1 2 3 4 Previous Next 50 Replies Latest reply: May 14, 2008 8:49 AM by Anil Saldhana Go to original post RSS
  • 15. Re: Security Injection in AS5
    Alexey Loubyansky Master

     

    "adrian@jboss.org" wrote:
    We know it found the schema (assuming that file exists in the classpath
    and is reachable from the bean parsing deployer's classloader):
    TRACE [org.jboss.xb.binding.sunday.unmarshalling.DefaultSchemaResolver] (main) found schema InputSou
    rce, nsURI=urn:jboss:security-config:5.0, baseURI=null, schemaLocation=resource:security-config_5_0.
    xsd
    


    Actually, it didn't. This message would be logged even if it wasn't found. I am fixing it. And looking into why it is not found...

  • 16. Re: Security Injection in AS5
    Adrian Brock Master

     

    "alex.loubyansky@jboss.com" wrote:
    "adrian@jboss.org" wrote:
    We know it found the schema (assuming that file exists in the classpath
    and is reachable from the bean parsing deployer's classloader):
    TRACE [org.jboss.xb.binding.sunday.unmarshalling.DefaultSchemaResolver] (main) found schema InputSou
    rce, nsURI=urn:jboss:security-config:5.0, baseURI=null, schemaLocation=resource:security-config_5_0.
    xsd
    


    Actually, it didn't. This message would be logged even if it wasn't found. I am fixing it. And looking into why it is not found...


    Are you going to fix the logging as well then? :-)
    Kind of pointless even having it when it is meaningless.

  • 17. Re: Security Injection in AS5
    Alexey Loubyansky Master

    Yes, by "fixing it" I meant the logging :) I am still figuring out why it can't find the schema.

  • 18. Re: Security Injection in AS5
    Alexey Loubyansky Master

    The XSD cannot be found in the classpath.

    log wrote:
    2008-03-27 15:36:04,375 TRACE [org.jboss.xb.binding.sunday.unmarshalling.DefaultSchemaResolver] (main) Mapped schemaLocation to filename: security-config_5_0.xsd
    2008-03-27 15:36:04,375 TRACE [org.jboss.xb.binding.sunday.unmarshalling.DefaultSchemaResolver] (main) getInputSource, nsURI=urn:jboss:security-config:5.0, baseURI=null, schemaLocation=resource:schema/security-config_5_0.xsd
    2008-03-27 15:36:04,375 TRACE [org.jboss.util.xml.JBossEntityResolver] (main) resolvePublicID, publicId=urn:jboss:security-config:5.0
    2008-03-27 15:36:04,375 TRACE [org.jboss.util.xml.JBossEntityResolver] (main) Found entity from publicId=urn:jboss:security-config:5.0 fileName=security-config_5_0.xsd
    2008-03-27 15:36:04,375 TRACE [org.jboss.util.xml.JBossEntityResolver] (main) Cannot load publicId from classpath resource: security-config_5_0.xsd


    The file is in the schema directory of the jboss-metadata.jar
    Changing the schemaLocation in the XML to include "schema/" doesn't work. I tried changing the mapping in the JBossEntityResolver to include the "schema/". Didn't work.

    log wrote:
    2008-03-27 15:50:25,614 TRACE [org.jboss.util.xml.JBossEntityResolver] (main) Found entity from publicId=urn:jboss:security-config:5.0 fileName=schema/security-config_5_0.xsd
    2008-03-27 15:50:25,614 TRACE [org.jboss.util.xml.JBossEntityResolver] (main) Cannot load publicId from classpath resource: schema/security-config_5_0.xsd


  • 19. Re: Security Injection in AS5
    Alexey Loubyansky Master

    Here is a list of URLs that form the classpath logged from the JBossEntityResolver.resolveEntity() for the security-config_5_0.xsd. The server's lib directory is not there.

