we have a command in apache felix to install an OSGi bundle i.e "felix:install Jar-file". My query is :Does this command also perform verification(before installing) of contents of jar-file against the signature with which it was signed earliar?
Or do we have any specific command in Apache felix to do the same.
If any above command does not perform verification then do i have to use
"jarsigner -verify jar-file" command provided by jarsigner tool in OSGi framework? if yes then how?
Or
do i have to write/embed some code/API in my own bundle code for verification which might run after installation and before resolving any the bundle's dependencies?if yes then what are those APIs provided by OSGi framework or some OSGi container implementaions(like Apache felix, Apache Ace, Equinox etc)?
Or does it require any configuration to set in OSGi bundle, specifically for signature verification?
please do share your some views.
Thanks
Related
I am trying to use Composer to update a Drupal module. After reading a lot, I am presuming that proc_open is disabled in my shared hosting env. If that is the case, can it be enabled for just one hostname or is it server-wide?
"The Process class relies on proc_open, which is not available on your PHP installation."
From the host: Cpanel states the shell php is system wide so we cannot edit it for just this site. (this comes directly from a ticket they used at cPanel)
The module I was trying to update is for Drupal, Webform latest stable version. Not recommended to update with GUI or Manually....
I understand that proc_open is a potential security risk to other hosts but is there ANY workaround short of a dedicated server? Upping the co$t of doing business by a LOT :)
$ composer require 'drupal/webform:^6.2#beta'
./composer.json has been updated
Running composer update drupal/webform
Loading composer repositories with package information
Updating dependencies
Lock file op#drupal/webform (6.2.0-beta1)
Writing lock file
Installing dependencies from lock file (including require-dev)
Nothing to install, update or remove
2 package suggestions were added by new dependencies, use `composer suggest` to see details.
Package doctrine/reflection is abandoned, you should avoid using it. Use roave/better-reflection instead.
Generating autoload files
Hardening vendor directory with .htaccess and web.config files.
41 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
Scaffolding files for drupal/core:
- Copy [web-root]/sites/default/default.services.yml from assets/scaffold/files/default.services.yml
- Copy [web-root]/sites/default/default.settings.php from assets/scaffold/files/default.settings.php
Installation failed, reverting ./composer.json and ./composer.lock to their original content.
[Symfony\Component\Process\Exception\RuntimeException]
The Process class relies on proc_open, which is not available on your PHP installation.
An osgi bundle in my application which runs inside fuse esb required pgp encryption provided by bouncycastle. Bouncycastle provider should not have an impact with other applications bundles / fuse esb functionality. Since bouncycastle is not an OSGI jar, how it can be added to fuse ESB environment ?
I repackaged bouncycastle jar as an OSGI jar but it gives the signature error. I copied the jar to JDK security directory but my application bundle does not start saying bouncycastle classes not found. Same with copying to karaf external library directory.
You didn't specify the version of Fuse ESB (then called JBoss Fuse, now called Red Hat Fuse). I used Fuse 7.6.
I checked trivial pgp example and all I needed was to add bcpg-jdk15on-164.jar to $FUSE_HOME/lib/ext - this directory already contains bcpkix and bcprov libraries. OpenPGP support is however provided from bcpg library.
From OSGi point of view, you just need proper imports (or dynamic imports). No need to install any bundles, because everything is configured in $FUSE_HOME/etc/config.properties:
org.osgi.framework.bootdelegation = \
...
sun.*, \
org.bouncycastle, \
org.bouncycastle.*, \
...
If you're using JBoss Fuse 6.x, it's the same. Just $FUSE_HOME/lib/ext contains only bcprov-jdk15on.jar.
