Hi Tang,
I've just fixed that
Project: glassfish
Repository: svn
Revision: 55568
Author: oleksiys
Date: 2012-08-21 08:35:33 UTC
Link:
Log Message:
------------
+ disable Grizzly async output stream for now
Pls. let me know if you still see the issue.
Thanks.
WBR,
Alexey.
On 08/21/2012 09:25 AM, Tang Yong wrote:
> Hi Alexey,
>
> > It should be used in sync mode too.
> Right. Just Now, I found that before CoyoteAdapter started to service
> request, connection has been assigned TCPNIOConnection. So, the problem
> maybe should be fixed on earlier time rather than
> "grizzlyOutputBuffer.setAsyncEnabled(true);"
>
> > Can you pls. post the exception stacktrace?
> Please see the attachment.
>
> previously, I also posted the stacktrace on
> http://java.net/jira/browse/GLASSFISH-19023
>
> Thanks!
> --Tang
>
> Oleksiy Stashok wrote:
>> Hi Tang,
>>
>> On 08/21/2012 08:15 AM, Tang Yong wrote:
>>> > So, I think that the problem maybe still exist, any idea?
>>> From stacktrace of the problem, setCoyoteResponse(Response
>>> coyoteResponse) method is indeed called, however, Grizzly asynic io
>>> is not still disabled
>>> (org.glassfish.grizzly.nio.transport.TCPNIOTransportFilter is still
>>> used).
>> It should be used in sync mode too.
>> Can you pls. post the exception stacktrace?
>>
>> Thanks.
>>
>> WBR,
>> Alexey.
>>
>>>
>>> --Tang
>>>
>>> Tang Yong wrote:
>>>> Hi Alexey,
>>>>
>>>> Thanks your quick reply very much!
>>>>
>>>> > Do you have the latest GF built from sources?
>>>> Yeah, I used 2012/8/20 Updated GF Trunk, so souces should be
>>>> the latest.
>>>>
>>>> In addition, on Revision: 55496, swchan2 commented out the following
>>>> sentence.
>>>>
>>>> //grizzlyOutputBuffer.setAsyncEnabled(true);
>>>>
>>>> Then, I confirmed that on 2012/8/20 Updated GF Trunk
>>>> (main\appserver\web\web-core\src\main\java\org\apache\catalina\connector\OutputBuffer.java),
>>>>
>>>> the above sentence has been also commented out.
>>>>
>>>> So, I think that the problem maybe still exist, any idea?
>>>>
>>>> --Best Regard!
>>>> --Tang
>>>>
>>>> Oleksiy Stashok wrote:
>>>>> Hi Tang,
>>>>>
>>>>> [2] had to be fixed by this commit:
>>>>>
>>>>> Project: glassfish
>>>>> Repository: svn
>>>>> Revision: 55496
>>>>> Author: swchan2
>>>>> Date: 2012-08-15 19:48:01 UTC
>>>>> Link:
>>>>>
>>>>> Log Message:
>>>>> ------------
>>>>> temporary disable Grizzly asynic io, wait for Grizzly 2.3.x
>>>>>
>>>>>
>>>>> Do you have the latest GF built from sources?
>>>>>
>>>>> Thanks.
>>>>>
>>>>> WBR,
>>>>> Alexey.
>>>>>
>>>>>
>>>>>
>>>>> On 08/20/2012 02:41 PM, Tang Yong wrote:
>>>>>> Hi Sahoo,
>>>>>>
>>>>>> About current status of the improvement, I have commented on jira,
>>>>>> please see[1] and [2], especially [2].
>>>>>>
>>>>>> [1] http://java.net/jira/browse/GLASSFISH-12975
>>>>>> [2] http://java.net/jira/browse/GLASSFISH-19023
>>>>>>
>>>>>> [1] is blocked because [2].
>>>>>>
>>>>>> I want to know whether needing to investigate [2] in depth or not?
>>>>>>
>>>>>> --Tang
>>>>>>
>>>>>> Sahoo wrote:
>>>>>>> Hi Tang,
>>>>>>>
>>>>>>> Sorry for the delay.
>>>>>>>
>>>>>>> I have looked at your github project. It looks good. Do you
>>>>>>> think we should upgrade to Felix Web Console 3.1.4 so that we
>>>>>>> can take advantage of the richer WebConsolerSecurityProvider2
>>>>>>> interface of Felix Web Console? That way we won't be limited to
>>>>>>> only "HTTP Basic Authentication?" I guess we can include what
>>>>>>> you have done and then improve it later on. I am in the process
>>>>>>> of finding out the contribution acceptance process. Hopefully I
>>>>>>> will find the answers soon. In the meanwhile, I noticed some of
>>>>>>> your files do not have correct copyright and license headers.
