Richard S. Hall wrote:
> Richard S. Hall wrote:
>> Claudio Miranda wrote:
>>> To better trace things like that, please can you explain how did you
>>> find that issue ?
>>> Probably this is going to help people (outside glassfish project) to
>>> get better educated about felix and glassfish.
>>>
>>
>> The old fashioned way, I just drilled down in Felix to see what was
>> happening.
>>
>> It actually wasn't that difficult to figure out the original
>> exception posted to the mailing list wasn't the root cause. If you
>> scrolled up the server output beyond the reported exception you'd see
>> there was another logged error from Felix saying it was unable to get
>> the bundle's manifest, but Felix was swallowing the exception
>> explaining "why" it couldn't get the manifest. So, I just drilled
>> down to see why, which ultimately was originating from when we were
>> getting the input stream from the ZipEntry for META-INF/MANIFEST.MF.
>
> One other thing that just dawned on me that is odd in this scenario.
> Due to some implementation details in Felix <= 1.4.1, the bundle
> manifest is retrieved in two different ways paraphrased below:
>
> 1. JarFile.getManifest()
> 2. new
>
> Manifest(JarFile.getInputStream(JarFile.getEntry("META-INF/MANIFEST.MF")))
>
>
> The first way does not throw the security exception, while the second
> way does. When the bundle is originally installed, it uses the first
> approach, thus no exception. However, later on it uses the second
> approach and we get the exception.
>
> Due to my current Felix refactoring, the second approach has been
> eliminated, so I don't think we would see this error in the Felix
> trunk (I could actually test this I suppose).
FYI, I did test this on Felix' trunk and I didn't get the security
exception when creating the manifest, but it really doesn't help since
we get it as soon as we try to load a class, since the same signature
check is done when getting its associated input stream...makes sense.
-> richard
>
> Of course, this raises the question, should we see this exception in
> this case or not?
>
> -> richard
>
>>
>> -> richard
>>
>>> Thanks for your assistance, very appreciated.
>>>
>>> Claudio Miranda
>>>
>>> On Sun, Jan 11, 2009 at 8:45 PM, Richard S. Hall
>>> <heavy_at_ungoverned.org> wrote:
>>>
>>>> Well, I found the root cause. It is not a bug in Felix, but Felix
>>>> was hiding
>>>> the true issue because it was swallowing an exception. Felix gets the
>>>> following exception when trying to read the bouncy castle bundle
>>>> manifest:
>>>>
>>>> INFO: +++ java.lang.SecurityException: Invalid signature file
>>>> digest for
>>>> Manifest main attributes
>>>>
>>>> So, it looks like there is a signature problem with the bundle. I will
>>>> create an issue against Felix to log this exception, rather than
>>>> swallow it.
>>>>
>>>
>>>
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe_at_glassfish.dev.java.net
>> For additional commands, e-mail: dev-help_at_glassfish.dev.java.net
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: dev-help_at_glassfish.dev.java.net
>