1) Add bouncycastle jar files to lib/ext
2) Add bouncycastle packages to bootdelegation in etc/config.properties ( as above first answer)
3) Explicitly remove bouncycastle packages from imports section of maven-bundle-plugin
<Import-Package>
!org.bouncycastle.jce.*,
!org.bouncycastle.bcpg.*,
!org.bouncycastle.openpgp.*,
!org.bouncycastle.openpgp.operator.*,
!org.bouncycastle.openpgp.operator.bc.*,
!org.bouncycastle.openpgp.operator.jcajce.*,
*
</Import-Package>
4) Import those packages in dynamic import section
I have installed OroCRM 4.1 version.The requirejs bundle doesn't seem to have loaded. I checked the bundles folder and i do not see the ororequirejs folder there, which was present in the previous version (4.0). Because of this the custom extension i have that uses require to include js files are failing. I tried php bin/console oro:requirejs:build command but its failing with the messsage There are no commands defined in the "oro:requirejs" namespace. Can someone help me fix this issue?
RequireJsBundle is not available in OroCRM 4.1, as an application migrated to the webpack build.
Please, follow the migration guide referenced from CHANGELOG.md:
https://github.com/oroinc/platform/blob/master/CHANGELOG.md#requirejsbundle
I am very new at OSGI and trying to run jsf application on an OSGI Framework. For this purpose, I am trying to deploy ".war" file to apache karaf 3.0.3. Firstly, i installed war feature to karaf by using
feature:install -v war
command. Then, i moved my .war file to "deploy" folder of karaf. I got some dependency errors which avoid my war file to be active. So, i moved neccessary .jar files to deploy folder and managed to make my .war file "active". But when i try to reach .xhtml page by this link "http://localhost:8181/JavaServerFaces/hello.xhtml", i got "Not found" error. I examined log file of apache, and there was exception:
"java.lang.ClassNotFoundException:
org.apache.myfaces.webapp.StartupServletContextListener not found by
JavaServerFaces"
Despite removing these lines
<listener-class>org.apache.myfaces.webapp.StartupServletContextListener</listener-class>
from web.xml and redeploy .war file, i got same exception. What should i do to get rid of this error? Am i missing a basic thing of OSGI or something else?
Thanks for suggestions.
Please take a look at how the Pax Web Samples are doing it.
You'll need a OSGi ready version of an JSF implementation. Pax Web has been tested with myfaces.
A working JSF sample application can be found at the pax web samples
Beginning with Karaf 4 and Pax Web 4, there is a feature that'll install all required bundles. As you're using Karaf 3 right now, just take a look at the following list:
<bundle>mvn:org.apache.myfaces.core/myfaces-api/${jsf-myfaces.version}</bundle>
<bundle>mvn:org.apache.myfaces.core/myfaces-impl/${jsf-myfaces.version}</bundle>
<bundle>mvn:org.apache.servicemix.specs/org.apache.servicemix.specs.jsr250-1.0/2.0.0</bundle>
<bundle>mvn:org.apache.servicemix.specs/org.apache.servicemix.specs.jsr303-api-1.0.0/1.8.0</bundle>
<bundle>mvn:org.apache.geronimo.bundles/commons-discovery/0.4_1</bundle>
<bundle>mvn:commons-beanutils/commons-beanutils/1.8.3</bundle>
<bundle>mvn:commons-collections/commons-collections/3.2.1</bundle>
<bundle>mvn:commons-codec/commons-codec/1.8</bundle>
<bundle>mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.commons-digester/1.8_4</bundle>
These are the required bundles to start with JSF in karaf.
I have my application which runs in Jboss Fuse on Linux. I deploy my artifacts as jar files under the /deploy directory. I was planning to make use of Cobertura to get code coverage report after executing my jmeter tests. I instrumented my jars and placed under /deploy. I ran my jmeter tests.
Now I am unable to find the location where .ser file will be present.
I tried searching inside fuse directory.
Can anyone help me in getting Cobertura working with Jboss Fuse?
For most versions of Cobertura, you can add:
-Dnet.sourceforge.cobertura.datafile=<filename>.ser
to the JBoss/JVM startup parameters (e.g. run.conf) to specify explicitly the file where you want the report to be created.
Also, you need to make sure the cobertura.jar itself is present in the classpath if you haven't done so yet.