Re: [Resin-interest] Bug in Resin 4.0.x (and 3.1.x)?
Sorry to bump this question, but any idea if this will be fixed in 4.0.7 or 4.0.8 (or if's even a bug or something I am doing wrong)? Thanks, Aaron Scott, Still struggling with the issue where we cannot encrypt passwords in our resin.xml file. As you have indicated, there is now a better clue: C:\opt\. . .\conf\admin.xml:41: unable to create attribute SetterAttribute[public void com.caucho.vfs.JsseSSLFactory.setPassword(java.lang.String)] for com.caucho.vfs.jssesslfact...@79f03d7 and QName[{http://caucho.com/ns/resin}password] 39: key-store-typejks/key-store-type 40: key-store-file/opt/. . ./keys.kdb/key-store-file 41: password xmlns:encryption=urn:java:com.encryption 42: encryption:Passwordabcdf/encryption:Password 43: /password Thanks, Aaron On 3/22/2010 6:09 PM, Scott Ferguson wrote: Aaron Freeman wrote: O Man, I don't see how I am blowing it then. Does this look right: password xmlns:encryption=urn:java:[full package, not including the class] encryption:[class name]abcdefg/encryption:[class name] /password Where the [full package, not including the class] would be something like java.util and the class name would be something like Hashmap with an uppercase first character like classes normally are capitalized? If so, I am a bit baffled. That looks fine. I'll have a snapshot in a day or two with the improved error messages. That may give a better idea of the issue. You could also try removing the whitespace around the encryption:Password (it shouldn't matter, but then again your example should work.) -- Scott Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest No virus found in this incoming message. Checked by AVG -www.avg.com Version: 9.0.791 / Virus Database: 271.1.1/2764 - Release Date: 03/22/10 14:44:00 ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Bug in Resin 4.0.x (and 3.1.x)?
Aaron Freeman wrote: Sorry to bump this question, but any idea if this will be fixed in 4.0.7 or 4.0.8 (or if's even a bug or something I am doing wrong)? I've added is as a bug report at http://bugs.caucho.com/view.php?id=4054. Since your syntax is correct for 4.0.x, this looks like a Resin bug. It should be possible to fix in 4.0.8. -- Scott Thanks, Aaron Scott, Still struggling with the issue where we cannot encrypt passwords in our resin.xml file. As you have indicated, there is now a better clue: C:\opt\. . .\conf\admin.xml:41: unable to create attribute SetterAttribute[public void com.caucho.vfs.JsseSSLFactory.setPassword(java.lang.String)] for com.caucho.vfs.jssesslfact...@79f03d7 and QName[{http://caucho.com/ns/resin}password] 39: key-store-typejks/key-store-type 40: key-store-file/opt/. . ./keys.kdb/key-store-file 41: password xmlns:encryption=urn:java:com.encryption 42: encryption:Passwordabcdf/encryption:Password 43: /password Thanks, Aaron On 3/22/2010 6:09 PM, Scott Ferguson wrote: Aaron Freeman wrote: O Man, I don't see how I am blowing it then. Does this look right: password xmlns:encryption=urn:java:[full package, not including the class] encryption:[class name]abcdefg/encryption:[class name] /password Where the [full package, not including the class] would be something like java.util and the class name would be something like Hashmap with an uppercase first character like classes normally are capitalized? If so, I am a bit baffled. That looks fine. I'll have a snapshot in a day or two with the improved error messages. That may give a better idea of the issue. You could also try removing the whitespace around the encryption:Password (it shouldn't matter, but then again your example should work.) -- Scott Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest No virus found in this incoming message. Checked by AVG - www.avg.com Version: 9.0.791 / Virus Database: 271.1.1/2764 - Release Date: 03/22/10 14:44:00 ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Bug in Resin 4.0.x (and 3.1.x)?
