1<<if: ZXIDBOOK>> 2<<else: >>Java JNI Interface to ZXID 3########################## 4<<author: Sampo Kellom�ki (sampo@iki.fi)>> 5<<cvsid: $Id: zxid-java.pd,v 1.7 2010-01-08 02:10:09 sampo Exp $>> 6<<class: article!a4paper!!ZXID-JAVA 02>> 7<<define: ZXDOC=ZXID Java Interface>> 8 9<<abstract: 10 11ZXID.org Identity Management toolkit implements standalone SAML 2.0 and 12Liberty ID-WSF 2.0 stacks. This document describes the Java glue. 13 14>> 15 16<<maketoc: 1>> 17 181 Introduction 19============== 20 21Most Java +Servlets+ can be SSO enabled without any additional 22programming effort. zxidsrvlet.java provides a fully packaged SSO 23component that can be added to any servlet deployment (e.g. under 24Tomcat) to provide SSO functionality just by configuring the servlet 25engine (e.g. Tomcat). The zxidappdemo.java provides an example of how 26this is done. 27 28The Java glue for ZXID was generated using swig(1), however, the swig 29interface is not a retrofit: the whole ZXID API was designed to 30be easily swiggifiable. 31 32The main aim of the glue is supporting the easy and simple API, see 33<<link:zxid-simple.html: zxid_simple()>> for general 34reference. Only differences and language specifics are covered in this 35document. 36 37 381.1 Other documents 39------------------- 40 41<<doc-inc.pd>> 42 439 Java Native API (JNI): zxidjava package and zxidjni class 44=========================================================== 45 46<<fi: >> 47 489.1 Installing Binaries or from Package 49--------------------------------------- 50 51Currently (2011) ZXID.org itself does not distribute relevant binaries. However, 52we may in future. You are also welcome to contribute binaries so we distribute 53them, or point people to them in this documentation. 54 55(*** WIP) 56 579.1.1 TAS3 Distributions 58~~~~~~~~~~~~~~~~~~~~~~~~ 59 60If you are TAS3 (http://www.tas3.eu/) deployer, you should use 61T3-SSO-ZXID-JAVA from their component pool. 62 639.2 Building the JNI from Source 64-------------------------------- 65 66The steps are 67 68 wget http://zxid.org/zxid-0.4x.tgz # Remember to check for latest version 69 tar xf zxid-0.40.tgz 70 cd zxid-0.40 71 make javazxid # Also builds libzxid and main distribution 72 73You must have set ~JNI_INC~ variable correctly in the Makefile (or in 74localconf.mk) and ~javac~ must be in path (or you must set ~JAVAC~ 75variable). For the servlet or Tomcat support, you must make sure 76~SERVLET_PATH~ points to your servlet-api.jar file. The ZXID Java 77interface has been mainly tested with ~j2sdk1.4.2~ and some versions 78of Java SDK 1.5 and 1.6. 79 80> *Advanced compile*: 81> If you have done changes that require regeneration of the 82> zxidjava/zxid_wrap.c file you should build with 83> 84> <<tt: make javazxid ENA_GEN=1 >> 85> 86> but this requires that you have swig(1) installed. Depending 87> on the changes, it may also require xsd2sg.pl and gperf(1), 88> see "Compilation for Experts" section, above, for full 89> explanation. As of January 2007, all of the Java JNI interface 90> is swig(1) generated - there are no human authored files. However, 91> we anticipate building a helper Java library to facilitate 92> use of the JNI - contributions welcome. 93 94After compilation, just copy the class files and the libzxidjni.so 95to suitable locations in your system (Makefile lacks any specific 96Java installation target because the author has not yet made up his 97mind about what makes sense). When you run Java programs that 98use the zxidjni class, you must make sure the libzxidjni.so is 99found by the dynamic linker - usually this means setting ~LD_LIBRARY_PATH~ 100environment variable. The zxid-java.sh shell script demonstrates 101how to do this for the example CGI program zxid.java. 102 1039.1.1 MacOS X: JNI Notes 104~~~~~~~~~~~~~~~~~~~~~~~~ 105 106* The resulting library is called libzxidjni.jnilib 107* You may need to supply additional arguments to 108 java command: 109 110 java -classpath .:zxidjava -Djava.library.path=zxidjava zxid 111 112* On Mac, it seems ~export LD_LIBRARY_PATH=zxidjava~ is not needed. 