Hello Geoffrey, Arthur
Thank you for your support regarding this topic. I would like to sum up my
experience here.
Objective
Is to let client bundles (C) use a preconfigured service of another bundle (S),
which is implemented by a third bundle or library (I).
In my case this was blueprint bundles
I: the jasypt library as OSGI library, S: my base bundle, C: several camel
bundles
Service was the org.jasypt.encryption.StringEncryptor interface
Check Manifest files for
S:
Import-Package: "org.jasypt.encryption" and all implementation packages needed
to
Export-Service: org.jasypt.encryption.StringEncryptor
C:
Import-Package "org.jasypt.encryption" and
Import-Service "org.jasypt.encryption.StringEncryptor"
I:
export all the used packages from above, should be done by implementor or look
for a servicemix bundle project variant
implementation
all bundles:
maven
use maven-bundle-plugin with <Import-Package>*</Import-Package>
blueprint
S:
<service ref="stringEncryptorBean"
interface="org.jasypt.encryption.StringEncryptor" />
and instantiate the beans behind the interface (PBE config,...)
C:
<reference id="stringEncryptor"
interface="org.jasypt.encryption.StringEncryptor" />
and those namespace configuraions you find in the karaf docs
Testing
My default blueprint test context initiates by default a bean, which is
implementing the StringEncryptor interface. So all references are satisfied.
AND
What happened to me:
Karaf and Camel come with different versions of the jasypt library, ensure that
you use only one of them for your C bundles. Or in general ensure your I bundle
is used by S and C at the same time.
Check with the karaf commands
You have only one version of bundle I (bundle:list or la)
The command "capabilities" shows that your C bundles are connected to the
correct S bundle.
I achieved that by using the overrides.properties file:
mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.jasypt/1.9.2_1;range="[1,2)"
Perhaps you can control this also by the ;<version number> parameter in the
import-package.
Thanks all and I hope the above helps somebody else
Karsten
-----Ursprüngliche Nachricht-----
Von: Geoffrey Seanor <[email protected]>
Gesendet: Montag, 4. April 2022 18:18
An: [email protected]
Betreff: RE: Exporting an instance of a 3rd party library as service
Hi Karsten,
My encryptor service provider 'bundle' is just a blueprint file installed in
the deploy folder whose singular purpose is to export the service/interface as
per the various examples online.
The consumer bundle manifest does Import-Package "org.jasypt.encryption" and
Import-Service "org.jasypt.encryption.StringEncryptor".
It's also ok to use multiple blueprint files in a single bundle.
The error message you provided shows that you don't have a service providing
the org.jasypt.encryption.StringEncryptor interface. Can your 'base' bundle
provide this?
Regards,
Geoff
-----Original Message-----
From: Karsten Blume <[email protected]>
Sent: 04 April 2022 14:48
To: [email protected]
Subject: AW: Exporting an instance of a 3rd party library as service
Hello Geoffrey,
Yes, I mean there are some examples in the WWW on how to use the encryption.
In my "consumer" bundle I have the service reference and the property
placeholder in different blueprint files, but this should work, at least it
works for everything else.
Does your base bundle export the jasypt packages or just the service in the
Meta-Inf file?
And does your consumer bundle import service and package?
BR
Karsten
-----Ursprüngliche Nachricht-----
Von: Geoffrey Seanor <[email protected]>
Gesendet: Montag, 4. April 2022 13:59
An: [email protected]
Betreff: RE: Exporting an instance of a 3rd party library as service
Hi Karsten,
You base bundle looks ok.
My importing blueprint bundle does the following:
1) References this namespace
xmlns:enc="https://apc01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fkaraf.apache.org%2Fxmlns%2Fjasypt%2Fv1.0.0&data=04%7C01%7Ckarsten.blume%40ottoint.com%7C2c73b1673c6f448baba508da1656b19b%7Cf73d6f0048944b4eba0071d6df45717d%7C0%7C0%7C637846858899141384%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=bh0oeSilmrdJuyAQLRAlbBBnKKzbPE1MeOkRzxWXqeo%3D&reserved=0";
2) Configures the string encryptor service reference
<reference id="encryptor"
interface="org.jasypt.encryption.StringEncryptor"/>
<enc:property-placeholder encryptor-ref="encryptor"/>
3) To decrypt values like this
<cm:property name="password" value="ENC(some_encryted_value)"/>
The above works with Karaf 4.2.4 and 4.3.6 running on Linux or Win 7, other
combinations I'm not sure.