Awesome -- also note that the exact same syntax DOES work in place of the password in the databasedriverpassword../password/driver/database nodes. Aaron On 5/28/2010 2:14 PM, Scott Ferguson wrote: Aaron Freeman wrote: Sorry to bump this question, but any idea if this will be fixed in 4.0.7 or 4.0.8 (or if's even a bug or something I am doing wrong)? I've added is as a bug report at http://bugs.caucho.com/view.php?id=4054. Since your syntax is correct for 4.0.x, this looks like a Resin bug. It should be possible to fix in 4.0.8. -- Scott Thanks, Aaron Scott, Still struggling with the issue where we cannot encrypt passwords in our resin.xml file. As you have indicated, there is now a better clue: C:\opt\. . .\conf\admin.xml:41: unable to create attribute SetterAttribute[public void com.caucho.vfs.JsseSSLFactory.setPassword(java.lang.String)] for com.caucho.vfs.jssesslfact...@79f03d7 and QName[{http://caucho.com/ns/resin}password] 39:key-store-typejks/key-store-type 40:key-store-file/opt/. . ./keys.kdb/key-store-file 41:password xmlns:encryption=urn:java:com.encryption 42:encryption:Passwordabcdf/encryption:Password 43:/password Thanks, Aaron On 3/22/2010 6:09 PM, Scott Ferguson wrote: Aaron Freeman wrote: O Man, I don't see how I am blowing it then. Does this look right: password xmlns:encryption=urn:java:[full package, not including the class] encryption:[class name]abcdefg/encryption:[class name] /password Where the [full package, not including the class] would be something like java.util and the class name would be something like Hashmap with an uppercase first character like classes normally are capitalized? If so, I am a bit baffled. That looks fine. I'll have a snapshot in a day or two with the improved error messages. That may give a better idea of the issue. You could also try removing the whitespace around the encryption:Password (it shouldn't matter, but then again your example should work.) -- Scott Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest No virus found in this incoming message. Checked by AVG - www.avg.com Version: 9.0.791 / Virus Database: 271.1.1/2764 - Release Date: 03/22/10 14:44:00 ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Bug in Resin 4.0.x (and 3.1.x)?
Scott, Still struggling with the issue where we cannot encrypt passwords in our resin.xml file. As you have indicated, there is now a better clue: C:\opt\. . .\conf\admin.xml:41: unable to create attribute SetterAttribute[public void com.caucho.vfs.JsseSSLFactory.setPassword(java.lang.String)] for com.caucho.vfs.jssesslfact...@79f03d7 and QName[{http://caucho.com/ns/resin}password] 39: key-store-typejks/key-store-type 40: key-store-file/opt/. . ./keys.kdb/key-store-file 41: password xmlns:encryption=urn:java:com.encryption 42: encryption:Passwordabcdf/encryption:Password 43: /password Thanks, Aaron On 3/22/2010 6:09 PM, Scott Ferguson wrote: Aaron Freeman wrote: O Man, I don't see how I am blowing it then. Does this look right: password xmlns:encryption=urn:java:[full package, not including the class] encryption:[class name]abcdefg/encryption:[class name] /password Where the [full package, not including the class] would be something like java.util and the class name would be something like Hashmap with an uppercase first character like classes normally are capitalized? If so, I am a bit baffled. That looks fine. I'll have a snapshot in a day or two with the improved error messages. That may give a better idea of the issue. You could also try removing the whitespace around the encryption:Password (it shouldn't matter, but then again your example should work.) -- Scott Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest No virus found in this incoming message. Checked by AVG - www.avg.com Version: 9.0.791 / Virus Database: 271.1.1/2764 - Release Date: 03/22/10 14:44:00 ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Bug in Resin 4.0.x (and 3.1.x)?