113 114 1159.2 Java Servlet Example Using Tomcat 116------------------------------------- 117 118Consider following example +payload+ servlet (from zxidappdemo.java): 119 120<<ignore: perl -ne 'printf "%02d %s", ++$i, $_' <zxidappdemo.java >> 121 122<<code: 12301 import zxidjava.*; // Pull in the zxidjni.az() API 12402 import java.io.*; 12503 import javax.servlet.*; 12604 import javax.servlet.http.*; 12705 12806 public class zxidappdemo extends HttpServlet { 12907 public void doGet(HttpServletRequest req, HttpServletResponse res) 13008 throws ServletException, IOException 13109 { 13210 String fullURL = req.getRequestURI(); 13311 if (req.getQueryString() != null) 13412 fullURL += "?" + req.getQueryString(); 13513 System.err.print("Start ZXID App Demo GET("+fullURL+")...\n"); 13614 HttpSession ses = req.getSession(false); // Important: do not allow automatic session. 13715 if (ses == null) { // Instead, redirect to sso servlet. 13816 res.sendRedirect("sso?o=E&fr=" + fullURL); 13917 return; 14018 } 14119 14220 res.setContentType("text/html"); 14321 res.getOutputStream().print("<title>ZXID Demo App Protected Content</title><body><h1>ZXID Demo App Protected Content at " + fullURL + "</H1>\n"); 14422 14523 // Render logout buttons (optional) 14624 14725 res.getOutputStream().print("[<a href=\"sso?gl=1&s="+ses.getValue("sesid")+"\">Local Logout</a> | <a href=\"sso?gr=1&s="+ses.getValue("sesid")+"\">Single Logout</a>]\n"); 14826 14927 // The SSO servlet will have done one iteration of authorization. The following 15028 // serves to illustrate, how to explicitly call a PDP from your code. 15129 15230 if (zxidjni.az("PATH=/var/zxid/", "Action=Show", ses.getValue("sesid").toString()) == 0) { 15331 res.getOutputStream().print("<p><b>Denied.</b> Normally page would not be shown, but we show the session attributes for debugging purposes.\n"); 15432 //res.setStatus(302, "Denied"); 15533 } else { 15634 res.getOutputStream().print("<p>Authorized.\n"); 15735 } 15836 15937 // Render protected content page (your application starts working) 16038 16139 res.getOutputStream().print("<pre>HttpSession dump:\n"); 16240 String[] val_names = ses.getValueNames(); 16341 for (int i = 0; i < val_names.length; ++i) { 16442 res.getOutputStream().print(val_names[i] + ": " + ses.getValue(val_names[i]) + "\n"); 16543 } 16644 16745 res.getOutputStream().print("</pre>"); 16846 } 16947 } 170>> 171 172On lines 14-18 we check whether the servlet session is active. If it 173is, there is nothing more to do and we proceed to the application, 174on line 20. However, if the session does not exist yet, we trigger 175Single Sign-On by redirecting the user to /sso (this must match 176the configuration in servlet/WEB-INF/web.xml). A very important 177part of the redirect is supplying the +fr+ query string parameter (l.16) 178which allows the SSO servlet to redirect the user back to the 179original application after the SSO. The o=E query string parameter 180is needed as well and will trigger the IdP selection screen. Alternatively 181you could supply your own IdP selection screen. 182 183On first attempt to access the protected content, the if on l.15 will 184trigger, sending the user to the Single Sign-On. On second attempt (i.e. 185just after the SSO) the if will not fire and application can start its 186normal operation, outputting the protected content page (l.20). 187 188On line 25 we render the logout buttons. This is optional, but your 189web site user interface should include these buttons somewhere. It is 190important that the query strings for the buttons indicate the 191operation (gl=1 means local logout, gr=1 means Single Logout (SLO) and 192the session ID (s=...) which you can obtain from the servlet session 193under name "sesid". Clicking these links will send the user to the 194SSO servlet with appropriate information to end the session. After 195logout, the user will land on IdP selection screen, where he can 196login again, if desired. 