Re: [jboss-dev-forums] [jbossws-commits] JBossWS SVN: r10713 - spi/trunk/src/main/java/org/jboss/wsf/spi/util.
by Richard Opalka
I'm taking it back.
I see your next commit fixed it ;)
Richard
On 09/18/2009 06:02 PM, jbossws-commits(a)lists.jboss.org wrote:
> Author: alessio.soldano(a)jboss.com
> Date: 2009-09-18 12:02:44 -0400 (Fri, 18 Sep 2009)
> New Revision: 10713
>
> Removed:
> spi/trunk/src/main/java/org/jboss/wsf/spi/util/ResourceCachingClassLoader.java
> Modified:
> spi/trunk/src/main/java/org/jboss/wsf/spi/util/ServiceLoader.java
> Log:
> [JBWS-2763] Store service api cache in a synchronized weak hash map in ServiceLoader and do not change classloaders
>
>
> Deleted: spi/trunk/src/main/java/org/jboss/wsf/spi/util/ResourceCachingClassLoader.java
> ===================================================================
> --- spi/trunk/src/main/java/org/jboss/wsf/spi/util/ResourceCachingClassLoader.java 2009-09-18 08:56:42 UTC (rev 10712)
> +++ spi/trunk/src/main/java/org/jboss/wsf/spi/util/ResourceCachingClassLoader.java 2009-09-18 16:02:44 UTC (rev 10713)
> @@ -1,59 +0,0 @@
> -/*
> - * JBoss, Home of Professional Open Source.
> - * Copyright 2009, Red Hat Middleware LLC, and individual contributors
> - * as indicated by the @author tags. See the copyright.txt file in the
> - * distribution for a full listing of individual contributors.
> - *
> - * This is free software; you can redistribute it and/or modify it
> - * under the terms of the GNU Lesser General Public License as
> - * published by the Free Software Foundation; either version 2.1 of
> - * the License, or (at your option) any later version.
> - *
> - * This software is distributed in the hope that it will be useful,
> - * but WITHOUT ANY WARRANTY; without even the implied warranty of
> - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> - * Lesser General Public License for more details.
> - *
> - * You should have received a copy of the GNU Lesser General Public
> - * License along with this software; if not, write to the Free
> - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
> - * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
> - */
> -package org.jboss.wsf.spi.util;
> -
> -import java.util.concurrent.ConcurrentHashMap;
> -import java.util.concurrent.ConcurrentMap;
> -
> -/**
> - * A ClassLoader with caches for resource lookup through services (META-INF/services)
> - *
> - * @author alessio.soldano(a)jboss.com
> - * @since 18-Sep-2009
> - *
> - */
> -public class ResourceCachingClassLoader extends ClassLoader
> -{
> - private ConcurrentMap<String, String> servicesMap = new ConcurrentHashMap<String, String>();
> -
> - public ResourceCachingClassLoader(ClassLoader parent)
> - {
> - super(parent);
> - //clear maps to same memory, as this constructor is also called when this classloader becomes a father (hence the cache is not useful anymore)
> - servicesMap.clear();
> - }
> -
> - public boolean hasResourceNameFromServices(String key)
> - {
> - return servicesMap.containsKey(key);
> - }
> -
> - public String getResourceNameFromServices(String key)
> - {
> - return servicesMap.get(key);
> - }
> -
> - public void setResourceNameFromServices(String key, String value)
> - {
> - servicesMap.put(key, value);
> - }
> -}
>
> Modified: spi/trunk/src/main/java/org/jboss/wsf/spi/util/ServiceLoader.java
> ===================================================================
> --- spi/trunk/src/main/java/org/jboss/wsf/spi/util/ServiceLoader.java 2009-09-18 08:56:42 UTC (rev 10712)
> +++ spi/trunk/src/main/java/org/jboss/wsf/spi/util/ServiceLoader.java 2009-09-18 16:02:44 UTC (rev 10713)
> @@ -29,7 +29,11 @@
> import java.io.InputStreamReader;
> import java.security.AccessController;
> import java.security.PrivilegedAction;
> +import java.util.Collections;
> +import java.util.Map;
> import java.util.Properties;
> +import java.util.WeakHashMap;
> +import java.util.concurrent.ConcurrentHashMap;
>
> /**
> * Load a service class using this ordered lookup procedure
> @@ -41,6 +45,12 @@
> public abstract class ServiceLoader
> {
> /**
> + * A synchronized weak hash map that keeps factory names retrieved using Service API (META-INF/services/*) for each classloader.
> + * Weak keys are used to remove entries when classloaders are garbage collected; values are service-property-name -> factory name maps.