>>>>>>> Pl. fix them and upload them to JIRA or reference the new github
>>>>>>> URL from JIRA.
>>>>>>>
>>>>>>> You had a question about injection not working for
>>>>>>> GlassFishSecurityProvider. I guess you directly instantiated the
>>>>>>> class from the bundle activator in which case HK2 injection
>>>>>>> manager didn't get an opportunity to perform injection. Use of
>>>>>>> GlassFish.getService is alright.
>>>>>>>
>>>>>>> Thanks for all the good work you are doing.
>>>>>>>
>>>>>>> Sahoo
>>>>>>>
>>>>>>> [1]
>>>>>>> http://felix.apache.org/site/web-console-security-provider.html#WebConsoleSecurityProvider-WebConsoleSecurityProvider2
>>>>>>>
>>>>>>>
>>>>>>> On Wednesday 18 July 2012 05:24 PM, Tang Yong wrote:
>>>>>>>> Hi Sahoo, Shaun,
>>>>>>>>
>>>>>>>> Now, I have resolved the problem which I met.
>>>>>>>>
>>>>>>>> After investigating again, I found that using
>>>>>>>> org.glassfish.embeddable.GlassFish(simple-glassfish-api module)
>>>>>>>> can get AuthenticationService and integrate felix-webconsole's
>>>>>>>> authentication with Glassfish JAAS successfully.
>>>>>>>>
>>>>>>>> My souce has updated into github and please review it.
>>>>>>>>
>>>>>>>> Then, I will start to investigate cdi-related rfp/bug, firstly, I
>>>>>>>> will investigate http://java.net/jira/browse/GLASSFISH-18370.
>>>>>>>>
>>>>>>>> [A Request]
>>>>>>>> If having time, I wish sahoo can explain why from
>>>>>>>> felix-webconsole-extension module, can not get HK2 services and
>>>>>>>> components using Injection way?
>>>>>>>>
>>>>>>>> --Best Regard!
>>>>>>>> --Tang
>>>>>>>>
>>>>>>>> Tang Yong wrote:
>>>>>>>>> Hi Shaun,
>>>>>>>>>
>>>>>>>>> Thanks your suggestion very much.
>>>>>>>>> I have tried and AuthenticationService has still been not
>>>>>>>>> injected successfully.
>>>>>>>>>
>>>>>>>>> I have confirmed that my working enviroment is ok because I
>>>>>>>>> found that
>>>>>>>>> some class on other modules liking deployment-admin can get
>>>>>>>>> injected objects liking BaseServiceLocator.
>>>>>>>>>
>>>>>>>>> So, whether from felix-webconsole-extension module, can not
>>>>>>>>> get HK2 components or not?
>>>>>>>>>
>>>>>>>>> --Tang
>>>>>>>>>
>>>>>>>>> Shaun Pei wrote:
>>>>>>>>>> Hi Yong
>>>>>>>>>>
>>>>>>>>>> Did you try to directly inject the AuthenticationService into
>>>>>>>>>> your code?
>>>>>>>>>> An example using AuthenticationService is
>>>>>>>>>> com.sun.enterprise.admin.util.GenericAdminAuthenticator.java,
>>>>>>>>>> which directly injects the AuthenticationService at line 150.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Regards
>>>>>>>>>>
>>>>>>>>>> Shaun
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> -----Original Message-----
>>>>>>>>>> From: Tang Yong [mailto:tangyong_at_cn.fujitsu.com] Sent:
>>>>>>>>>> Tuesday, July 17, 2012 1:02 PM
>>>>>>>>>> To: Sahoo; dev_at_glassfish.java.net
>>>>>>>>>> Subject: About GLASSFISH-12975
>>>>>>>>>>
>>>>>>>>>> Dear Sahoo, Security Leader,
>>>>>>>>>>
>>>>>>>>>> About GLASSFISH-12975(Use glassfish admin realm for
>>>>>>>>>> authentication and authorisation of OSGi admin console),
>>>>>>>>>>
>>>>>>>>>> I have made a basic prototype put on
>>>>>>>>>> https://github.com/tangyong/GLASSFISH-12975.
