Grzegorz Grzybek created ARTEMIS-5587:
-----------------------------------------
Summary: HttpServerAuthenticator needs to set correct TCCL
Key: ARTEMIS-5587
URL: https://issues.apache.org/jira/browse/ARTEMIS-5587
Project: ActiveMQ Artemis
Issue Type: Bug
Affects Versions: 2.43.0
Reporter: Grzegorz Grzybek
When using this configuration in {{etc/artemis.profile}}:
{noformat}
-DhttpServerAuthenticator.realm=activemq
-DhttpServerAuthenticator.requestSubjectAttribute=org.jolokia.jaasSubject
-javaagent:$HOME/.m2/repository/org/jolokia/jolokia-agent-jvm/2.2.10-SNAPSHOT/jolokia-agent-jvm-2.2.10-SNAPSHOT-javaagent.jar=
\
authClass=org.apache.activemq.artemis.spi.core.security.jaas.HttpServerAuthenticator,
\
port=7778, \
protocol=http, \
debug=true, \
lazy=true
{noformat}
I could tell Jolokia to use Artemis' implementation of
{{com.sun.net.httpserver.Authenticator}}. By default, {{etc/login.conf}} is:
{noformat}
activemq {
org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModule
required
debug=false
reload=true
org.apache.activemq.jaas.properties.user="artemis-users.properties"
org.apache.activemq.jaas.properties.role="artemis-roles.properties";
};
{noformat}
The problem is that while Jolokia loads
{{org.apache.activemq.artemis.spi.core.security.jaas.HttpServerAuthenticator}}
correctly thanks to its {{ArtemisDetector}}, When {{LoginContext.login()}} is
invoked, it's the TCCL that is tried to load actual login module (here:
{{org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModule}}).
Currently TCCL is set to app class loader.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
