1 2 3 4 Previous Next 50 Replies Latest reply on May 14, 2008 8:49 AM by anil.saldhana Go to original post
      • 15. Re: Security Injection in AS5
        aloubyansky
        aloubyansky Mar 27, 2008 9:50 AM (in response to anil.saldhana)

         

        "adrian@jboss.org" wrote:
        We know it found the schema (assuming that file exists in the classpath
        and is reachable from the bean parsing deployer's classloader):
        TRACE [org.jboss.xb.binding.sunday.unmarshalling.DefaultSchemaResolver] (main) found schema InputSou
rce, nsURI=urn:jboss:security-config:5.0, baseURI=null, schemaLocation=resource:security-config_5_0.
xsd


        Actually, it didn't. This message would be logged even if it wasn't found. I am fixing it. And looking into why it is not found...

          • Actions
        • 16. Re: Security Injection in AS5
          adrian.brock Mar 27, 2008 9:55 AM (in response to anil.saldhana)

           

          "alex.loubyansky@jboss.com" wrote:
          "adrian@jboss.org" wrote:
          We know it found the schema (assuming that file exists in the classpath
          and is reachable from the bean parsing deployer's classloader):
          TRACE [org.jboss.xb.binding.sunday.unmarshalling.DefaultSchemaResolver] (main) found schema InputSou
rce, nsURI=urn:jboss:security-config:5.0, baseURI=null, schemaLocation=resource:security-config_5_0.
xsd


          Actually, it didn't. This message would be logged even if it wasn't found. I am fixing it. And looking into why it is not found...


          Are you going to fix the logging as well then? :-)
          Kind of pointless even having it when it is meaningless.

            • Actions
          • 17. Re: Security Injection in AS5
            aloubyansky
            aloubyansky Mar 27, 2008 10:22 AM (in response to anil.saldhana)

            Yes, by "fixing it" I meant the logging :) I am still figuring out why it can't find the schema.

              • Actions
            • 18. Re: Security Injection in AS5
              aloubyansky
              aloubyansky Mar 27, 2008 10:56 AM (in response to anil.saldhana)

              The XSD cannot be found in the classpath.

              log wrote:
              2008-03-27 15:36:04,375 TRACE [org.jboss.xb.binding.sunday.unmarshalling.DefaultSchemaResolver] (main) Mapped schemaLocation to filename: security-config_5_0.xsd
              2008-03-27 15:36:04,375 TRACE [org.jboss.xb.binding.sunday.unmarshalling.DefaultSchemaResolver] (main) getInputSource, nsURI=urn:jboss:security-config:5.0, baseURI=null, schemaLocation=resource:schema/security-config_5_0.xsd
              2008-03-27 15:36:04,375 TRACE [org.jboss.util.xml.JBossEntityResolver] (main) resolvePublicID, publicId=urn:jboss:security-config:5.0
              2008-03-27 15:36:04,375 TRACE [org.jboss.util.xml.JBossEntityResolver] (main) Found entity from publicId=urn:jboss:security-config:5.0 fileName=security-config_5_0.xsd
              2008-03-27 15:36:04,375 TRACE [org.jboss.util.xml.JBossEntityResolver] (main) Cannot load publicId from classpath resource: security-config_5_0.xsd


              The file is in the schema directory of the jboss-metadata.jar
              Changing the schemaLocation in the XML to include "schema/" doesn't work. I tried changing the mapping in the JBossEntityResolver to include the "schema/". Didn't work.

              log wrote:
              2008-03-27 15:50:25,614 TRACE [org.jboss.util.xml.JBossEntityResolver] (main) Found entity from publicId=urn:jboss:security-config:5.0 fileName=schema/security-config_5_0.xsd
              2008-03-27 15:50:25,614 TRACE [org.jboss.util.xml.JBossEntityResolver] (main) Cannot load publicId from classpath resource: schema/security-config_5_0.xsd


                • Actions
              • 19. Re: Security Injection in AS5
                aloubyansky
                aloubyansky Mar 31, 2008 10:23 AM (in response to anil.saldhana)

                Here is a list of URLs that form the classpath logged from the JBossEntityResolver.resolveEntity() for the security-config_5_0.xsd. The server's lib directory is not there.