197 198On ll.30-35 we perform an optional authorization check. Usually, if 199configured, an authorization step is taken already during the SSO 200servlet phase. However, sometimes the generic authorization is 201not specific enough and the application wants to make an explicit 202authorization request to a PDP. Calling zxidjni.az() accomplishes 203just that. It is pulled in by the import statement on l.1. The 204first argument is a configuration string, which usually has just one 205argument: the ZXID directory PATH (normally "/var/zxid/"), 206but it could contain additional options such as 207 208PDP_CALL_URL:: URL of the PDP to call. Default is not to call any 209 PDP, i.e. attempting to call zxidjni.az() without this set 210 in either /var/zxid/zxid.conf configuration file or in the 211 conf string is futile. 212NEED:: Comma separated list of the attributes needed for decision. 213 If an attribute or a wild card is not listed in the NEED or WANT, 214 it is not passed to the PDP. Thus, it is not sufficient to 215 supply an attribute in query string: it is also necessary 216 to list it, or a wild card, in NEED or WANT as well as in PEPMAP. 217WANT:: Comma separated list of the attributes useful (but not needed) 218 for decision. 219PEPMAP:: How tp pass attributes from attribute pool, or the query 220 string argument, to the PDP. If attribute or wild card is not 221 listed in the PEPMAP, it is not passed to the PDP. 222 223It is important that you address NEED and PEPMAP in your configuration. 224Without them the attributes supplied in query string argument 225will not be passed on to the PDP. 226 227The second argument ("Action=Show") allows you to pass in attributes 228that were not part of the context before. Each attribute is considered 229accoring to NEED, WANT, and PEPMAP configurations and is classified 230as belonging in Subject, Resource, Action, or Environment categories. 231You would typically supply using thsi argument the specifics of 232the application dependent operation that is to be authorized. 233 234The third argument specifies the ZXID session ID, which is used to 235fetch some additional attributes. 236 2379.2.1 Configuring SSO Servlet to Tomcat 238~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 239 240In addition to your own applet that redirects to the SSO servlet, 241you need to configure Tomcat to recognize both your applet and 242the SSO applet. This is typically done by editing servlet/WEB-INF/web.xml 243file (servlet/WEB-INF/web.xml in zxid source tree). Consider 244 245<<code: 24601 <web-app> 24702 24803 <display-name>ZXID SSO Servlet Example</display-name> 24904 <description>SSO capability for other servlets.</description> 25005 25106 <servlet> 25207 <servlet-name>zxidsrvlet</servlet-name> 25308 <servlet-class>zxidsrvlet</servlet-class> 25409 <init-param> 25510 <param-name>ZXIDConf</param-name> 25611 <param-value>PATH=/home/sampo/sidemo/zxid/sp.employeedata.eu:8444/</param-value> 25712 </init-param> 25813 </servlet> 25914 26015 <servlet-mapping> 26116 <servlet-name>zxidsrvlet</servlet-name> 26217 <url-pattern>/sso</url-pattern> 26318 </servlet-mapping> 26419 26520 <servlet> 26621 <servlet-name>zxidappdemo</servlet-name> 26722 <servlet-class>zxidappdemo</servlet-class> 26823 <init-param> 26924 <param-name>ZXIDConf</param-name> 27025 <param-value>PATH=/home/sampo/sidemo/zxid/sp.employeedata.eu:8444/</param-value> 27126 </init-param> 27227 </servlet> 27328 27429 <servlet-mapping> 27530 <servlet-name>zxidappdemo</servlet-name> 27631 <url-pattern>/appdemo</url-pattern> 27732 </servlet-mapping> 27833 27934 </web-app> 280>> 281 282Here lines 20-32 represent your own payload application. The 283<servlet-name> is used to match together <servlet> and the 284<servlet-mapping> sections. <servlet-class> points to the Java class 285file that implements the servler, in this case zxidappdemo.class. 