Oooh, I should have mentioned .. this exact syntax works with the database connection, but NOT for the SSL setup. So the class exists, Resin can find it, and it works great -- but only for database connections and not within the JSSE configuration node. Thanks, Aaron On 5/17/2010 10:45 AM, Aaron Freeman wrote: Scott, Still struggling with the issue where we cannot encrypt passwords in our resin.xml file. As you have indicated, there is now a better clue: C:\opt\. . .\conf\admin.xml:41: unable to create attribute SetterAttribute[public void com.caucho.vfs.JsseSSLFactory.setPassword(java.lang.String)] for com.caucho.vfs.jssesslfact...@79f03d7 and QName[{http://caucho.com/ns/resin}password] 39: key-store-typejks/key-store-type 40: key-store-file/opt/. . ./keys.kdb/key-store-file 41: password xmlns:encryption=urn:java:com.encryption 42: encryption:Passwordabcdf/encryption:Password 43: /password Thanks, Aaron On 3/22/2010 6:09 PM, Scott Ferguson wrote: Aaron Freeman wrote: O Man, I don't see how I am blowing it then. Does this look right: password xmlns:encryption=urn:java:[full package, not including the class] encryption:[class name]abcdefg/encryption:[class name] /password Where the [full package, not including the class] would be something like java.util and the class name would be something like Hashmap with an uppercase first character like classes normally are capitalized? If so, I am a bit baffled. That looks fine. I'll have a snapshot in a day or two with the improved error messages. That may give a better idea of the issue. You could also try removing the whitespace around the encryption:Password (it shouldn't matter, but then again your example should work.) -- Scott Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest No virus found in this incoming message. Checked by AVG -www.avg.com Version: 9.0.791 / Virus Database: 271.1.1/2764 - Release Date: 03/22/10 14:44:00 ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Bug in Resin 4.0.x (and 3.1.x)?
On 3/22/2010 1:11 PM, Scott Ferguson wrote: Aaron Freeman wrote: This page says that I can obfuscate a password in the resin.xml file, but doesn't appear to work. It works in 3.0.23, but stopped working in 3.1.x and 4.0.x. We use this feature, not to protect the password on the server, but to make sure it isn't accidentally transmitted in clear-text by mistake when sharing our resin.xml files with consultants, via email, etc: http://www.caucho.com/resin/admin/database-pool-config.xtp#Protecting%20the%20database%20password Here is the error I am getting. I have tried in resin-pro-4.0.2,.4, and .5, and resin-pro-3.1.9: /opt/server/conf/resin.xml:44: resin:type=com.encryption.Password is an unexpected attribute inpassword. 42:key-store-typejks/key-store-type 43:key-store-file/opt/sendthisfile/server/ssl.kdb/key-store-file 44:password resin:type=com.encryption.Passwordabcdefg/password 45:/jsse-ssl 46:/http Any thoughts? Thanks. That's a documentation issue. The resin:type has been replaced by a more general CanDI syntax, which looks like: password xmlns:encryption=urn:java:com.encryption encryption:Passwordabcdefg/encryption:password /password In other words, the custom class now has its own XML tag instead of the resin:type syntax. (Unfortunately, it was not possible for us to keep the old resin:type for backwards compatibility, because that would have complicated the key underlying configuration too much. Ok, so I thought what you were saying is that this: password xmlns:encryption=urn:java:com.encryption encryption:Passwordabcdefg/encryption:password /password is a drop-in replacement for this: password resin:type=com.encryption.Passwordabcdefg/password but apparently I think you are trying to tell me that we need to change our Java source code somehow, based on getting this when trying to start Resin: /opt/server/conf/resin.xml:47: unable to create attribute SetterAttribute[public void com.caucho.vfs.JsseSSLFactory.setPassword(java.lang.String)] for com.caucho.vfs.jssesslfact...@6779e6 and QName[{http://caucho.com/ns/resin}password] So is there a link that you can point me to in order to give me a clue in what I need to do to modify our source to handle this new syntax? Thanks, Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Bug in Resin 4.0.x (and 3.1.x)?
