Skip to main content
Jump to: navigation, search

EclipseLink/Bugs/305331

< EclipseLink‎ | Bugs
Revision as of 11:54, 12 March 2010 by Michael.obrien.oracle.com (Talk | contribs) (Bug Analysis Document: 305331: EclipseLink deployment on JBoss EAP 5.0.0 GA using signed JPA 1.0 ejb3-persistence.jar)

Bug Analysis Document: 305331: EclipseLink deployment on JBoss EAP 5.0.0 GA using signed JPA 1.0 ejb3-persistence.jar

Document History

Date Author Version Description & Notes
20100312 Michael O'Brien 1.0 Initial investigation of solution scenarios

Status

  • In progress 20100311

Overview

  • The EAP 5.0.0 GA version of the JBoss Application Server ships with signed library jars. This presents a problem for users of EclipseLink that place our unsigned implementation jar eclipselink.jar beside the JPA 1.0 javax specification jar - ejb3-persistence.jar in the common/lib library folder off the server. On deploymehnt in EAP 5.0.0 GA we receive a Security Exception because of the difference in security levels.
  • The Community Edition of JBoss 5.1.0 and 6.0.0 M1 do not have these issues because their library jars are unsigned.
  • This document details several possible solutions to this signed jar issue and recommends the best approach.

Concepts

JPA Specification Notes

JPA 1.0 Specification

JPA 2.0 Specification

Reproduction

Prerequisites

Data Model

Use Case 1:

StackTrace

Logs

Analysis

Option 1: Replace signed ejb3-persistence.jar with an unsigned version from JBoss 5.1.0 community edition - valid

Server Configuration 1:

Client Configuration 1:

Results 1:

Option 2: Ship signed eclipselink.jar - invalid

  • This option has us sign our eclipselink.jar with jarsigner - however we do not have access to the private keys used to sign the JBoss libraries so this is currently not feasible.

Server Configuration 2:

Client Configuration 2:

Results 2:

Option 3: Global Shared Library - Server level scope - verifying

  • In this option we create a global shared library on the server or in a jar-only EAR that is accessible to all server applications.
  • This shared library must override the common/lib/ejb3-persistence.jar.

Server Configuration 3:

Client Configuration 3:

Results 3:

Option 4: Application Shared Library - Local EAR level scope - verifying

Server Configuration 4:

Client Configuration 4:

Results 4:

Option 5: Generate an eclipselink jar with the JPA 2.0 dependencies removed

Server Configuration 5:

Client Configuration 5:

Results 5:

Open Issues

Issue # Owner Description / Notes
I1 mobrien -

Decisions

Issue # Description / Notes Decision

Future Considerations

References

Back to the top