbox.core.BundleClassLoader.loadClass(BundleClassLoader.java:194) >>> at java.lang.ClassLoader.loadClass(ClassLoader.java:356)[:1.7.0_07] >>> at >>> org.eclipse.jetty.plus.jaas.JAASLoginService.getGroups(JAASLoginService.java:315) >>> ... 45 more >>> >>> The >>> org.eclipse.jetty.plus.jaas.JAASLoginService.getGroups(JAASLoginService.java:315) >>> is >>> Class load_class = >>> Thread.currentThread().getContextClassLoader().loadClass(roleClassName); >>> >>> And in the cxf 2.5.x all-in-one bundle, we have imported >>> org.eclipse.jetty.plus.jaas package. >>> ------------- >>> Freeman(Yue) Fang >>> >>> Red Hat, Inc. >>> FuseSource is now part of Red Hat >>> Web: http://fusesource.com | http://www.redhat.com/ >>> Twitter: freemanfang >>> Blog: http://freemanfang.blogspot.com >>> http://blog.sina.com.cn/u/1473905042 >>> weibo: @Freeman小屋 >>> >>> On 2013-2-20, at 下午8:00, Daniel Kulp wrote: >>> >>>> >>>> Freeman, >>>> >>>> Can I ask why this is necessary? The HTTP module does not reference any >>>> of these classes. Thus, it shouldn't be importing them. What are the >>>> symptoms/stack traces? This sounds like more of a problem someplace else. >>>> >>>> I'm -1 on this commit until we can understand why it's needed. >>>> >>>> Dan >>>> >>>> >>>> On Feb 19, 2013, at 11:58 PM, [email protected] wrote: >>>> >>>>> Author: ffang >>>>> Date: Wed Feb 20 04:58:42 2013 >>>>> New Revision: 1448003 >>>>> >>>>> URL: http://svn.apache.org/r1448003 >>>>> Log: >>>>> [CXF-4840]add more optional Import-Package for cxf-rt-transports-http >>>>> module >>>>> >>>>> Modified: >>>>> cxf/trunk/rt/transports/http/pom.xml >>>>> >>>>> Modified: cxf/trunk/rt/transports/http/pom.xml >>>>> URL: >>>>> http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/pom.xml?rev=1448003&r1=1448002&r2=1448003&view=diff >>>>> ============================================================================== >>>>> --- cxf/trunk/rt/transports/http/pom.xml (original) >>>>> +++ cxf/trunk/rt/transports/http/pom.xml Wed Feb 20 04:58:42 2013 >>>>> @@ -36,7 +36,9 @@ >>>>> >>>>> <cxf.bundle.activator>org.apache.cxf.transport.http.osgi.HTTPTransportActivator</cxf.bundle.activator> >>>>> <cxf.osgi.import> >>>>> javax.servlet*;version="${cxf.osgi.javax.servlet.version}", >>>>> - org.apache.aries*;version="${cxf.aries.version.range}" >>>>> + org.apache.aries*;version="${cxf.aries.version.range}", >>>>> + org.apache.karaf.jaas.boot.principal;resolution:=optional, >>>>> + org.eclipse.jetty.plus.jaas;resolution:=optional >>>>> </cxf.osgi.import> >>>>> <cxf.osgi.export> >>>>> '=META-INF.cxf.osgi', >>>>> >>>>> >>>> >>>> -- >>>> Daniel Kulp >>>> [email protected] - http://dankulp.com/blog >>>> Talend Community Coder - http://coders.talend.com >>>> >>> >> >> -- >> Daniel Kulp >> [email protected] - http://dankulp.com/blog >> Talend Community Coder - http://coders.talend.com >> > > -- > Daniel Kulp > [email protected] - http://dankulp.com/blog > Talend Community Coder - http://coders.talend.com >