    log wrote:
    2008-03-31 16:17:20,761 INFO [STDOUT] (main) PRINT URLS FOR org.jboss.system.NoAnnotationURLClassLoader
    2008-03-31 16:17:20,761 INFO [STDOUT] (main) urls total: 22
    2008-03-31 16:17:20,761 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-deployers-core-spi.jar
    2008-03-31 16:17:20,761 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-deployers-core.jar
    2008-03-31 16:17:20,761 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-deployers-client-spi.jar
    2008-03-31 16:17:20,761 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-deployers-client.jar
    2008-03-31 16:17:20,761 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-deployers-structure-spi.jar
    2008-03-31 16:17:20,761 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-deployers-spi.jar
    2008-03-31 16:17:20,761 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-deployers-impl.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-deployers-vfs-spi.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-deployers-vfs.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-system.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-j2se.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-mbeans.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-jmx.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-system-jmx.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/dom4j.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-aop-deployer-jdk50.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-aop-jboss4-jdk50.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-aop-jboss5.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/activation.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jaxb-impl.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/stax-api.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/wstx.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) PRINT URLS FOR org.jboss.system.NoAnnotationURLClassLoader
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) urls total: 29
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/endorsed/resolver.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/endorsed/serializer.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/endorsed/xalan.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/endorsed/xercesImpl.jar
    2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/endorsed/xml-apis.jar
    2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/concurrent.jar
    2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/log4j-boot.jar
    2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-logging-spi.jar
    2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-logging-log4j.jar
    2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-logging-jdk.jar
    2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-common-core.jar
    2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-xml-binding.jar
    2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jaxb-api.jar
    2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-bootstrap.jar
    2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/javassist.jar
    2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-reflect.jar
    2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-mdr.jar
    2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-dependency.jar
    2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-kernel.jar
    2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-metatype.jar
    2008-03-31 16:17:20,791 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-managed.jar
    2008-03-31 16:17:20,791 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-vfs.jar
    2008-03-31 16:17:20,791 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-classloading-spi.jar
    2008-03-31 16:17:20,791 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-classloader.jar
    2008-03-31 16:17:20,791 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-classloading.jar
    2008-03-31 16:17:20,852 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-classloading-vfs.jar
    2008-03-31 16:17:20,852 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-aop-jdk50.jar
    2008-03-31 16:17:20,852 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-aop-mc-int.jar
    2008-03-31 16:17:20,852 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/trove.jar
    2008-03-31 16:17:20,852 INFO [STDOUT] (main) PRINT URLS FOR sun.misc.Launcher$AppClassLoader
    2008-03-31 16:17:20,852 INFO [STDOUT] (main) urls total: 2
    2008-03-31 16:17:20,852 INFO [STDOUT] (main) file:/C:/jdk1.5.0_13/lib/tools.jar
    2008-03-31 16:17:20,852 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/bin/run.jar
    2008-03-31 16:17:20,852 INFO [STDOUT] (main) PRINT URLS FOR sun.misc.Launcher$ExtClassLoader
    2008-03-31 16:17:20,852 INFO [STDOUT] (main) urls total: 4
    2008-03-31 16:17:20,862 INFO [STDOUT] (main) file:/C:/jdk1.5.0_13/jre/lib/ext/dnsns.jar
    2008-03-31 16:17:20,862 INFO [STDOUT] (main) file:/C:/jdk1.5.0_13/jre/lib/ext/localedata.jar
    2008-03-31 16:17:20,862 INFO [STDOUT] (main) file:/C:/jdk1.5.0_13/jre/lib/ext/sunjce_provider.jar
    2008-03-31 16:17:20,862 INFO [STDOUT] (main) file:/C:/jdk1.5.0_13/jre/lib/ext/sunpkcs11.jar


  • 20. Re: Security Injection in AS5
    Anil Saldhana Master

    Alexey, do you want us to create a JIRA issue for this in JBossXB project? Or is this an issue related to any of the class loader changes (I am not sure what they were) in recent times?

  • 21. Re: Security Injection in AS5
    Alexey Loubyansky Master

    It's a classloading issue.

  • 22. Re: Security Injection in AS5
    Scott Stark Master

    I updated the existing org.jboss.test.classloader.test.UnifiedLoaderUnitTestCase.testResource which has a sar loading resources local to the ear, global resources and now a server lib jar resource. I had to add a jboss-structure.xml to add the dtds dir to the ear classpath for the local resource tests, but once that was added its finding global and server lib resources. Need to look more closely at how the security usecase differs.

  • 23. Re: Security Injection in AS5
    Anil Saldhana Master

    Thanks Scott. This issue is kind of blocking our intention of moving the security domain defs from conf/login-config.xml as beans closer to where they are needed. For example, I want to convert the services in messaging-service.xml into beans and define the "messaging" sec domain configuration there. I would like conf/login-config.xml to just have the "other" sec domain configuration. Rest go closer to the services where they are needed. Will be a good showcase for users when they start defining the sec domains.

  • 24. Re: Security Injection in AS5
    Scott Stark Master

    The problem is that the BeanDeployer runs with a tcl that is associated with the conf/bootstrap-beans.xml deployment. This is the NoAnnotationURLClassLoader(bean=BootstrapClassLoader) that only has the server bootstrap libs in its classpath as Alexey showed. This cannot load the security-config_5_0.xsd schema from the server/xxx/lib/jboss-metadata.jar

    You need to specify the vfsfile url of the schema file to get this to parse. Ideally you should be able to do:

     <jbsx:policy
     xsi:schemaLocation="urn:jboss:security-config:5.0 vfsfile:${jboss.server.lib.url}/jboss-metadata.jar/schema/security-config_5_0.xsd"
    


    but we are not resolving system property refs as part of the system id resolution, so I had to specify the full vfsfil url, in my case:

    vfsfile:/Users/svn/JBossHead/jboss-head/build/output/jboss-5.0.0.CR1/server/default/lib/jboss-metadata.jar/schema/security-config_5_0.xsd

    It still failed to work because the org.jboss.security.config.PolicyConfig does not exist in my workspace, but it got past the parsing error.

