Details
-
Bug
-
Status: Closed (View Workflow)
-
Blocker
-
Resolution: Fixed
-
2.4.1
-
None
-
Windows+Glassfish+Blueprint
Description
There is bug in your mariadb-java-client jar version 2.4.1 that means it doesn't work within an OSGI environment when the database connections is secured with SSL/TLS using two way authentication.
When attempting a database connection you get a ClassNotFoundException javax.security.auth.x509.X509Principal.
This is due a couple of missing import statements in the pom.xml that is used to build the jar file.
You currently have this
<Import-Package>
|
javax.naming,
|
javax.management,
|
javax.net;resolution:=optional,
|
javax.net.ssl;resolution:=optional,
|
javax.sql,javax.transaction.xa;resolution:=optional,
|
org.slf4j;resolution:=optional,
|
</Import-Package>
|
But I have found 3 additional imports need to be added, giving this:
<Import-Package>
|
javax.naming,
|
javax.management,
|
javax.net;resolution:=optional,
|
javax.net.ssl;resolution:=optional,
|
javax.sql,javax.transaction.xa;resolution:=optional,
|
org.slf4j;resolution:=optional,
|
waffle.windows.auth;resolution:=optional,
|
waffle.windows.auth.impl;resolution:=optional,
|
|
*
|
</Import-Package>
|
Attachments
Issue Links
- relates to
-
-
- Closed
-
Activity
| Field | Original Value | New Value |
|---|---|---|
| Summary | ClassNotFoundException when trying to connect using two-authentication in an OSIG environment. | ClassNotFoundException when trying to connect using two-authentication in an OSGI environment. |
| Description |
There is bug in your mariadb-java-client jar version 2.4.1 that means it doesn't work within an OSGI environment when the database connections is secured with SSL/TLS using two way authentication.
When attempting a database connection you get a ClassNotFoundException javax.security.auth.x509.X509Principal. This is due a couple of missing import statements in the pom.xml that is used to build the jar file. You currently have this <Import-Package> javax.naming, javax.management, javax.net;resolution:=optional, javax.net.ssl;resolution:=optional, javax.sql,javax.transaction.xa;resolution:=optional, org.slf4j;resolution:=optional, </Import-Package> But I have found 3 additional imports need to be added, giving this: <Import-Package> javax.naming, javax.management, javax.net;resolution:=optional, javax.net.ssl;resolution:=optional, javax.sql,javax.transaction.xa;resolution:=optional, org.slf4j;resolution:=optional, waffle.windows.auth;resolution:=optional, waffle.windows.auth.impl;resolution:=optional, * </Import-Package> |
There is bug in your mariadb-java-client jar version 2.4.1 that means it doesn't work within an OSGI environment when the database connections is secured with SSL/TLS using two way authentication.
When attempting a database connection you get a ClassNotFoundException javax.security.auth.x509.X509Principal. This is due a couple of missing import statements in the pom.xml that is used to build the jar file. You currently have this {noformat} <Import-Package> javax.naming, javax.management, javax.net;resolution:=optional, javax.net.ssl;resolution:=optional, javax.sql,javax.transaction.xa;resolution:=optional, org.slf4j;resolution:=optional, </Import-Package> {noformat} But I have found 3 additional imports need to be added, giving this: {noformat} <Import-Package> javax.naming, javax.management, javax.net;resolution:=optional, javax.net.ssl;resolution:=optional, javax.sql,javax.transaction.xa;resolution:=optional, org.slf4j;resolution:=optional, waffle.windows.auth;resolution:=optional, waffle.windows.auth.impl;resolution:=optional, * </Import-Package> {noformat} |
| Fix Version/s | 2.4.2 [ 23707 ] |
| Status | Open [ 1 ] | In Progress [ 3 ] |
| Status | In Progress [ 3 ] | Stalled [ 10000 ] |
For OSGI bundles the <Import-Package> lists all the packages that the bundle needs in-order to run. When the bundle starts up if any of the listed packages are missing the bundle will not start. Also if the bundle requires any packages that are not listed in the import-packages then that will generate a classNofFoundException at the point in which java tries to load the class.
An asterisk is a special case and tell the bundle builder that any package it sees in use (by analysing the byte code) should be automatically included in the import-package statement.
Marking an import as optional is important for packages which are refereed to by code, but which are not always needed, depending on the setup. This allows the bundle to startup without those packages being available. In this example the waffle.windows.auth packages need to be marked as optional, as not all software making use of the MariaDB client (e.g. those running on linux) will have those packages installed!
If you build the client using my suggested imports, and then look at the generated Java Manifest you will be able to see what packages have been added to the import-package section (and you will see that the asterisk has been removed and substituted for all the packages that your driver references).
| issue.field.resolutiondate | 2019-06-12 16:34:41.0 | 2019-06-12 16:34:41.789 |
| Resolution | Fixed [ 1 ] | |
| Status | Stalled [ 10000 ] | Closed [ 6 ] |
| Workflow | MariaDB v3 [ 96764 ] | MariaDB v4 [ 135110 ] |
It would seem that implementation would list non-mandatory packages and asterisk, like :
<Import-Package>javax.net;resolution:=optional,org.slf4j;resolution:=optional,waffle.windows.auth;resolution:=optional,waffle.windows.auth.impl;resolution:=optional,*</Import-Package>or not setting anything at all <Import-Package/>.
I'm not really familiar with OSGi bundles, i haven't any opinion to what would be best.