Hi All, We upgraded the opensaml version from 2.4.1 to 2.6.4 in carbon-identity. With this upgrade there are two opensaml versions at IS server runtime, opensaml 2.4.1 coming from org.wso2.carbon.core.common.feature in kernel and opensaml 2.6.4 coming from carbon identity features. On the product built with this upgrade, the SCIM endpoint web application(wso2.war) deployement fails intermittently with error [1] at server startup.
As we found out this is being caused due to a failure on building the class space as one of the webapps dependencies wires to the older version while another wires to the upgraded version. So, as it seems, there is an older version of org.wso2.carbon.identity.sso.agent coming from org.wso2.carbon.webapp.mgt.server.feature in carbon deployment repo (carbon deployment 4.5.3). This specifically uses opensaml 2.4.1 version. The tomcat bundle uses dynamic imports, thus, if it wires with org.wso2.carbon.identity.sso.agent, it wires with opensaml 2.4.1 version. But, org.wso2.carbon.identity.core, which includes the class that reports to be missing, always wires with opensaml 2.6.4 version as specified. This causes the NoClassDefFoundError. p org.opensaml.xml.security.x509; version="2.6.4.wso2v1"<opensaml_2.6.4.wso2v1 [94]> org.jaggeryjs.modules.sso_1.5.0 [170] imports org.wso2.carbon.hostobjects.sso_4.3.2 [225] imports org.wso2.carbon.identity.application.authenticator.passive.sts_5.0.8.SNAPSHOT [239] imports org.wso2.carbon.identity.application.authenticator.samlsso_5.0.8.SNAPSHOT [242] imports org.wso2.carbon.identity.authenticator.saml2.sso_5.0.8.SNAPSHOT [252] imports org.wso2.carbon.identity.authenticator.saml2.sso.common_5.0.8.SNAPSHOT [253] imports org.wso2.carbon.identity.entitlement_5.0.8.SNAPSHOT [260] imports org.wso2.carbon.identity.oauth_5.0.8.SNAPSHOT [270] imports org.wso2.carbon.identity.provider_5.0.8.SNAPSHOT [274] imports org.wso2.carbon.identity.sso.saml_5.0.8.SNAPSHOT [282] imports org.wso2.carbon.identity.tools.saml.validator_5.0.8.SNAPSHOT [292] imports org.wso2.carbon.webapp.mgt_4.5.3 [421] imports rampart-trust_1.6.1.wso2v17 [433] imports wss4j_1.5.11.wso2v11 [460] imports org.opensaml.xml.security.x509; version="2.4.1.wso2v1"<opensaml2_2.4.1.wso2v1 [95]> org.wso2.carbon.identity.sso.agent_4.5.6 [281] imports tomcat_7.0.59.wso2v3 [450] imports org.wso2.carbon.identity.sso.agent bundle is an unwanted bundle in IS. So, AFAIU, we have below options to solve this issue and successfully upgrade the opensaml version. 1. Bundle org.wso2.carbon.identity.sso.agent_4.5.6 in a separate feature, and import the feature from org.wso2.carbon.webapp.mgt.server.feature rather than bundling the bundle itself. With this option, we will not have the unwanted sso.agent bundle at IS server runtime. 2. Upgrade the sso.agent version in org.wso2.carbon.webapp.mgt.server.feature I think it's better if we could do the first option. Please share your thoughts. [1] java.lang.NoClassDefFoundError: org/wso2/carbon/identity/core/util/IdentityConfigParser at org.wso2.carbon.identity.scim.provider.auth.SCIMAuthConfigReader.buildSCIMAuthenticators(SCIMAuthConfigReader.java:42) at org.wso2.carbon.identity.scim.provider.impl.ApplicationInitializer.initSCIMAuthenticatorRegistry(ApplicationInitializer.java:69) at org.wso2.carbon.identity.scim.provider.impl.ApplicationInitializer.contextInitialized(ApplicationInitializer.java:48) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:5016) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5524) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:649) at org.wso2.carbon.tomcat.internal.CarbonTomcat.addWebApp(CarbonTomcat.java:290) at org.wso2.carbon.tomcat.internal.CarbonTomcat.addWebApp(CarbonTomcat.java:198) -- *Malithi Edirisinghe* Senior Software Engineer WSO2 Inc. Mobile : +94 (0) 718176807 [email protected]
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
