Re: Signed jars in Servicemix

Thu, 05 Jul 2012 06:39:28 -0700 

Fang,
Thanks for your response and I had actually found the Karaf section on adding in Security Providers in the User Guide. I noticed you sent that same information and in my case that was exactly what I needed to fix my problem. You were spot on so thanks for responding. 

Chris O.


On 2012-07-04 18:49, Freeman Fang wrote:

Hi,

Ensure the instructions you mentioned here is [1].
What you need do is
1.put your provider jar in karaf-install-dir/lib/ext

2. modify the karaf-install-dir/etc/config.properties configuration
file to add the following property
    org.apache.karaf.security.providers = xxx,yyy
    The value of this property is a comma separated list of the
provider class names to register.
    For example:
    org.apache.karaf.security.providers =
org.bouncycastle.jce.provider.BouncyCastleProvider

3. In addition, you may want to provide access to the classes from
those providers from the system bundle so that all bundles can access
those. It can be done by modifying the
org.osgi.framework.bootdelegation property in the same configuration
file:
    org.osgi.framework.bootdelegation  =
...,the_package_from_your_provider_jar

You need ensure you have done for step 3.




[1]http://karaf.apache.org/manual/latest-2.2.x/users-guide/security.html

Freeman

On 2012-7-5, at 上午2:19, [email protected] wrote:


On 2012-07-04 11:41, [email protected] wrote:

I am having problems including some RSA security jars in my
Servicemix application. It seems that Embedded or Wrapping the jars

causes them to fail there self-integrity checks. These are signed  
jars
and I do believe they fail there self-integrity checks if the jars  
are
manipulated in any way. Does anyone know how to include these types 
of

dependencies with corrupting there integrity?

Thanks
Chris O.



What i realized is that the the RSA security jar needs to be  
deployed as a security provider with in the karaf container. I  
followed the instructions on how to do this but my bundles no longer  
are able to see the needed packages...any help would be deeply  
appreciated.


---------------------------------------------
Freeman Fang

FuseSource
Email:[email protected]
Web: fusesource.com
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com
http://blog.sina.com.cn/u/1473905042
weibo: http://weibo.com/u/1473905042
























					Reply via email to