bbockelm
commented
11 years ago Hi Paul,
Do you need this in branch 2.0 also?
For my understanding, what are the example user applications here?
Brian
Closed paulmillar closed 11 years ago
bbockelm
commented
11 years ago Hi Paul,
Do you need this in branch 2.0 also?
For my understanding, what are the example user applications here?
Brian
paulmillar
commented
11 years ago Hi Brian,
Sorry for the delay (somehow github didn't tell me you replied)
The patch needs to be in a branch we can use for dCache. I guess the easiest thing for everyone would be to put it in the 2.0 branch and make a new release.
"user application" here is dCache. We rely that a delegated credential is Serializable (which the code promises but fails to deliver ;-)
Cheers,
Paul.
kofemann
commented
11 years ago So it turned up that API level should be java6. Please update the patch.
bbockelm
commented
11 years ago Hi Paul,
Any thoughts on updating the patch to keep it working with java6? I'm holding off on #63 as it would break the merge, but would like to get that one in eventually.
Brian
bbockelm
commented
11 years ago Hi Paul,
Any update on this?
Brian
paulmillar
commented
11 years ago Sorry, still haven't figured out how to get github to tell me when I have a message -- hence the delay.
I'll update the patch.
bbockelm
commented
11 years ago Hi @kofemann - I don't feel competent enough this morning to review the patch. Feel free to merge once you're happy with it.
kofemann
commented
11 years ago squash-committed ac43a4bdd59ced7e9e30de80fb8aec28cca660fe
kofemann
commented
11 years ago cherry-pick into v2.0 c83a2244253d1a0c3b006fda012224afdbdde128
In JGlobus v1.8, GlobusGSSCredentialImpl was Serializable. This feature is relied upon in application that use JGlobus.
Currently, the GlobusGSSCredentialImpl is marked Serializable, but contains a field, X509Credential, that is not serialisable. This then breaks the Serializable contract and attempts to serialise the object will fail.
X509Credential is not currently Serializable, but contains only one field member that prevents this: OpenSSLKey. Therefore, the critical part of this patch makes the abstract OpenSSLKey Serializable.
Note that the abstract class OpenSSLKey is a holder for the private key of a credential and allows certain operations on it. Only the IvParameterSpec field member prevents OpenSSLKey from being Serializable. The patch records the byte-array used to build the IvParameterSpec independently of the IvParameterSpec field member and marks the latter transient. When deserialising, the IvParameterSpec field member is rebuilt if the byte-array is not null.
A number of unit-tests are included to verify that, for both OpenSSLKey and GlobusGSSCredentialImpl, an object is equal to a serialised-then-deserialised version of that object. For this to work, missing equals methods were implemented and an existing equals method was fixed. Unit-tests are also added for these equals methods.