> + */
> + private static Map<ClassLoader, Map<String, String>> serviceMap = Collections.synchronizedMap(new WeakHashMap<ClassLoader, Map<String, String>>());
> +
> + /**
> * This method uses the algorithm below using the JAXWS Provider as an example.
> *
> * 1. If a resource with the name of META-INF/services/javax.xml.ws.spi.Provider exists, then
> @@ -75,61 +85,25 @@
> {
> Object factory = null;
> String factoryName = null;
> - ClassLoader cl = SecurityActions.getContextClassLoader();
> - ResourceCachingClassLoader loader;
> + ClassLoader loader = SecurityActions.getContextClassLoader();
>
> - if (cl instanceof ResourceCachingClassLoader)
> - {
> - loader = (ResourceCachingClassLoader)cl;
> - }
> - else
> - {
> - loader = new ResourceCachingClassLoader(cl);
> - SecurityActions.setContextClassLoader(loader);
> - }
> -
> // Use the Services API (as detailed in the JAR specification), if available, to determine the classname.
> String filename = "META-INF/services/" + propertyName;
> - if (loader.hasResourceNameFromServices(filename))
> +
> + try
> {
> - factoryName = loader.getResourceNameFromServices(filename);
> - try
> + factoryName = getServiceNameUsingCache(loader, filename);
> + if (factoryName != null)
> {
> - if (factoryName != null)
> - {
> - Class factoryClass = SecurityActions.loadClass(loader, factoryName);
> - factory = factoryClass.newInstance();
> - }
> + Class factoryClass = SecurityActions.loadClass(loader, factoryName);
> + factory = factoryClass.newInstance();
> }
> - catch (Throwable t)
> - {
> - throw new IllegalStateException("Failed to load " + propertyName + ": " + factoryName, t);
> - }
> }
> - else
> + catch (Throwable t)
> {
> - InputStream inStream = SecurityActions.getResourceAsStream(loader, filename);
> - if (inStream != null)
> - {
> - try
> - {
> - BufferedReader br = new BufferedReader(new InputStreamReader(inStream, "UTF-8"));
> - factoryName = br.readLine();
> - br.close();
> - loader.setResourceNameFromServices(filename, factoryName);
> - if (factoryName != null)
> - {
> - Class factoryClass = SecurityActions.loadClass(loader, factoryName);
> - factory = factoryClass.newInstance();
> - }
> - }
> - catch (Throwable t)
> - {
> - throw new IllegalStateException("Failed to load " + propertyName + ": " + factoryName, t);
> - }
> - }
> + throw new IllegalStateException("Failed to load " + propertyName + ": " + factoryName, t);
> }
> -
> +
> // Use the default factory implementation class.
> if (factory == null&& defaultFactory != null)
> {
> @@ -139,6 +113,33 @@
> return factory;
> }
>
> + private static String getServiceNameUsingCache(ClassLoader loader, String filename) throws IOException
> + {
> + Map<String, String> map = serviceMap.get(loader);
> + if (map != null&& map.containsKey(filename))
> + {
> + return map.get(filename);
> + }
> + else
> + {
> + if (map == null)
> + {
> + map = new ConcurrentHashMap<String, String>();
> + serviceMap.put(loader, map);
> + }
> + InputStream inStream = SecurityActions.getResourceAsStream(loader, filename);
> + String factoryName = null;
> + if (inStream != null)
> + {
> + BufferedReader br = new BufferedReader(new InputStreamReader(inStream, "UTF-8"));
> + factoryName = br.readLine();
> + br.close();
> + map.put(filename, factoryName);
> + }
> + return factoryName;
> + }
> + }
> +
> /** Use the system property
> */
> public static Object loadFromSystemProperty(String propertyName, String defaultFactory)
>
> _______________________________________________
> jbossws-commits mailing list
> jbossws-commits(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/jbossws-commits
--
Richard Opalka
JBoss Software Engineer
Mail: ropalka(a)redhat.com
Mobile: +420731186942
16 years, 6 months
Re: [jboss-dev-forums] [jbossws-commits] JBossWS SVN: r10712 - spi/trunk/src/main/java/org/jboss/wsf/spi/util.
by Richard Opalka
Hi Alessio,
I reviewed this commit and I don't like it.
