-
1. Re: OpenSAML classloading issue
jaikiran Jan 4, 2015 1:23 AM (in response to fcorneli)Can you please post the entire exception stacktrace and more details about your application packaging and what jars they contain?
-
2. Re: OpenSAML classloading issue
fcorneli Jan 4, 2015 4:02 AM (in response to jaikiran)I'll try to isolate the "event" within an Arquillian based integration test that I can post.
-
3. Re: Re: OpenSAML classloading issue
fcorneli Jan 4, 2015 5:27 AM (in response to fcorneli)The following Arquillian integration test already demonstrates that the org.opensaml module within JBoss is incomplete when you try to initialize OpenSAML.
import org.jboss.arquillian.container.test.api.Deployment; import org.jboss.arquillian.junit.Arquillian; import org.jboss.shrinkwrap.api.ShrinkWrap; import org.jboss.shrinkwrap.api.asset.StringAsset; import org.jboss.shrinkwrap.api.spec.WebArchive; import org.junit.Test; import org.junit.runner.RunWith; import org.opensaml.DefaultBootstrap; @RunWith(Arquillian.class) public class OpenSamlTest { @Deployment public static WebArchive createTestArchive() { WebArchive war = ShrinkWrap .create(WebArchive.class, "test.war") .addAsManifestResource(new StringAsset("Dependencies: org.opensaml\n"), "MANIFEST.MF"); return war; } @Test public void testBootstrap() throws Exception { DefaultBootstrap.bootstrap(); } }
This gives you the following exception:
java.lang.NoClassDefFoundError: org/apache/velocity/app/Velocity at org.opensaml.DefaultBootstrap.initializeVelocity(DefaultBootstrap.java:172) [opensaml-2.5.3.redhat-2.jar:2.5.3.redhat-2] at org.opensaml.DefaultBootstrap.bootstrap(DefaultBootstrap.java:89) [opensaml-2.5.3.redhat-2.jar:2.5.3.redhat-2]
According to https://docs.jboss.org/author/display/JBWS/WS-Trust+and+STS#WS-TrustandSTS-SecurityTokenService%28STS%29 you need to add
org.apache.cxf.impl
if you want to implement an STS. This one refers to the org.opensaml module. Hence the JBoss provided opensaml will be used in the STS case. If you then at the same time want to implement SAML Browser POST using OpenSAML, you run into the above trouble. -
4. Re: OpenSAML classloading issue
jaikiran Jan 4, 2015 5:43 AM (in response to fcorneli)This appears to be fixed in WildFly upstream (nightly builds) during this commit https://github.com/wildfly/wildfly/commit/b8f774c920b97ce18b7f8994edfa5f3149ccec1d#diff-600376dffeb79835ede4a0b285078036R208 where opensaml dependency was upgraded to 2.6.1 in which I no longer see any velocity reference in the DefaultBootstrap code.
However, it's an issue in WildFly 8.2.0.Final and probably even JBoss EAP. I don't think either of these versions ship a velocity module, so it probably isn't a case of adding that dependency in the opensaml module.xml.
-
5. Re: OpenSAML classloading issue
gtardini May 26, 2015 7:45 AM (in response to jaikiran)I have the same problem with JBoss EAP 6.3.3. So is there no way you can use OpenSaml module?
-
6. Re: OpenSAML classloading issue
jaikiran May 27, 2015 11:16 PM (in response to gtardini)Don't know if this affects EAP. Maybe asoldano would know.
-
7. Re: OpenSAML classloading issue
asoldano May 29, 2015 2:40 AM (in response to jaikiran)Did anybody of you try adding a dependency to the org.apache.velocity module within the opensaml one? I'd say that would solve the NCDFE above.
In any case, if this is affecting a JBoss EAP version, please get in touch with the support and have a Bugzilla ticket opened for it, we'll fix the issue.