(Note that the service id is local to the blueprint container)
Geoff
-----Original Message-----
From: Karsten Blume <[email protected]>
Sent: 04 April 2022 11:00
To: [email protected]
Subject: AW: Exporting an instance of a 3rd party library as service
Hello Jean-Baptiste, Geoffrey
Here are some more details:
runtime err msg
Unable to start blueprint container for bundle order/22.14.0.98-SNAPSHOT due to
unresolved dependencies [(objectClass=org.jasypt.encryption.StringEncryptor)]
java.util.concurrent.TimeoutException: null ...
this standard exception stacktrace, when a service was not found
I use the maven bundle plugin without import instruction, so it uses * as
default.
The Meta-Inf shows the service/interface listed in the export- and
import-service sections properly. In karaf cmd line with bundle:requirements
and bundle:capabilites both could be seen.
@Geoffry
exactly this I want to achieve, yes.
Base bundle:
...
<bean id="stringEncryptorBean"
class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
<property name="config" ref="encryptorConfig" /> </bean> <service
id="StringEncryptor" ref="stringEncryptorBean"
interface="org.jasypt.encryption.StringEncryptor" />
Importing Bundle:
<cm:property-placeholder id="my.xml.placeholder" persistent-id="my.xml.pid"
/>
<enc:property-placeholder encryptor-ref="StringEncryptor" />
One thing I need to add: Running on Windows 10 the pax-jdbc v0.9 is able to
find the service, on WSL2 Ubuntu, Docker jre8-alpine or Mac the service is not
found.
Question: In general, a base bundle should be able to instantiate a class of
another library and offer this as a service?
Does this base bundle should export the packages of this other library? Ie. for
Jasypt lib org.jasypt.encryption and sub-packages?
Regards
Karsten
----Ursprüngliche Nachricht-----
Von: Geoffrey Seanor <[email protected]>
Gesendet: Montag, 4. April 2022 10:23
An: [email protected]
Betreff: RE: Exporting an instance of a 3rd party library as service
Hi Karsten,
Have you tried exporting interface org.jasypt.encryption.StringEncryptor?
I export this interface using a dedicated blueprint bundle and pass it the
decryption password from the environment. This service is then used by
pax-jdbc, and also referenced by other blueprint bundles which need to import
the jasypt namespace and use a property-placeholder to resolve the encrypted
entries.
Kind regards,
Geoff
-----Original Message-----
From: Jean-Baptiste Onofré <[email protected]>
Sent: 04 April 2022 08:49
To: [email protected]
Subject: Re: Exporting an instance of a 3rd party library as service
*** External email: Please be cautious when opening attachments or clicking
links. ***
Hi,
What do you mean by "not finding the service" ?
You mean at runtime (looking for service reference) or at deployment time (the
maven-bundle-plugin is generated req/cap for service, so it might be your
issue) ?
If you can share the message you have, it would be helpful.
Regards
JB
On Mon, Apr 4, 2022 at 9:06 AM Karsten Blume <[email protected]> wrote:
>
> Hello everybody,
>
> i come up with a issue, which might be easily answered in the OSGI world,
> though I have not yet found a solution in the WWW.
>
>
>
> Running
>
> Karaf 3.0.7, Java8, Blueprint
>
>
>
> Objective
>
> Any bundle (own or e.g. pax-jdbc-config) should be able to use the same
> configured StringEncryptor.
>
>
>
> How
>
> I configure and create an instance of
> org.jasypt.encryption.pbe.StandardPBEStringEncryptor and export this
> instance as a service of interface org.jasypt.encryption.StringEncryption. in
> one of my base bundles.
>
> All other bundles reference the interface to get the service.
>
>
>
> Problem
>
> If I export the original interface as service the others are not finding
> this service (having modified the Maven bundle plugin properly).
>
> Do I need to wrap the StringEncryptor in a delegate pattern, so I export my
> own interface?
