[jira] [Commented] (KARAF-806) ProxyLoginModule should actually be on the bootclasspath classpath right?

Fri, 16 Mar 2012 11:24:01 -0700 

    [ 
https://issues.apache.org/jira/browse/KARAF-806?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13231481#comment-13231481
 ] 

Jamie goodyear commented on KARAF-806:
--------------------------------------

Reading the note in 
jaas/boot/src/main/java/org/apache/karaf/jaas/boot/ProxyLoginModule.java:

"An OSGi proxy login module that should be used instead of a plain reference to 
a given login module.  Two properties must be set, the name of the login module 
class and the bundle to be used to load it.
This class must be available from all modules, so it has to be either in a 
fragment bundle attached to the system bundle or be made available through the 
boot delegation class path."

Sounds like it should be on the BootClasspath, so an -Xbootclasspath entry may 
be required here?
                
> ProxyLoginModule should actually be on the bootclasspath classpath right?
> -------------------------------------------------------------------------
>
>                 Key: KARAF-806
>                 URL: https://issues.apache.org/jira/browse/KARAF-806
>             Project: Karaf
>          Issue Type: Question
>          Components: karaf-documentation
>    Affects Versions: 2.2.2
>            Reporter: Todor Boev
>            Priority: Trivial
>             Fix For: 2.2.6, 3.0.0
>
>
> In Developers Guide,  Security Framework, Architecture (section)
> http://karaf.apache.org/manual/2.2.2/developers-guide/security-framework.html
> It is mentioned that ProxyLoginModule must be "available from the system 
> classloader". This does not seem correct. The LoginContext class calls 
> Class.forName(<module class>, true, <context class loader>) to load the login 
> module classes. When the context loader is null Class.forName() delegates to 
> the loader of the current class, which in the case of LoginContext is the 
> boot loader. So if we have ProxyLoginModule on the system classpath it will 
> be bypassed.
> In equinox we can get away with this because equinox sets a context class 
> loader of it's own, which delegates to the system loader. I suspect on Felix 
> this will not work.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to