It introduces another memory leak :(
Please consider the following fix in ResourceCachingClassLoader:
* use WeakHashMap instead of ConcurrentHashMap
* use synchronized keyword in public methods (or other concurrency
mechanism to synchronize hash map access)
Thanks,
Richard
On 09/18/2009 10:56 AM, jbossws-commits(a)lists.jboss.org wrote:
> Author: alessio.soldano(a)jboss.com
> Date: 2009-09-18 04:56:42 -0400 (Fri, 18 Sep 2009)
> New Revision: 10712
>
> Added:
> spi/trunk/src/main/java/org/jboss/wsf/spi/util/ResourceCachingClassLoader.java
> Modified:
> spi/trunk/src/main/java/org/jboss/wsf/spi/util/SecurityActions.java
> spi/trunk/src/main/java/org/jboss/wsf/spi/util/ServiceLoader.java
> Log:
> [JBWS-2763] Cache resource name lookup through Services API (prevent many useless accesses to filesystem)
>
>
> Added: spi/trunk/src/main/java/org/jboss/wsf/spi/util/ResourceCachingClassLoader.java
> ===================================================================
> --- spi/trunk/src/main/java/org/jboss/wsf/spi/util/ResourceCachingClassLoader.java (rev 0)
> +++ spi/trunk/src/main/java/org/jboss/wsf/spi/util/ResourceCachingClassLoader.java 2009-09-18 08:56:42 UTC (rev 10712)
> @@ -0,0 +1,59 @@
> +/*
> + * JBoss, Home of Professional Open Source.
> + * Copyright 2009, Red Hat Middleware LLC, and individual contributors
> + * as indicated by the @author tags. See the copyright.txt file in the
> + * distribution for a full listing of individual contributors.
> + *
> + * This is free software; you can redistribute it and/or modify it
> + * under the terms of the GNU Lesser General Public License as
> + * published by the Free Software Foundation; either version 2.1 of
> + * the License, or (at your option) any later version.
> + *
> + * This software is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> + * Lesser General Public License for more details.
> + *
> + * You should have received a copy of the GNU Lesser General Public
> + * License along with this software; if not, write to the Free
> + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
> + * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
> + */
> +package org.jboss.wsf.spi.util;
> +
> +import java.util.concurrent.ConcurrentHashMap;
> +import java.util.concurrent.ConcurrentMap;
> +
> +/**
> + * A ClassLoader with caches for resource lookup through services (META-INF/services)
> + *
> + * @author alessio.soldano(a)jboss.com
> + * @since 18-Sep-2009
> + *
> + */
> +public class ResourceCachingClassLoader extends ClassLoader
> +{
> + private ConcurrentMap<String, String> servicesMap = new ConcurrentHashMap<String, String>();
> +
> + public ResourceCachingClassLoader(ClassLoader parent)
> + {
> + super(parent);
> + //clear maps to same memory, as this constructor is also called when this classloader becomes a father (hence the cache is not useful anymore)
> + servicesMap.clear();
> + }
> +
> + public boolean hasResourceNameFromServices(String key)
> + {
> + return servicesMap.containsKey(key);
> + }
> +
> + public String getResourceNameFromServices(String key)
> + {
> + return servicesMap.get(key);
> + }
> +
> + public void setResourceNameFromServices(String key, String value)
> + {
> + servicesMap.put(key, value);
> + }
> +}
>
>
> Property changes on: spi/trunk/src/main/java/org/jboss/wsf/spi/util/ResourceCachingClassLoader.java
> ___________________________________________________________________
> Name: svn:keywords
> + Id Revision
> Name: svn:eol-style
> + LF
>
> Modified: spi/trunk/src/main/java/org/jboss/wsf/spi/util/SecurityActions.java
> ===================================================================
> --- spi/trunk/src/main/java/org/jboss/wsf/spi/util/SecurityActions.java 2009-09-17 15:30:33 UTC (rev 10711)
> +++ spi/trunk/src/main/java/org/jboss/wsf/spi/util/SecurityActions.java 2009-09-18 08:56:42 UTC (rev 10712)
> @@ -60,6 +60,29 @@
> }
>
> /**
> + * Set context classloader.
> + *
> + */
> + static void setContextClassLoader(final ClassLoader cl)
> + {
> + SecurityManager sm = System.getSecurityManager();
> + if (sm == null)
> + {
> + Thread.currentThread().setContextClassLoader(cl);
> + }
> + else
> + {
> + AccessController.doPrivileged(new PrivilegedAction<Object>() {
> + public Object run()
> + {
> + Thread.currentThread().setContextClassLoader(cl);
> + return null;
> + }
> + });
> + }
> + }
> +
> + /**
> * Get resource as stream
> *
> * @param cl
>
> Modified: spi/trunk/src/main/java/org/jboss/wsf/spi/util/ServiceLoader.java
> ===================================================================
> --- spi/trunk/src/main/java/org/jboss/wsf/spi/util/ServiceLoader.java 2009-09-17 15:30:33 UTC (rev 10711)
> +++ spi/trunk/src/main/java/org/jboss/wsf/spi/util/ServiceLoader.java 2009-09-18 08:56:42 UTC (rev 10712)
> @@ -75,18 +75,26 @@
> {
> Object factory = null;
> String factoryName = null;
> - ClassLoader loader = SecurityActions.getContextClassLoader();
> + ClassLoader cl = SecurityActions.getContextClassLoader();
> + ResourceCachingClassLoader loader;
> +
> + if (cl instanceof ResourceCachingClassLoader)
> + {
> + loader = (ResourceCachingClassLoader)cl;
> + }
> + else
> + {
> + loader = new ResourceCachingClassLoader(cl);
> + SecurityActions.setContextClassLoader(loader);
> + }
>
> // Use the Services API (as detailed in the JAR specification), if available, to determine the classname.