                log wrote:
                2008-03-31 16:17:20,761 INFO [STDOUT] (main) PRINT URLS FOR org.jboss.system.NoAnnotationURLClassLoader
                2008-03-31 16:17:20,761 INFO [STDOUT] (main) urls total: 22
                2008-03-31 16:17:20,761 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-deployers-core-spi.jar
                2008-03-31 16:17:20,761 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-deployers-core.jar
                2008-03-31 16:17:20,761 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-deployers-client-spi.jar
                2008-03-31 16:17:20,761 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-deployers-client.jar
                2008-03-31 16:17:20,761 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-deployers-structure-spi.jar
                2008-03-31 16:17:20,761 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-deployers-spi.jar
                2008-03-31 16:17:20,761 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-deployers-impl.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-deployers-vfs-spi.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-deployers-vfs.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-system.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-j2se.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-mbeans.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-jmx.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-system-jmx.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/dom4j.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-aop-deployer-jdk50.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-aop-jboss4-jdk50.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-aop-jboss5.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/activation.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jaxb-impl.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/stax-api.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/wstx.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) PRINT URLS FOR org.jboss.system.NoAnnotationURLClassLoader
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) urls total: 29
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/endorsed/resolver.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/endorsed/serializer.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/endorsed/xalan.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/endorsed/xercesImpl.jar
                2008-03-31 16:17:20,771 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/endorsed/xml-apis.jar
                2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/concurrent.jar
                2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/log4j-boot.jar
                2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-logging-spi.jar
                2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-logging-log4j.jar
                2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-logging-jdk.jar
                2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-common-core.jar
                2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-xml-binding.jar
                2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jaxb-api.jar
                2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-bootstrap.jar
                2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/javassist.jar
                2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-reflect.jar
                2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-mdr.jar
                2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-dependency.jar
                2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-kernel.jar
                2008-03-31 16:17:20,781 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-metatype.jar
                2008-03-31 16:17:20,791 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-managed.jar
                2008-03-31 16:17:20,791 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-vfs.jar
                2008-03-31 16:17:20,791 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-classloading-spi.jar
                2008-03-31 16:17:20,791 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-classloader.jar
                2008-03-31 16:17:20,791 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-classloading.jar
                2008-03-31 16:17:20,852 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-classloading-vfs.jar
                2008-03-31 16:17:20,852 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-aop-jdk50.jar
                2008-03-31 16:17:20,852 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/jboss-aop-mc-int.jar
                2008-03-31 16:17:20,852 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/lib/trove.jar
                2008-03-31 16:17:20,852 INFO [STDOUT] (main) PRINT URLS FOR sun.misc.Launcher$AppClassLoader
                2008-03-31 16:17:20,852 INFO [STDOUT] (main) urls total: 2
                2008-03-31 16:17:20,852 INFO [STDOUT] (main) file:/C:/jdk1.5.0_13/lib/tools.jar
                2008-03-31 16:17:20,852 INFO [STDOUT] (main) file:/E:/cvsroot/trunk/build/output/jboss-5.0.0.CR1/bin/run.jar
                2008-03-31 16:17:20,852 INFO [STDOUT] (main) PRINT URLS FOR sun.misc.Launcher$ExtClassLoader
                2008-03-31 16:17:20,852 INFO [STDOUT] (main) urls total: 4
                2008-03-31 16:17:20,862 INFO [STDOUT] (main) file:/C:/jdk1.5.0_13/jre/lib/ext/dnsns.jar
                2008-03-31 16:17:20,862 INFO [STDOUT] (main) file:/C:/jdk1.5.0_13/jre/lib/ext/localedata.jar
                2008-03-31 16:17:20,862 INFO [STDOUT] (main) file:/C:/jdk1.5.0_13/jre/lib/ext/sunjce_provider.jar
                2008-03-31 16:17:20,862 INFO [STDOUT] (main) file:/C:/jdk1.5.0_13/jre/lib/ext/sunpkcs11.jar


                  • Actions
                • 20. Re: Security Injection in AS5
                  anil.saldhana
                  anil.saldhana Apr 2, 2008 12:18 PM (in response to anil.saldhana)

                  Alexey, do you want us to create a JIRA issue for this in JBossXB project? Or is this an issue related to any of the class loader changes (I am not sure what they were) in recent times?