>>>>>>>>>>
>>>>>>>>>> You can copy
>>>>>>>>>> tree/master/felix-webconsole-extension/target/felix-webconsole-extension.jar
>>>>>>>>>>
>>>>>>>>>> into modules\autostart and start
>>>>>>>>>> "GlassFish OSGi Administration Console", then, input GF's
>>>>>>>>>> admin account and check whether having glassfish admin realm
>>>>>>>>>> for authentication or not.
>>>>>>>>>>
>>>>>>>>>> The following is my design idea and a critical problem needed
>>>>>>>>>> to discuss.
>>>>>>>>>>
>>>>>>>>>> [Desgin]
>>>>>>>>>> 1 Implement the felix web console's
>>>>>>>>>> WebConsoleSecurityProvider interface.
>>>>>>>>>>
>>>>>>>>>> Note:
>>>>>>>>>> The current karaf's JaasSecurityProvider class implements
>>>>>>>>>> felix web console's WebConsoleSecurityProvider2, and the
>>>>>>>>>> WebConsoleSecurityProvider2 is not in
>>>>>>>>>> org.apache.felix.webconsole-3.1.2.
>>>>>>>>>>
>>>>>>>>>> 2 On FelixWebConsoleExtensionActivator class, register GF's
>>>>>>>>>> implementation of WebConsoleSecurityProvider.
>>>>>>>>>>
>>>>>>>>>> 3 On GF's implementation of WebConsoleSecurityProvider,
>>>>>>>>>> integrate the glassfish admin realm called "admin-realm". On
>>>>>>>>>> the current my prototype, I used
>>>>>>>>>> LoginContextDriver.login(subject, PasswordCredential.class).
>>>>>>>>>>
>>>>>>>>>> However, I indeed did not want to use the way, because I
>>>>>>>>>> found that if using
>>>>>>>>>> org.glassfish.security.services.impl.AuthenticationServiceFactory
>>>>>>>>>>
>>>>>>>>>> to get authentication related to services which should be
>>>>>>>>>> registered into HK2 components, I think that it will be very
>>>>>>>>>> good because security-services module can get realm from
>>>>>>>>>> domain.xml.
>>>>>>>>>>
>>>>>>>>>> So, I tried to do it and however, I met a big problem on the
>>>>>>>>>> whole night.
>>>>>>>>>>
>>>>>>>>>> [Problem]
>>>>>>>>>> Firstly, Please allow me put the codes having the problem as
>>>>>>>>>> following:
>>>>>>>>>>
>>>>>>>>>> @Service
>>>>>>>>>> public class GlassFishSecurityProvider implements
>>>>>>>>>> WebConsoleSecurityProvider{
>>>>>>>>>>
>>>>>>>>>> @Inject
>>>>>>>>>> StateManager manager;
>>>>>>>>>>
>>>>>>>>>> @Inject
>>>>>>>>>> BaseServiceLocator serviceLocator;
>>>>>>>>>>
>>>>>>>>>> @Override
>>>>>>>>>> public Object authenticate(String username, String password) {
>>>>>>>>>> String currentState = manager.getCurrent();
>>>>>>>>>> // Get Service Instance
>>>>>>>>>> AuthenticationService atnService =
>>>>>>>>>> serviceLocator.getComponent(AuthenticationService.class);
>>>>>>>>>>
>>>>>>>>>> // Get Service Configuration
>>>>>>>>>> org.glassfish.security.services.config.AuthenticationService
>>>>>>>>>> atnConfiguration =
>>>>>>>>>> serviceLocator.getComponent(org.glassfish.security.services.config.AuthenticationService.class,currentState);
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> // Initialize Service
>>>>>>>>>> atnService.initialize(atnConfiguration);
>>>>>>>>>>
>>>>>>>>>> final Subject fs = null;
>>>>>>>>>>
>>>>>>>>>> try {
>>>>>>>>>> atnService.login(username, password.toCharArray(), fs);
>>>>>>>>>> } catch (LoginException e) { e.printStackTrace();
>>>>>>>>>> return null;
>>>>>>>>>> }
>>>>>>>>>>
>>>>>>>>>> return fs; }
>>>>>>>>>>
>>>>>>>>>> When debugging the authenticate method, both manager and
>>>>>>>>>> serviceLocator are null. I have tried many ways and have no
>>>>>>>>>> effect. So, I want to ask whether from
>>>>>>>>>> felix-webconsole-extension module, can not get HK2 components
>>>>>>>>>> or not?
>>>>>>>>>>
>>>>>>>>>> --Best Regard!
>>>>>>>>>> --Tang
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>
>>
>>
>>