    I'll create a feature request for the JBossEntityResolver.resolveEntity to try to run the input systemId through property resolution as without this its not practical to use vfs urls in config files.


  • 25. Re: Security Injection in AS5
    Scott Stark Master

    The JBossEntityResolver.resolveEntity issue is:
    http://jira.jboss.com/jira/browse/JBCOMMON-48

  • 26. Re: Security Injection in AS5
    Scott Stark Master

    This is fixed but needs a new jboss-common-core 2.2.5.GA release. Note that the correct system property to use is the jboss.server.home.dir. No .url properties can be used as this ends up nesting a file: protocol inside of the vfsfile:

     <bean name="StandardLoginConfig" class="org.jboss.security.auth.login.DynamicLoginConfig">
     <property name="policyConfig">
     <jbsx:policy
     xsi:schemaLocation="urn:jboss:security-config:5.0 vfsfile:${jboss.server.home.dir}/lib/jboss-metadata.jar/schema/security-config_5_0.xsd"
     xmlns:jbsx="urn:jboss:security-config:5.0"
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    



  • 27. Re: Security Injection in AS5
    Anil Saldhana Master

    Scott, looks like the alps are already having a positive effect on you. :) I was going to request Stefan to tackle the JBCOMMON issue. Thanks for the quick resolution.

  • 28. Re: Security Injection in AS5
    Scott Stark Master

    Stefan, you should be able to try this again as trunk has been updated to use the 2.2.5.beta1 jboss-common-core with the JBCOMMON-48 fix.

  • 29. Re: Security Injection in AS5
    Stefan Guilhen Apprentice

    Scott,

    I've tried again, and it indeed goes past the parsing error when using the vsf schema location. Now I am also seeing the failure to load the org.jboss.security.config.PolicyConfig that you also reported:

    10:20:33,101 ERROR [AbstractKernelController] Error installing to Parse: name=vfsfile:/opt/workspace/JBAS-Trunk/build/output/jboss-5.0.0.CR1/server/default/deploy/security-policies-beans.xml state=Not Installed mode=Manual requiredState=Parse
    org.jboss.deployers.spi.DeploymentException: Error creating managed object for vfsfile:/opt/workspace/JBAS-Trunk/build/output/jboss-5.0.0.CR1/server/default/deploy/security-policies-beans.xml
     at org.jboss.deployers.spi.DeploymentException.rethrowAsDeploymentException(DeploymentException.java:49)
     at org.jboss.deployers.spi.deployer.helpers.AbstractParsingDeployerWithOutput.createMetaData(AbstractParsingDeployerWithOutput.java:253)
     at org.jboss.deployers.spi.deployer.helpers.AbstractParsingDeployerWithOutput.createMetaData(AbstractParsingDeployerWithOutput.java:223)
     ....
    Caused by: org.jboss.xb.binding.JBossXBException: Failed to parse source: Failed to resolve class name for {urn:jboss:security-config:5.0}policy: org.jboss.security.config.PolicyConfig
     at org.jboss.xb.binding.parser.sax.SaxJBossXBParser.parse(SaxJBossXBParser.java:193)
     at org.jboss.xb.binding.UnmarshallerImpl.unmarshal(UnmarshallerImpl.java:153)
     at org.jboss.deployers.vfs.spi.deployer.SchemaResolverDeployer.parse(SchemaResolverDeployer.java:120)
     at org.jboss.deployers.vfs.spi.deployer.AbstractVFSParsingDeployer.parse(AbstractVFSParsingDeployer.java:143)
     at org.jboss.deployers.spi.deployer.helpers.AbstractParsingDeployerWithOutput.createMetaData(AbstractParsingDeployerWithOutput.java:249)
     ... 20 more
    Caused by: org.jboss.xb.binding.JBossXBRuntimeException: Failed to resolve class name for {urn:jboss:security-config:5.0}policy: org.jboss.security.config.PolicyConfig
     at org.jboss.xb.binding.sunday.unmarshalling.impl.runtime.RtElementHandler.loadClassForTerm(RtElementHandler.java:1038)
     at org.jboss.xb.binding.sunday.unmarshalling.impl.runtime.RtElementHandler.classForNonArrayItem(RtElementHandler.java:1367)
     at org.jboss.xb.binding.sunday.unmarshalling.impl.runtime.RtElementHandler.startElement(RtElementHandler.java:693)
     at org.jboss.xb.binding.sunday.unmarshalling.impl.runtime.RtElementHandler.startParticle(RtElementHandler.java:89)
     at org.jboss.xb.binding.sunday.unmarshalling.SundayContentHandler.startElement(SundayContentHandler.java:632)
     at org.jboss.xb.binding.parser.sax.SaxJBossXBParser$DelegatingContentHandler.startElement(SaxJBossXBParser.java:407)
    


    this class can be found in the server/xx/lib/jbosssx.jar. Would this be a classloading issue or am I missing some configuration?