You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Daniel Kulp (JIRA)" <ji...@apache.org> on 2013/12/05 21:21:35 UTC
[jira] [Commented] (CXF-5423) Callbackhandlers and other resources
aren't found if configured in blueprint config due to classloading issues
[ https://issues.apache.org/jira/browse/CXF-5423?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13840522#comment-13840522 ]
Daniel Kulp commented on CXF-5423:
----------------------------------
Marc,
Can you grab the stack trace at that point? That exact code SHOULD already be on the stack, but I'd like to get the exact stack trace to trace it up and double check.
> Callbackhandlers and other resources aren't found if configured in blueprint config due to classloading issues
> --------------------------------------------------------------------------------------------------------------
>
> Key: CXF-5423
> URL: https://issues.apache.org/jira/browse/CXF-5423
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS Security
> Affects Versions: 2.7.7
> Environment: OSGi (Karaf)
> Reporter: Marc Giger
>
> Hi,
> While playing around with JAX-RS security in OSGi (following the guide at http://cxf.apache.org/docs/jax-rs-saml.html) I found that if I configure the ws-security.* props directly in blueprint none of the configured resources are found. A little debugging showed that the wrong classloader is used to load the Callbackhandlers and property files. Note this works fine for the jaxrs service but not for the jaxrs client.
> Blueprint config:
> <jaxrs:client id="bookStoreServiceClient"
> address="http://localhost:8040/services/bookStoreService"
> serviceClass="com.mycompany.demoRestServiceCommon.service.BookStore"
> inheritHeaders="true">
> <jaxrs:outInterceptors>
> <ref component-id="samlHeaderOutInterceptor"/>
> </jaxrs:outInterceptors>
> <jaxrs:properties>
> <entry key="ws-security.callback-handler"
> value="com.mycompany.demoRestServiceConsumer.PasswordCallbackHandler"/>
> <entry key="ws-security.saml-callback-handler"
> value="com.mycompany.demoRestServiceConsumer.SamlCallbackHandler"/>
> <entry key="ws-security.signature.username" value="client"/>
> <entry key="ws-security.signature.properties" value="clientKeystore.properties"/>
> </jaxrs:properties>
> </jaxrs:client>
> <bean id="samlHeaderOutInterceptor" class="com.mycompany.demoRestServiceConsumer.SamlOutInterceptor"/>
> I've overridden the SAMLHeaderOutInterceptor to show the problem and what needs to be done somewhere to fix it:
> public class SamlOutInterceptor extends SamlHeaderOutInterceptor {
> @Override
> public void handleMessage(Message message) throws Fault {
> ClassLoader classLoader = message.getExchange().getBus().getExtension(ClassLoader.class);
> ClassLoader tccl = Thread.currentThread().getContextClassLoader();
> try {
> if (classLoader != null) {
> Thread.currentThread().setContextClassLoader(classLoader);
> }I've implemented a hack
> super.handleMessage(message);
> } finally {
> //restore original classloader
> if (classLoader != null) {
> Thread.currentThread().setContextClassLoader(tccl);
> }
> }
> }
> }
--
This message was sent by Atlassian JIRA
(v6.1#6144)