                    • Actions
                  • 21. Re: Security Injection in AS5
                    aloubyansky
                    aloubyansky Apr 4, 2008 12:25 PM (in response to anil.saldhana)

                    It's a classloading issue.

                      • Actions
                    • 22. Re: Security Injection in AS5
                      starksm64
                      starksm64 Apr 4, 2008 4:23 PM (in response to anil.saldhana)

                      I updated the existing org.jboss.test.classloader.test.UnifiedLoaderUnitTestCase.testResource which has a sar loading resources local to the ear, global resources and now a server lib jar resource. I had to add a jboss-structure.xml to add the dtds dir to the ear classpath for the local resource tests, but once that was added its finding global and server lib resources. Need to look more closely at how the security usecase differs.

                        • Actions
                      • 23. Re: Security Injection in AS5
                        anil.saldhana
                        anil.saldhana Apr 4, 2008 6:08 PM (in response to anil.saldhana)

                        Thanks Scott. This issue is kind of blocking our intention of moving the security domain defs from conf/login-config.xml as beans closer to where they are needed. For example, I want to convert the services in messaging-service.xml into beans and define the "messaging" sec domain configuration there. I would like conf/login-config.xml to just have the "other" sec domain configuration. Rest go closer to the services where they are needed. Will be a good showcase for users when they start defining the sec domains.

                          • Actions
                        • 24. Re: Security Injection in AS5
                          starksm64
                          starksm64 Apr 5, 2008 5:50 PM (in response to anil.saldhana)

                          The problem is that the BeanDeployer runs with a tcl that is associated with the conf/bootstrap-beans.xml deployment. This is the NoAnnotationURLClassLoader(bean=BootstrapClassLoader) that only has the server bootstrap libs in its classpath as Alexey showed. This cannot load the security-config_5_0.xsd schema from the server/xxx/lib/jboss-metadata.jar

                          You need to specify the vfsfile url of the schema file to get this to parse. Ideally you should be able to do:

                           <jbsx:policy
 xsi:schemaLocation="urn:jboss:security-config:5.0 vfsfile:${jboss.server.lib.url}/jboss-metadata.jar/schema/security-config_5_0.xsd"


                          but we are not resolving system property refs as part of the system id resolution, so I had to specify the full vfsfil url, in my case:

                          vfsfile:/Users/svn/JBossHead/jboss-head/build/output/jboss-5.0.0.CR1/server/default/lib/jboss-metadata.jar/schema/security-config_5_0.xsd

                          It still failed to work because the org.jboss.security.config.PolicyConfig does not exist in my workspace, but it got past the parsing error.

                          I'll create a feature request for the JBossEntityResolver.resolveEntity to try to run the input systemId through property resolution as without this its not practical to use vfs urls in config files.


                            • Actions
                          • 25. Re: Security Injection in AS5
                            starksm64
                            starksm64 Apr 5, 2008 5:59 PM (in response to anil.saldhana)

                            The JBossEntityResolver.resolveEntity issue is:
                            http://jira.jboss.com/jira/browse/JBCOMMON-48

                              • Actions
                            • 26. Re: Security Injection in AS5
                              starksm64
                              starksm64 Apr 6, 2008 2:44 AM (in response to anil.saldhana)

                              This is fixed but needs a new jboss-common-core 2.2.5.GA release. Note that the correct system property to use is the jboss.server.home.dir. No .url properties can be used as this ends up nesting a file: protocol inside of the vfsfile:

                               <bean name="StandardLoginConfig" class="org.jboss.security.auth.login.DynamicLoginConfig">
 <property name="policyConfig">
 <jbsx:policy
 xsi:schemaLocation="urn:jboss:security-config:5.0 vfsfile:${jboss.server.home.dir}/lib/jboss-metadata.jar/schema/security-config_5_0.xsd"
 xmlns:jbsx="urn:jboss:security-config:5.0"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">



                                • Actions
                              • 27. Re: Security Injection in AS5
                                anil.saldhana
                                anil.saldhana Apr 6, 2008 6:21 AM (in response to anil.saldhana)

                                Scott, looks like the alps are already having a positive effect on you. :) I was going to request Stefan to tackle the JBCOMMON issue. Thanks for the quick resolution.