Aaron Freeman wrote: Ok, so I thought what you were saying is that this: password xmlns:encryption=urn:java:com.encryption encryption:Passwordabcdefg/encryption:password /password is a drop-in replacement for this: password resin:type=com.encryption.Passwordabcdefg/password Yes, it should be a direct replacement. (The internal implementation is a bit tricky, though.) but apparently I think you are trying to tell me that we need to change our Java source code somehow, based on getting this when trying to start Resin: /opt/server/conf/resin.xml:47: unable to create attribute SetterAttribute[public void com.caucho.vfs.JsseSSLFactory.setPassword(java.lang.String)] for com.caucho.vfs.jssesslfact...@6779e6 and QName[{http://caucho.com/ns/resin}password] So is there a link that you can point me to in order to give me a clue in what I need to do to modify our source to handle this new syntax? Let me check. I tested the replacement against database. I'll see why it's causing trouble with jsse. -- Scott Thanks, Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Bug in Resin 4.0.x (and 3.1.x)?
On 3/22/2010 2:29 PM, Scott Ferguson wrote: Aaron Freeman wrote: Ok, so I thought what you were saying is that this: password xmlns:encryption=urn:java:com.encryption encryption:Passwordabcdefg/encryption:password /password is a drop-in replacement for this: password resin:type=com.encryption.Passwordabcdefg/password Yes, it should be a direct replacement. (The internal implementation is a bit tricky, though.) but apparently I think you are trying to tell me that we need to change our Java source code somehow, based on getting this when trying to start Resin: /opt/server/conf/resin.xml:47: unable to create attribute SetterAttribute[public void com.caucho.vfs.JsseSSLFactory.setPassword(java.lang.String)] for com.caucho.vfs.jssesslfact...@6779e6 and QName[{http://caucho.com/ns/resin}password] So is there a link that you can point me to in order to give me a clue in what I need to do to modify our source to handle this new syntax? Let me check. I tested the replacement againstdatabase. I'll see why it's causing trouble with jsse. Ok, here is the full http block I am using, in case its out of date for some reason (I am using the block directly from our working 3.0.23 implementation verbatim, with your recommended tweak): http address=* port=443 jsse-ssl key-store-typejks/key-store-type key-store-file/opt/server/security/ssl.kdb/key-store-file password xmlns:encryption=urn:java:com.encryption encryption:Passwordabcdefg/encryption:Password /password /jsse-ssl /http - Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Bug in Resin 4.0.x (and 3.1.x)?
Aaron Freeman wrote: Ok, here is the full http block I am using, in case its out of date for some reason (I am using the block directly from our working 3.0.23 implementation verbatim, with your recommended tweak): http address=* port=443 jsse-ssl key-store-typejks/key-store-type key-store-file/opt/server/security/ssl.kdb/key-store-file password xmlns:encryption=urn:java:com.encryption encryption:Passwordabcdefg/encryption:Password /password /jsse-ssl /http What I've found is that if the XML namespace for encryption:* isn't right, i.e. not urn:java:..., you'll get that cryptic error message. If it's right, it's working for me. I'm working on first getting a better error message, and second seeing if there are other failure cases. -- Scott - Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Bug in Resin 4.0.x (and 3.1.x)?
On 3/22/2010 3:44 PM, Scott Ferguson wrote: Aaron Freeman wrote: Ok, here is the full http block I am using, in case its out of date for some reason (I am using the block directly from our working 3.0.23 implementation verbatim, with your recommended tweak): http address=* port=443 jsse-ssl key-store-typejks/key-store-type key-store-file/opt/server/security/ssl.kdb/key-store-file password xmlns:encryption=urn:java:com.encryption encryption:Passwordabcdefg/encryption:Password /password /jsse-ssl /http What I've found is that if the XML namespace forencryption:* isn't right, i.e. not urn:java:..., you'll get that cryptic error message. If it's right, it's working for me. I'm working on first getting a better error message, and second seeing if there are other failure cases. Man, I don't see how I am blowing it then. Does this look right: password xmlns:encryption=urn:java:[full package, not including the class] encryption:[class name]abcdefg/encryption:[class name] /password Where the [full package, not including the class] would be something like java.util and the class name would be something like Hashmap with an uppercase first character like classes normally are capitalized? If so, I am a bit baffled. Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest