[jira] [Created] (CXF-5423) Callbackhandlers and other resources aren't found if configured in blueprint config due to classloading issues

Tue, 26 Nov 2013 06:58:45 -0800 

Marc Giger created CXF-5423:
-------------------------------

             Summary: Callbackhandlers and other resources aren't found if 
configured in blueprint config due to classloading issues
                 Key: CXF-5423
                 URL: https://issues.apache.org/jira/browse/CXF-5423
             Project: CXF
          Issue Type: Bug
          Components: JAX-RS Security
    Affects Versions: 2.7.7
         Environment: OSGi (Karaf)
            Reporter: Marc Giger


Hi,

While playing around with JAX-RS security in OSGi (following the guide at 
http://cxf.apache.org/docs/jax-rs-saml.html) I found that if I configure the 
ws-security.* props directly in blueprint none of the configured resources are 
found. A little debugging showed that the wrong classloader is used to load the 
Callbackhandlers and property files. Note this works fine for the jaxrs service 
but not for the jaxrs client.

Blueprint config:

<jaxrs:client id="bookStoreServiceClient"
                  address="http://localhost:8040/services/bookStoreService";
serviceClass="com.mycompany.demoRestServiceCommon.service.BookStore"
                  inheritHeaders="true">
        <jaxrs:outInterceptors>
            <ref component-id="samlHeaderOutInterceptor"/>
        </jaxrs:outInterceptors>
        <jaxrs:properties>
            <entry key="ws-security.callback-handler"
value="com.mycompany.demoRestServiceConsumer.PasswordCallbackHandler"/>
            <entry key="ws-security.saml-callback-handler"
value="com.mycompany.demoRestServiceConsumer.SamlCallbackHandler"/>
            <entry key="ws-security.signature.username" value="client"/>
            <entry key="ws-security.signature.properties" 
value="clientKeystore.properties"/>
        </jaxrs:properties>
    </jaxrs:client>

    <bean id="samlHeaderOutInterceptor" 
class="com.mycompany.demoRestServiceConsumer.SamlOutInterceptor"/>

I've overridden the SAMLHeaderOutInterceptor to show the problem and what needs 
to be done somewhere  to fix it:

public class SamlOutInterceptor extends SamlHeaderOutInterceptor {

    @Override
    public void handleMessage(Message message) throws Fault {
        ClassLoader classLoader = 
message.getExchange().getBus().getExtension(ClassLoader.class);
        ClassLoader tccl = Thread.currentThread().getContextClassLoader();
        try {
            if (classLoader != null) {
                Thread.currentThread().setContextClassLoader(classLoader);
            }I've implemented a hack
            super.handleMessage(message);
        } finally {
            //restore original classloader
            if (classLoader != null) {
                Thread.currentThread().setContextClassLoader(tccl);
            }
        }
    }
}




--
This message was sent by Atlassian JIRA
(v6.1#6144)

Reply via email to