                                  • Actions
                                • 28. Re: Security Injection in AS5
                                  starksm64
                                  starksm64 Apr 7, 2008 1:21 AM (in response to anil.saldhana)

                                  Stefan, you should be able to try this again as trunk has been updated to use the 2.2.5.beta1 jboss-common-core with the JBCOMMON-48 fix.

                                    • Actions
                                  • 29. Re: Security Injection in AS5
                                    sguilhen
                                    sguilhen Apr 7, 2008 1:28 PM (in response to anil.saldhana)

                                    Scott,

                                    I've tried again, and it indeed goes past the parsing error when using the vsf schema location. Now I am also seeing the failure to load the org.jboss.security.config.PolicyConfig that you also reported:

                                    10:20:33,101 ERROR [AbstractKernelController] Error installing to Parse: name=vfsfile:/opt/workspace/JBAS-Trunk/build/output/jboss-5.0.0.CR1/server/default/deploy/security-policies-beans.xml state=Not Installed mode=Manual requiredState=Parse
org.jboss.deployers.spi.DeploymentException: Error creating managed object for vfsfile:/opt/workspace/JBAS-Trunk/build/output/jboss-5.0.0.CR1/server/default/deploy/security-policies-beans.xml
 at org.jboss.deployers.spi.DeploymentException.rethrowAsDeploymentException(DeploymentException.java:49)
 at org.jboss.deployers.spi.deployer.helpers.AbstractParsingDeployerWithOutput.createMetaData(AbstractParsingDeployerWithOutput.java:253)
 at org.jboss.deployers.spi.deployer.helpers.AbstractParsingDeployerWithOutput.createMetaData(AbstractParsingDeployerWithOutput.java:223)
 ....
Caused by: org.jboss.xb.binding.JBossXBException: Failed to parse source: Failed to resolve class name for {urn:jboss:security-config:5.0}policy: org.jboss.security.config.PolicyConfig
 at org.jboss.xb.binding.parser.sax.SaxJBossXBParser.parse(SaxJBossXBParser.java:193)
 at org.jboss.xb.binding.UnmarshallerImpl.unmarshal(UnmarshallerImpl.java:153)
 at org.jboss.deployers.vfs.spi.deployer.SchemaResolverDeployer.parse(SchemaResolverDeployer.java:120)
 at org.jboss.deployers.vfs.spi.deployer.AbstractVFSParsingDeployer.parse(AbstractVFSParsingDeployer.java:143)
 at org.jboss.deployers.spi.deployer.helpers.AbstractParsingDeployerWithOutput.createMetaData(AbstractParsingDeployerWithOutput.java:249)
 ... 20 more
Caused by: org.jboss.xb.binding.JBossXBRuntimeException: Failed to resolve class name for {urn:jboss:security-config:5.0}policy: org.jboss.security.config.PolicyConfig
 at org.jboss.xb.binding.sunday.unmarshalling.impl.runtime.RtElementHandler.loadClassForTerm(RtElementHandler.java:1038)
 at org.jboss.xb.binding.sunday.unmarshalling.impl.runtime.RtElementHandler.classForNonArrayItem(RtElementHandler.java:1367)
 at org.jboss.xb.binding.sunday.unmarshalling.impl.runtime.RtElementHandler.startElement(RtElementHandler.java:693)
 at org.jboss.xb.binding.sunday.unmarshalling.impl.runtime.RtElementHandler.startParticle(RtElementHandler.java:89)
 at org.jboss.xb.binding.sunday.unmarshalling.SundayContentHandler.startElement(SundayContentHandler.java:632)
 at org.jboss.xb.binding.parser.sax.SaxJBossXBParser$DelegatingContentHandler.startElement(SaxJBossXBParser.java:407)


                                    this class can be found in the server/xx/lib/jbosssx.jar. Would this be a classloading issue or am I missing some configuration?

                                      • Actions
                                    1 2 3 4 Previous Next