Skip to main content

Server Auth Module (SAM) and osgi bundles

Please note these java.net forums are being decommissioned and use the new and improved forums at https://community.oracle.com/community/java.
6 replies [Last post]
Karo
Offline
Joined: 2011-04-05

I have a simple war deployed as a bundle (wab) and I want to configure SAM for it.
So I followed the instructions (http://download.oracle.com/docs/cd/E19798-01/821-1752/gizel/index.html), wrote a custom SAM, defined it in my domain.xml and configured sun-web.xml in my war. I packaged my sam in a jar and put under domain/domain1/lib.
This works fine in simple war (i.e - all requests go through my sam).
This doesn't work for a bundle. I can see this warning in the log "jmac.provider_unable_to_load_authmodule", with no detailed exception. I googled it and it is thrown upon failure to instantiate the auth module using class.forName.

The solution that worked for me was to add my custom sam to the bundle's WEB-INF/lib (and add the corresponding entry in the manifest's classpath entry). The problem is that it's not ideal because it means that I need to copy my sam (and all its depenencies...) to each of the wars I want to use it in. Idealy, it should be located in some main lib which is accessible by all bundles.

My question is what are the alternatives and what is the recommended way do it when using bundles?

Thanks

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
nitkal
Offline
Joined: 2008-10-22

Could you please try dropping ehe OSGi bundle SAM in GF-HOME/modules directory? Also please try the following to export the SAM class:
In a file named javax.security.auth.message.module.ServerAuthModule, there must be an entry pointing to the fully qualified classname of the specific SAM class that you have. Place the file inside META-INF/services of the bundle archive, before dropping it into the modules directory.
Please let us know if this works as expected.
HTH
Nithya

Kumar Jayanti Guest
Offline
Joined: 2011-04-02

On 10-Apr-2011, at 1:49 PM, forums@java.net wrote:

> The SAM OSGi bundle has to be dropped in GF-HOME/modules directory.
>
> Please see this post [1] for more details.
>

It is not generally advised to place user defined OSGI bundles in modules dir. Instead you should try ${com.sun.aas.InstanceRoot}/autodeploy/bundles

regards,
kumar

> HTH
>
> Nithya
>
>
> [1] http://blogs.sun.com/nithya/entry/modularized_osgi_custom_realms_in
>
> --
>
> [Message sent by forum member 'nitkal']
>
> View Post: http://forums.java.net/node/789008
>
>

dochez
Offline
Joined: 2003-06-10

On Apr 10, 2011, at 10:22 PM, Kumar Jayanti wrote:

>
> On 10-Apr-2011, at 1:49 PM, forums@java.net wrote:
>
>> The SAM OSGi bundle has to be dropped in GF-HOME/modules directory.
>>
>> Please see this post [1] for more details.
>>
>
> It is not generally advised to place user defined OSGI bundles in modules dir. Instead you should try ${com.sun.aas.InstanceRoot}/autodeploy/bundles
+1

or use : asadmin deploy --type osgi
so it becomes a managed operation and works in a clustered environment.

>
> regards,
> kumar
>
>
>
>> HTH
>>
>> Nithya
>>
>>
>> [1] http://blogs.sun.com/nithya/entry/modularized_osgi_custom_realms_in
>>
>> --
>>
>> [Message sent by forum member 'nitkal']
>>
>> View Post: http://forums.java.net/node/789008
>>
>>
>

ss141213
Offline
Joined: 2005-03-30

Kumar,

Do we use thread's context class loader to load the authmodule?

Karo,

Can you deploy the custom SAM jar an OSGi bundle in glassfish/modules so
that you don't have to package it in every wab? Please configure the
OSGi metadata of your sam bundle to export the packages containing
classes that are loaded by the security module.

Thanks,
Sahoo
On Wednesday 06 April 2011 03:01 AM, forums@java.net wrote:
> I have a simple war deployed as a bundle (wab) and I want to configure
> SAM
> for it.
> So I followed the instructions here [1] , wrote a custom SAM, defined
> it in
> my domain.xml and configured sun-web.xml in my war. I packaged my sam
> in a
> jar and put under domain/domain1/lib.
> This works fine in simple war (i.e - all requests go through my sam).
> This *doesn't* work for a bundle. I can see this warning in the log
> "jmac.provider_unable_to_load_authmodule", with no detailed exception. I
> googled it and it is thrown upon failure to instantiate the auth
> module using
> class.forName.
> The solution that worked for me was to add my custom sam to the bundle's
> WEB-INF/lib (and add the corresponding entry in the manifest's classpath
> entry). The problem is that it's not ideal because it means that I
> need to
> copy my sam (and all its depenencies...) to each of the wars I want to
> use it
> in. Idealy, it should be located in some main lib which is accessible
> by all
> bundles.
> My question is what are the alternatives and what is the recommended
> way do
> it when using bundles?
> Thanks
>
>
>
> [1]
> http://download.oracle.com/docs/cd/E19798-01/821-1752/gizel/index.html
>
> --
>
> [Message sent by forum member 'Karo']
>
> View Post: http://forums.java.net/node/789008
>
>

Kumar Jayanti Guest
Offline
Joined: 2011-04-02

On 09-Apr-2011, at 10:55 AM, Sahoo wrote:

> Kumar,
>
> Do we use thread's context class loader to load the authmodule?

yes.

>
> Karo,
>
> Can you deploy the custom SAM jar an OSGi bundle in glassfish/modules so that you don't have to package it in every wab? Please configure the OSGi metadata of your sam bundle to export the packages containing classes that are loaded by the security module.

Can we suggest /autodeploy/bundles instead ?.

regards,
kumar
>
> Thanks,
> Sahoo
> On Wednesday 06 April 2011 03:01 AM, forums@java.net wrote:
>> I have a simple war deployed as a bundle (wab) and I want to configure SAM
>> for it.
>> So I followed the instructions here [1] , wrote a custom SAM, defined it in
>> my domain.xml and configured sun-web.xml in my war. I packaged my sam in a
>> jar and put under domain/domain1/lib.
>> This works fine in simple war (i.e - all requests go through my sam).
>> This *doesn't* work for a bundle. I can see this warning in the log
>> "jmac.provider_unable_to_load_authmodule", with no detailed exception. I
>> googled it and it is thrown upon failure to instantiate the auth module using
>> class.forName.
>> The solution that worked for me was to add my custom sam to the bundle's
>> WEB-INF/lib (and add the corresponding entry in the manifest's classpath
>> entry). The problem is that it's not ideal because it means that I need to
>> copy my sam (and all its depenencies...) to each of the wars I want to use it
>> in. Idealy, it should be located in some main lib which is accessible by all
>> bundles.
>> My question is what are the alternatives and what is the recommended way do
>> it when using bundles?
>> Thanks
>>
>>
>>
>> [1] http://download.oracle.com/docs/cd/E19798-01/821-1752/gizel/index.html
>>
>> --
>>
>> [Message sent by forum member 'Karo']
>>
>> View Post: http://forums.java.net/node/789008
>>
>>
>

Karo
Offline
Joined: 2011-04-05

Solved.
I wrapped my sam in a bundle and put all its dependencies in the bundle's WEB-INF/lib. The bundle then exports the SAM's package. Every bundle that wants to use this SAM only needs to import it.
Thanks