You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@servicemix.apache.org by ch...@mediadriver.com on 2012/07/04 18:41:27 UTC
Signed jars in Servicemix
I am having problems including some RSA security jars in my Servicemix
application. It seems that Embedded or Wrapping the jars causes them to
fail there self-integrity checks. These are signed jars and I do believe
they fail there self-integrity checks if the jars are manipulated in any
way. Does anyone know how to include these types of dependencies with
corrupting there integrity?
Thanks
Chris O.
Re: Signed jars in Servicemix
Posted by ch...@mediadriver.com.
Fang,
Thanks for your response and I had actually found the Karaf section
on adding in Security Providers in the User Guide. I noticed you sent
that same information and in my case that was exactly what I needed to
fix my problem. You were spot on so thanks for responding.
Chris O.
On 2012-07-04 18:49, Freeman Fang wrote:
> Hi,
>
> Ensure the instructions you mentioned here is [1].
> What you need do is
> 1.put your provider jar in karaf-install-dir/lib/ext
>
> 2. modify the karaf-install-dir/etc/config.properties configuration
> file to add the following property
> org.apache.karaf.security.providers = xxx,yyy
> The value of this property is a comma separated list of the
> provider class names to register.
> For example:
> org.apache.karaf.security.providers =
> org.bouncycastle.jce.provider.BouncyCastleProvider
>
> 3. In addition, you may want to provide access to the classes from
> those providers from the system bundle so that all bundles can access
> those. It can be done by modifying the
> org.osgi.framework.bootdelegation property in the same configuration
> file:
> org.osgi.framework.bootdelegation =
> ...,the_package_from_your_provider_jar
>
> You need ensure you have done for step 3.
>
>
>
>
> [1]http://karaf.apache.org/manual/latest-2.2.x/users-guide/security.html
>
> Freeman
>
> On 2012-7-5, at 上午2:19, chris.odom@mediadriver.com wrote:
>
>> On 2012-07-04 11:41, chris.odom@mediadriver.com wrote:
>>> I am having problems including some RSA security jars in my
>>> Servicemix application. It seems that Embedded or Wrapping the jars
>>> causes them to fail there self-integrity checks. These are signed
>>> jars
>>> and I do believe they fail there self-integrity checks if the jars
>>> are
>>> manipulated in any way. Does anyone know how to include these types
>>> of
>>> dependencies with corrupting there integrity?
>>>
>>> Thanks
>>> Chris O.
>>
>> What i realized is that the the RSA security jar needs to be
>> deployed as a security provider with in the karaf container. I
>> followed the instructions on how to do this but my bundles no longer
>> are able to see the needed packages...any help would be deeply
>> appreciated.
>
> ---------------------------------------------
> Freeman Fang
>
> FuseSource
> Email:ffang@fusesource.com
> Web: fusesource.com
> Twitter: freemanfang
> Blog: http://freemanfang.blogspot.com
> http://blog.sina.com.cn/u/1473905042
> weibo: http://weibo.com/u/1473905042
Re: Signed jars in Servicemix
Posted by Freeman Fang <fr...@gmail.com>.
Hi,
Ensure the instructions you mentioned here is [1].
What you need do is
1.put your provider jar in karaf-install-dir/lib/ext
2. modify the karaf-install-dir/etc/config.properties configuration
file to add the following property
org.apache.karaf.security.providers = xxx,yyy
The value of this property is a comma separated list of the
provider class names to register.
For example:
org.apache.karaf.security.providers =
org.bouncycastle.jce.provider.BouncyCastleProvider
3. In addition, you may want to provide access to the classes from
those providers from the system bundle so that all bundles can access
those. It can be done by modifying the
org.osgi.framework.bootdelegation property in the same configuration
file:
org.osgi.framework.bootdelegation
= ...,the_package_from_your_provider_jar
You need ensure you have done for step 3.
[1]http://karaf.apache.org/manual/latest-2.2.x/users-guide/security.html
Freeman
On 2012-7-5, at 上午2:19, chris.odom@mediadriver.com wrote:
> On 2012-07-04 11:41, chris.odom@mediadriver.com wrote:
>> I am having problems including some RSA security jars in my
>> Servicemix application. It seems that Embedded or Wrapping the jars
>> causes them to fail there self-integrity checks. These are signed
>> jars
>> and I do believe they fail there self-integrity checks if the jars
>> are
>> manipulated in any way. Does anyone know how to include these types
>> of
>> dependencies with corrupting there integrity?
>>
>> Thanks
>> Chris O.
>
> What i realized is that the the RSA security jar needs to be
> deployed as a security provider with in the karaf container. I
> followed the instructions on how to do this but my bundles no longer
> are able to see the needed packages...any help would be deeply
> appreciated.
---------------------------------------------
Freeman Fang
FuseSource
Email:ffang@fusesource.com
Web: fusesource.com
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com
http://blog.sina.com.cn/u/1473905042
weibo: http://weibo.com/u/1473905042
Re: Signed jars in Servicemix
Posted by ch...@mediadriver.com.
On 2012-07-04 11:41, chris.odom@mediadriver.com wrote:
> I am having problems including some RSA security jars in my
> Servicemix application. It seems that Embedded or Wrapping the jars
> causes them to fail there self-integrity checks. These are signed
> jars
> and I do believe they fail there self-integrity checks if the jars
> are
> manipulated in any way. Does anyone know how to include these types
> of
> dependencies with corrupting there integrity?
>
> Thanks
> Chris O.
What i realized is that the the RSA security jar needs to be deployed
as a security provider with in the karaf container. I followed the
instructions on how to do this but my bundles no longer are able to see
the needed packages...any help would be deeply appreciated.