You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Sergey Beryozkin (JIRA)" <ji...@apache.org> on 2013/12/17 18:37:27 UTC
[jira] [Resolved] (CXF-5423) Callbackhandlers and other resources
aren't found if configured in blueprint config due to classloading issues
[ https://issues.apache.org/jira/browse/CXF-5423?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sergey Beryozkin resolved CXF-5423.
-----------------------------------
Resolution: Fixed
Fix Version/s: 2.7.9
2.6.12
3.0.0-milestone2
Assignee: Sergey Beryozkin
> Callbackhandlers and other resources aren't found if configured in blueprint config due to classloading issues
> --------------------------------------------------------------------------------------------------------------
>
> Key: CXF-5423
> URL: https://issues.apache.org/jira/browse/CXF-5423
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS Security
> Affects Versions: 2.7.7
> Environment: OSGi (Karaf)
> Reporter: Marc Giger
> Assignee: Sergey Beryozkin
> Fix For: 3.0.0-milestone2, 2.6.12, 2.7.9
>
>
> Hi,
> While playing around with JAX-RS security in OSGi (following the guide at http://cxf.apache.org/docs/jax-rs-saml.html) I found that if I configure the ws-security.* props directly in blueprint none of the configured resources are found. A little debugging showed that the wrong classloader is used to load the Callbackhandlers and property files. Note this works fine for the jaxrs service but not for the jaxrs client.
> Blueprint config:
> <jaxrs:client id="bookStoreServiceClient"
> address="http://localhost:8040/services/bookStoreService"
> serviceClass="com.mycompany.demoRestServiceCommon.service.BookStore"
> inheritHeaders="true">
> <jaxrs:outInterceptors>
> <ref component-id="samlHeaderOutInterceptor"/>
> </jaxrs:outInterceptors>
> <jaxrs:properties>
> <entry key="ws-security.callback-handler"
> value="com.mycompany.demoRestServiceConsumer.PasswordCallbackHandler"/>
> <entry key="ws-security.saml-callback-handler"
> value="com.mycompany.demoRestServiceConsumer.SamlCallbackHandler"/>
> <entry key="ws-security.signature.username" value="client"/>
> <entry key="ws-security.signature.properties" value="clientKeystore.properties"/>
> </jaxrs:properties>
> </jaxrs:client>
> <bean id="samlHeaderOutInterceptor" class="com.mycompany.demoRestServiceConsumer.SamlOutInterceptor"/>
> I've overridden the SAMLHeaderOutInterceptor to show the problem and what needs to be done somewhere to fix it:
> public class SamlOutInterceptor extends SamlHeaderOutInterceptor {
> @Override
> public void handleMessage(Message message) throws Fault {
> ClassLoader classLoader = message.getExchange().getBus().getExtension(ClassLoader.class);
> ClassLoader tccl = Thread.currentThread().getContextClassLoader();
> try {
> if (classLoader != null) {
> Thread.currentThread().setContextClassLoader(classLoader);
> }I've implemented a hack
> super.handleMessage(message);
> } finally {
> //restore original classloader
> if (classLoader != null) {
> Thread.currentThread().setContextClassLoader(tccl);
> }
> }
> }
> }
--
This message was sent by Atlassian JIRA
(v6.1.4#6159)