Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] shibboleth idp webapp under jetty 12.0.7 
On 3/26/2024 6:33 AM, Jan Bartel via jetty-users wrote:
Sorry, I have a fix already, so I raised the relevant issue to get the issue tracking number:
Thank you both for such a quick response to my question and so expedited a resolution to the issue. I will leave copyWebInf=false for now as a workaround and regroup when 12.0.8 is released.
On Tue, 26 Mar 2024 at 09:19, Greg Wilkins via jetty-users <jetty-users@xxxxxxxxxxx <mailto:jetty-users@xxxxxxxxxxx>> wrote: 

    Paul,

    Jetty will extract from to a temp web-inf directory to avoid the jar
inside war class loading issues when a war file is not unpacked.  It should not be doing this if the webapp is unpacked.  It should 
    definitely not put both on the classpath.

    I think we may have a bug here.  We will investigate.  To better
    track this, can you open an issue
    <https://github.com/jetty/jetty.project/issues> and paste your
    message in as the description.

    regards


    On Tue, 26 Mar 2024 at 04:54, Paul B. Henson via jetty-users
    <jetty-users@xxxxxxxxxxx <mailto:jetty-users@xxxxxxxxxxx>> wrote:

        I'm currently running the shibboleth idp webapp 4 under jetty 9, and
        trying to migrate to idp 5 using jetty 12. I've run into an odd
        problem,
        I get the following error:

        Caused by:
        org.springframework.beans.factory.BeanCreationException: Error
        creating bean with name 'flowRegistry' defined in class path
        resource [net/shibboleth/idp/conf/webflow-config.xml]: Illegal
        attempt to register pre-existing flow ID 'authn/DuoOIDC'via
        resource: URL
        [jar:file:/var/lib/jetty/tmp/jetty-127_0_0_1-80-idp_war-_idp-any-10824638488520165161/webapp/WEB-INF/lib/idp-plugin-duo-impl-2.0.0.jar!/META-INF/net/shibboleth/idp/flows/authn/DuoOIDC/duo-oidc-authn-flow.xml]

        This generally occurs if there are multiple copies of the jar on the
        classpath, such as if the war accidentally included more than
        one (which
        isn't the case here).

        The deployment descriptor for the idp app is:

        <Configure class="org.eclipse.jetty.ee9.webapp.WebAppContext">
                 <Set name="war">/opt/shibboleth-idp/war/idp.war</Set>
                 <Set name="contextPath">/idp</Set>
                 <Set name="extractWAR">false</Set>
                 <Set name="copyWebDir">false</Set>
                 <Set name="copyWebInf">true</Set>
        </Configure>

        which is the recommended config per the idp documentation. With this
        config, I see two separate copies of the jar in the jetty tmp
        directory,
        one in webapp and one in webinf:

        # find | grep duo
        ./webapp/WEB-INF/lib/idp-plugin-duo-nimbus-client-impl-2.0.0.jar
        ./webapp/WEB-INF/lib/idp-plugin-duo-impl-2.0.0.jar
        ./webapp/WEB-INF/lib/idp-plugin-duo-api-2.0.0.jar
        ./webinf/WEB-INF/lib/idp-plugin-duo-nimbus-client-impl-2.0.0.jar
        ./webinf/WEB-INF/lib/idp-plugin-duo-impl-2.0.0.jar
        ./webinf/WEB-INF/lib/idp-plugin-duo-api-2.0.0.jar

        If I update the config and set copyWebInf=false, there's only
        one copy
        of the jar in the tmp directory (in webapp) and everything works
        fine.

        Looking at my existing jetty 9 deployment, there's only the webinf
        directory in the tmp dir, not the webapp one. If I update my jetty 9
        config and set extractWAR=true, then I get the same multiple
        copies (one
        in webapp, one in webinf) as I do with extractWAR=false in jetty 12,
        although this doesn't cause an error under jetty 9. If I set
        extractWAR=true under jetty 12, I see no change in the content
        of the
        tmp directory as compared to extractWAR=false.

        So I'm confused. Why is jetty 12 apparently extracting the war when
        extractWAR=false? And when it does, how come the same jar file
        seems to
        get processed twice, when that doesn't occur under jetty 9 with
        extractWAR=true?

        I'm not sure if I'm hitting a bug or have something
        misconfigured. It
        seems to be working now with copyWebInf=false, but that also
        seems more
        of a workaround than a resolution. This feels buggy, that jetty is
        extracting the war when it shouldn't be, and also loading the
        same jars
        from two different places when the war is extracted *and*
        copyWebInf=true.
        But I'm far from a jetty expert :).

        Thanks for any hints...

        _______________________________________________
        jetty-users mailing list
        jetty-users@xxxxxxxxxxx <mailto:jetty-users@xxxxxxxxxxx>
        To unsubscribe from this list, visit
        https://www.eclipse.org/mailman/listinfo/jetty-users
        <https://www.eclipse.org/mailman/listinfo/jetty-users>
-- Greg Wilkins <gregw@xxxxxxxxxxx <mailto:gregw@xxxxxxxxxxx>> CTO 
    http://webtide.com <http://webtide.com>
    _______________________________________________
    jetty-users mailing list
    jetty-users@xxxxxxxxxxx <mailto:jetty-users@xxxxxxxxxxx>
    To unsubscribe from this list, visit
    https://www.eclipse.org/mailman/listinfo/jetty-users
    <https://www.eclipse.org/mailman/listinfo/jetty-users>



--
Jan Bartel <janb@xxxxxxxxxxx <mailto:janb@xxxxxxxxxxx>>
www.webtide.com <http://www.webtide.com>
/Expert assistance from the creators of Jetty and CometD/


_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users

Back to the top