mace-opensaml-users - Re: Problem about endorsed libraries
Subject: OpenSAML user discussion
List archive
- From: Chad La Joie <>
- To:
- Subject: Re: Problem about endorsed libraries
- Date: Thu, 08 Nov 2007 17:14:06 +0100
- Organization: SWITCH
Alright, thanks.
wrote:
Hi Chad,
by debugging the failure we found the cause in the SchemaFactory.newInstance() method whose
javadoc points to the need to qualify the system property name with the name of the schema language.
Andreas
Interesting. Where did you find this property? I can't find it
documented anywhere.
wrote:
>
> Hi Chad and all,
>
> We followed your suggestion to try the system properties in a Java 5
> environment and got it to work.
>
> The following mail from the shibboleth-dev list also reported success
> using the system properties.
> Included you also find the complete list of properties that can be set:
> https://mail.internet2.edu/wws/arc/shibboleth-dev/2007-07/msg00004.html
>
> We found that the following additional property has to be added, else
> OpenSaml's
> initialization will fail:
>
> System./setProperty/("javax.xml.validation.SchemaFactory:http://www.w3.org/2001/XMLSchema",
>
> "org.apache.xerces.jaxp.validation.XMLSchemaFactory");
>
> JDK is sun's jdk1.5.0_11.
>
> Cheers,
> Andreas
>
>
>
>
> *Chad La Joie
<>*
>
> 08.11.2007 09:32
> Please respond to
>
>
>
> > To
>
> cc
> > Subject
> Re: Problem about endorsed libraries
>
>
> >
>
>
>
>
> Okay, so I had some one try this and reported it didn't work. I was,
> honestly, skeptical because everything I knew about how the JVM dealt
> with this stuff indicated my suggestion should work. So I tried it, it
> works, code is attached.
>
>
> Here's my env:
> - OS X 10.4 Java 5 VM
> - Ran with VM flag "-Djava.endorsed.dirs=" to ensure the VM didn't
> pick up my system endorsed libs, tests proved this to be true.
>
> Here's my test runs using the attached code.
> Run 1
> - No xerces/xalan on classpath
> - No setting of system properties
> - Result: VM used the Sun parser in both cases
>
> Run 2
> - Xerces/xalan on classpath
> - No setting of system properties
> - Result: VM used Xerces parser in both cases (see why, below)
>
> Run 3
> - xerces(modified)/xalan on classpath
> - System properties set
> - Result: VM used Sun parser first and Xerces parser second.
>
> People might be surprised by the results of the second test. It's due
> to the fact that Xerces has configurations in it to use the Java 5 VM
> services mechanism. In standalone apps this can work like automatic
> endorsement. It doesn't equate to endorsement when you run your code
> in-container though. Read up on it if you're curious what the service
> mechanism is and why the previous two statements are true.
>
> For test three I removed the VM services configuration code from Xerces
> just to be sure it would use my system properties. That's all I
> modified in the Xerces jar.
>
>
>
> So, this certainly works in a standard VM. It should work in any
> container that doesn't have a security policy that prevents webapps from
> changing those system properties. It should work on Web Start apps as
> well, unless, again, they have a security policy that prevents setting
> those system properties. If there is a policy you'd get a security
> exception.
>
> --
> SWITCH
> Serving Swiss Universities
> --------------------------
> Chad La Joie, Software Engineer, Security
> Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
> phone +41 44 268 15 75, fax +41 44 268 15 68
>
,
http://www.switch.ch
> import javax.xml.parsers.DocumentBuilder;
> import javax.xml.parsers.DocumentBuilderFactory;
>
>
> public class SystemPropertyXMLParserTest {
>
> /**
> * @param args
> */
> public static void main(String[] args) throws Exception{
> DocumentBuilderFactory dbf =
> DocumentBuilderFactory.newInstance();
> DocumentBuilder db =
> dbf.newDocumentBuilder();
> System.out.println(db.getClass());
> > > System.setProperty("javax.xml.datatype.DatatypeFactory",
> "org.apache.xerces.jaxp.datatype.DatatypeFactoryImpl");
> > System.setProperty("javax.xml.parsers.DocumentBuilderFactory",
> "org.apache.xerces.jaxp.DocumentBuilderFactoryImpl");
> > System.setProperty("javax.xml.parsers.SAXParserFactory",
> "org.apache.xerces.jaxp.SAXParserFactoryImpl");
> > System.setProperty("javax.xml.validation.SchemaFactory",
> "org.apache.xerces.jaxp.validation.XMLSchemaFactory");
> > System.setProperty("org.w3c.dom.DOMImplementationSourceList",
> "org.apache.xerces.dom.DOMXSImplementationSourceImpl");
> > System.setProperty("org.xml.sax.driver",
> "org.apache.xerces.parsers.SAXParser");
> > DocumentBuilderFactory dbf2 =
> DocumentBuilderFactory.newInstance();
> DocumentBuilder db2 =
> dbf2.newDocumentBuilder();
> System.out.println(db2.getClass());
> }
>
--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Security
Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
,
http://www.switch.ch
- Problem about endorsed libraries, Manuela Stanica, 11/06/2007
- RE: Problem about endorsed libraries, Scott Cantor, 11/06/2007
- Re: Problem about endorsed libraries, Chad La Joie, 11/06/2007
- RE: Problem about endorsed libraries, Scott Cantor, 11/06/2007
- Re: Problem about endorsed libraries, Chad La Joie, 11/08/2007
- Re: Problem about endorsed libraries, Andreas . Vallen, 11/08/2007
- Re: Problem about endorsed libraries, Chad La Joie, 11/08/2007
- Re: Problem about endorsed libraries, Andreas . Vallen, 11/08/2007
- Re: Problem about endorsed libraries, Chad La Joie, 11/08/2007
- Re: Problem about endorsed libraries, Andreas . Vallen, 11/08/2007
- Re: Problem about endorsed libraries, Chad La Joie, 11/08/2007
- RE: Problem about endorsed libraries, Scott Cantor, 11/08/2007
- Re: Problem about endorsed libraries, Chad La Joie, 11/08/2007
- Re: Problem about endorsed libraries, Andreas . Vallen, 11/08/2007
Archive powered by MHonArc 2.6.16.