>
>
>
> Any help is appreciated,
>
> Thx Karsten
>
>
This email including any attachments is confidential and may be subject to
legal privilege. Unless otherwise indicated, you may not disclose or distribute
this email to any other person. If you are not the intended recipient of this
email, please delete it and notify the sender immediately.
MUFG Bank, Ltd. ("MUFG Bank"), MUFG Securities EMEA plc ("MUS(EMEA)") and
Mitsubishi UFJ Financial Group, Inc. ("MUFG Inc.") are members of the MUFG
group.
- MUFG Bank is a limited liability stock company incorporated in Japan
and registered in the Tokyo Legal Affairs Bureau (company no. 0100-01-008846).
MUFG Bank's head office is at 7-1 Marunouchi 2-Chome, Chiyoda-Ku, Tokyo
100-8388, Japan. MUFG Bank's London branch is at Ropemaker Place, 25 Ropemaker
Street, London EC2Y 9AN, and is registered as a UK establishment in the UK
register of companies (registered no. BR002013). MUFG Bank is authorised and
regulated by the Japanese Financial Services Agency. MUFG Bank's London branch
is authorised by the UK Prudential Regulation Authority ("PRA") and regulated
by the UK Financial Conduct Authority ("FCA") with limited regulation by the
PRA.
- MUS(EMEA) is a limited liability company registered in England (company
no. 1698498) with its registered office at Ropemaker Place, 25 Ropemaker
Street, London, EC2Y 9AJ. MUS (EMEA) is authorised by the PRA and regulated by
the FCA and PRA in the UK.
- MUFG Inc. is a limited liability stock company incorporated in Japan
and registered in the Tokyo Legal Affairs Bureau (company no. 0100-01-073486).
MUFG Inc.'s head office is at 7-1 Marunouchi 2-Chome, Chiyoda-Ku, Tokyo
100-8388, Japan. MUFG Inc.'s London office is at Ropemaker Place, 25 Ropemaker
Street, London EC2Y 9AN, and is registered as a UK establishment in the UK
register of companies (registered no. BR015994).
Details on how MUFG Bank, London branch and MUS (EMEA) process personal data
relating to individuals associated with our clients are on the MUFG EMEA
website at:
https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.mufgemea.com%2Fgovernance%2Fprivacy-notice%2F&data=04%7C01%7Ckarsten.blume%40ottoint.com%7C2c73b1673c6f448baba508da1656b19b%7Cf73d6f0048944b4eba0071d6df45717d%7C0%7C0%7C637846858899141384%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=twouAD3tMAEYlyhyv8Sf049mbhnWAh2aQlPh4t3czd0%3D&reserved=0
Unless specifically indicated, this email should not be regarded as an offer,
advice, recommendation, confirmation or valuation in relation to any financial
products or services and any views expressed are those of the author only. If
information in this email constitutes an investment recommendation provided by
MUS(EMEA) as defined in EU (MAR) Regulation 596/2014, additional disclosures
are available at
https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fresearch.musi.com%2FMUFGSecDisclaimers.aspx&data=04%7C01%7Ckarsten.blume%40ottoint.com%7C2c73b1673c6f448baba508da1656b19b%7Cf73d6f0048944b4eba0071d6df45717d%7C0%7C0%7C637846858899141384%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=hbi1YfqgKWWcNe4w7YprEhxJ6YJ5uqZUT%2F234mJTN%2BQ%3D&reserved=0.
Information in this email may be subject to change without notice. Emails
cannot be guaranteed to be timely, secure or error or virus-free, and members
of the MUFG group accept no liability for such matters. Members of the MUFG
group may record and monitor emails and disclose them where relevant in
litigation or to regulators.
This message has been scanned for malware by Websense.
https://apc01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.websense.com%2F&data=04%7C01%7Ckarsten.blume%40ottoint.com%7C2c73b1673c6f448baba508da1656b19b%7Cf73d6f0048944b4eba0071d6df45717d%7C0%7C0%7C637846858899141384%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=hR60dvvHDHQuOMTbMsId4C5UfVw%2FYMmkQ0I%2FM%2FwSWXY%3D&reserved=0
