Announcement Announcement Module
Collapse
No announcement yet.
Spring Transactions disrupted by initialization of SAMLBootstrap bean Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring Transactions disrupted by initialization of SAMLBootstrap bean

    Hi All,

    I have run into a problem as I integrate Spring SAML into my application. I'm using the sample as a guide, which includes the following bean:

    Code:
    <bean class="org.springframework.security.saml.SAMLBootstrap"/>
    Inclusion of this bean causes Spring to skip transaction processing as it normally does, ie my service interfaces aren't proxied as they normally should be. Has anyone run into this problem before?

    I thought it might be something related to class loading, but have been unable to track it down so far.

    Simply commenting out this bean allows the transaction handling to proceed as it should

    Any thoughts would be appreciated!

  • #2
    Originally posted by ianlong View Post
    Hi All,

    I have run into a problem as I integrate Spring SAML into my application. I'm using the sample as a guide, which includes the following bean:

    Code:
    <bean class="org.springframework.security.saml.SAMLBootstrap"/>
    Inclusion of this bean causes Spring to skip transaction processing as it normally does, ie my service interfaces aren't proxied as they normally should be. Has anyone run into this problem before?

    I thought it might be something related to class loading, but have been unable to track it down so far.

    Simply commenting out this bean allows the transaction handling to proceed as it should

    Any thoughts would be appreciated!
    I've been digging a little deeper, and the problem is actually caused by the parser pool bean:

    Code:
    <bean id="parserPool" class="org.opensaml.xml.parse.BasicParserPool" scope="singleton"/>
    This combined with the code from the SamlBootstrap:

    Code:
    ParserPool pool = beanFactory.getBean(ParserPool.class);
    new ParserPoolHolder(pool);
    causes the problem.

    Comment


    • #3
      Hi,

      Could you please send me e.g. a test case or a piece of code reproducing this? There doesn't seem to be any obvious ways those two components interfere.

      V.

      Comment


      • #4
        Originally posted by vsch View Post
        Hi,

        Could you please send me e.g. a test case or a piece of code reproducing this? There doesn't seem to be any obvious ways those two components interfere.

        V.
        I agree, it took me a few hours to track down what was causing the problem. I have a hard time understanding how it would affect the transactions too, but am continuing to look into it.

        It's hard to have a test case because it requires a lot of setup.

        Thanks,
        Ian

        Comment


        • #5
          Solved!

          Originally posted by ianlong View Post
          I agree, it took me a few hours to track down what was causing the problem. I have a hard time understanding how it would affect the transactions too, but am continuing to look into it.

          It's hard to have a test case because it requires a lot of setup.

          Thanks,
          Ian
          I finally figured out what was causing the problem, although I don't know why.

          Here is my version of SAMLBootsrap that fixes the problem. Basically it boils down to for some reason Spring didn't like the call to getBean() in the post processing, so I changed the class to have a constructor where the parserPool bean is passed in.

          Code:
          /* Copyright 2011 Vladimir Schaefer
           *
           * Licensed under the Apache License, Version 2.0 (the "License");
           * you may not use this file except in compliance with the License.
           * You may obtain a copy of the License at
           *
           *     http://www.apache.org/licenses/LICENSE-2.0
           *
           * Unless required by applicable law or agreed to in writing, software
           * distributed under the License is distributed on an "AS IS" BASIS,
           * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
           * See the License for the specific language governing permissions and
           * limitations under the License.
           */
          package org.springframework.security.saml;
          
          import org.opensaml.Configuration;
          import org.opensaml.PaosBootstrap;
          import org.opensaml.xml.ConfigurationException;
          import org.opensaml.xml.parse.ParserPool;
          import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager;
          import org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory;
          import org.springframework.beans.BeansException;
          import org.springframework.beans.factory.access.BootstrapException;
          import org.springframework.beans.factory.config.BeanFactoryPostProcessor;
          import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
          import org.springframework.security.saml.parser.ParserPoolHolder;
          
          /**
           * Initialization for SAML library. Is automatically called as part of Spring initialization.
           *
           * @author Vladimir Schaefer
           */
          public class SAMLBootstrap implements BeanFactoryPostProcessor {
          	private ParserPool parserPool;
          	private ParserPoolHolder parserPoolHolder;
          	
          	public SAMLBootstrap( ParserPool parserPool )
          	{
          		this.parserPool = parserPool;
          	}
              /**
               * Automatically called to initialize whole module. Localizes parserPool from the factory and stores it.
               *
               * @param beanFactory bean factory
               * @throws BeansException errors
               */
              public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
                  try {
                      PaosBootstrap.bootstrap();
                      parserPoolHolder = new ParserPoolHolder(parserPool);
                      setMetadataKeyInfoGenerator();
                  } catch (ConfigurationException e) {
                      throw new BootstrapException("Error invoking OpenSAML bootrap", e);
                  }
              }
              
              public ParserPoolHolder getHolder()
              {
              	return parserPoolHolder;
              }
          
              /**
               * Method registers extension specific KeyInfoGenerator which emits .
               *
               * @see SAMLConstants#SAML_METADATA_KEY_INFO_GENERATOR
               */
              protected void setMetadataKeyInfoGenerator() {
                  NamedKeyInfoGeneratorManager manager = Configuration.getGlobalSecurityConfiguration().getKeyInfoGeneratorManager();
                  X509KeyInfoGeneratorFactory generator = new X509KeyInfoGeneratorFactory();
                  generator.setEmitEntityCertificate(true);
                  generator.setEmitEntityCertificateChain(true);
                  manager.registerFactory(SAMLConstants.SAML_METADATA_KEY_INFO_GENERATOR, generator);
              }
          
          }
          Then the bean definition becomes:

          Code:
          <bean id="parserPool" class="org.opensaml.xml.parse.BasicParserPool" scope="singleton"/>
          <!-- Initialization of OpenSAML library  -->  
          <bean class="org.springframework.security.saml.SAMLBootstrap">
              	<constructor-arg ref="parserPool" />
              </bean>
          Why this was occurring I don't know, but it fixes it so I am happy

          Comment


          • #6
            Glad you found it! There's a fix in the trunk for this.

            Vladi

            Comment

            Working...
            X