> String filename = "META-INF/services/" + propertyName;
> - InputStream inStream = SecurityActions.getResourceAsStream(loader, filename);
> - if (inStream != null)
> + if (loader.hasResourceNameFromServices(filename))
> {
> + factoryName = loader.getResourceNameFromServices(filename);
> try
> {
> - BufferedReader br = new BufferedReader(new InputStreamReader(inStream, "UTF-8"));
> - factoryName = br.readLine();
> - br.close();
> if (factoryName != null)
> {
> Class factoryClass = SecurityActions.loadClass(loader, factoryName);
> @@ -98,6 +106,29 @@
> throw new IllegalStateException("Failed to load " + propertyName + ": " + factoryName, t);
> }
> }
> + else
> + {
> + InputStream inStream = SecurityActions.getResourceAsStream(loader, filename);
> + if (inStream != null)
> + {
> + try
> + {
> + BufferedReader br = new BufferedReader(new InputStreamReader(inStream, "UTF-8"));
> + factoryName = br.readLine();
> + br.close();
> + loader.setResourceNameFromServices(filename, factoryName);
> + if (factoryName != null)
> + {
> + Class factoryClass = SecurityActions.loadClass(loader, factoryName);
> + factory = factoryClass.newInstance();
> + }
> + }
> + catch (Throwable t)
> + {
> + throw new IllegalStateException("Failed to load " + propertyName + ": " + factoryName, t);
> + }
> + }
> + }
>
> // Use the default factory implementation class.
> if (factory == null&& defaultFactory != null)
>
> _______________________________________________
> jbossws-commits mailing list
> jbossws-commits(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/jbossws-commits
--
Richard Opalka
JBoss Software Engineer
Mail: ropalka(a)redhat.com
Mobile: +420731186942
16 years, 6 months
[JBoss Messaging Development] - JBoss tests with new HSQLDB version
by freddt
HSQLDB 1.9 is nearing GA release.
This version improves in all areas, including transaction isolation, SQL and JDBC support. But most important for JBoss usage:
* improved reliability with large numbers of large sized row data which caused hsqldb cache purges and ocassional data errors with previous versions in MQ
* new LOB store which stores data at 10-20 MBytes / sec, (up to several terabytes of lobs and no size limit per lob) with data immediately committed to disk, and no time overhead with the MQ update query that is performed on each message cache store
* intended to be a drop-in replacement for the old jar
I would like to get this tested (or test myself) with a load test. Please co-ordinate and suggest the tests to download and run.
In order to use the LOB store, the table definition in JBoss should change from VARBINARY to BLOB. We may be able to introduce a workaround for this.
Fred Toussi
Maintainer, HSQLDB Project
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4256073#4256073
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4256073
16 years, 6 months
[JBoss Identity Development] - Re: secure web service with saml
by sguilhen@redhat.com
I think we will need to engage Alessio (or another member of the WS team) on this. Just as happens with other forms of authentication (like username/pw or SSL based), the security layer of the WS framework needs to be aware of the presence of a SAML assertion in the security headers in order to perform the authentication of the client using this assertion.
How does the authentication happen? Typically the assertion contains a proof-of-possession key that allows the WS framework to ensure that the assertion that has been presented by the caller indeed belongs to him. For example, an assertion can contain the caller's public key. When the caller invokes a web service he can sign the SOAP request using his private key. The WS framework can then use the public key contained in the assertion to verify the signature, establishing the association between caller and assertion.
Alternatively, a trusted party can vouch for the caller. In this scenario, a trusted party invokes a protected service on behalf of a different subject and presents that subject's assertion. The web service itself cannot make the association between subject and assertion - it relies on the trusted party's vouch.
Besides verifying the association between the caller and his assertion, the security layer must also validate the assertion contents - this is where the STS may be used. A WS-Trust validate request can be made to the STS, so it can verify the assertion's digital signature and validity period.
I don't know if our current WS implementation allows for SAML authentication, so we need some input from the WS team on what is already available and what would need to be implemented.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4255969#4255969
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4255969
16 years, 6 months