286You can pass configuration data using <init-data> element: use ZXIDConf 287as <param-name> and ZXID configruation syntax for <param-value>. These 288configuration options are additive to default config and previously read config 289files, such as /var/zxid/zxid.conf. You only need to specify what changes 290viz-a-viz the already read configuration. You application needs to 291use the getServletConfig().getInitParameter("ZXIDConf") Java method to actually 292pull in the config string. If your servlet hardcodes the config string, 293then the <init-params> does not have any effect. 294 295> N.B. Unlike in Apache2 httpd.conf where ZXIDConf directive 296> can appear multiple times, you can have only one init param 297> called "ZXIDConf". Thus if you have more than one parameter, 298> you have to combine them using URL syntax, i.e. with "&" (ampersand) as separator, 299> but this in turn causes complication because "&" is used in XML entity 300> escapes, so actually you have to write &, for example: 301> 302> <init-param> 303> <param-name>ZXIDConf</param-name> 304> <param-value>PATH=/home/sampo/sidemo/zxid/sp.employeedata.eu:8444/&URL=sp.employeedata.eu:8444/e2eTA/sso&NICE_NAME=Nice+Example</param-value> 305> </init-param> 306> 307> Confused yet? 308 309Finally <url-pattern> specifies where in the web servers hierarchy the 310servlet will appear. Here you have to realize that the pattern will be 311prefixed by the directory path where the servlet lives (i.e. in our 312example the actual path is /zxidservlet/appdemo). 313 314ll.06-18 represent the SSO servlet. As can be seen, the corresponding 315class file is zxidsrvlet.class, which you will find at top level 316of the zxid distribution after compiling. The <url-pattern> 317and the servlet directory MUST match the redirection on l.16 318of the servlet code example above. If application servlet and 319the SSO servlet live in the same directory, mere local redirect 320will do the trick, as illustrated on l.16. 321 322The <url-pattern> also MUST correspond to the URL parameter in the 323/var/zxid/zxid.conf file (the URL parameter is also prefix of the 324EntityID which is also the Well Know Location (WKL) for metadata 325exchange). 326 3279.3 Running as servlet under Tomcat 328----------------------------------- 329 330> N.B. Servlet is known to run under JBOSS as well. 331 332ZXID distribution contains subdirectory called ~servlet~. You should 333link this into webapps directory of Tomcat servlet container 334 335 cd ~/apache-tomcat-5.5.20/webapps 336 ln -s ~/zxid-0.34/servlet zxidservlet 337 338and also 339 340 cd ~/apache-tomcat-5.5.20/webapps/zxidservlet/WEB-INF 341 ln -s ../.. classes 342 343You also need to set ~allowLinking~ flag in 344apache-tomcat-5.5.20/conf/context.xml (the ~reloadable~ 345flag avoids having to restart Tomcat if you recompile 346the .class file): 347 348 <Context allowLinking="true" 349reloadable="true">... 350 351In Tomcat6 the file might be /etc/tomcat6/context.xml 352 353> N.B. It has been reported that on Tomcat6 this is broken and 354> symlinks can not be made to work, so your only option is to 355> simply copy the files over, e.g. 356> 357> cd /var/lib/tomcat6/webapps 358> cp -r ~/zxid-1.10/servlet zxidservlet 359> cd /var/lib/tomcat6/webapps/zxidservlet/WEB-INF 360> mkdir classes # if not existing yet 361> cp -r ~/zxid-1.10/*.class ~/zxid-0.34/zxidjava classes/ 362> sudo cp ~/zxid-1.10/zxidjava/libzxidjni.so /usr/lib 363> sudo chmod a+rx /usr/lib/libzxidjni.so 364 365The file servlet/WEB-INF/web.xml describes the example zxid 366application. The actual application lives in servlet/WEB-INF/classes 367which is actually just a symlink back to the top level of the ZXID 368distribution. Therefore the zxidhello.class file appears on the top 369level and the wrapper classes, which are scoped in ~zxidjava~ package, 370appear in zxidjava/ subdirectory. From the servlet container's 371perspective the directory appears to be 372apache-tomcat-5.5.20/webapps/zxidservlet/WEB-INF/classes/zxidjava 373 374After ~make javazxid~ and restart of Tomcat (~killall java; 375apache-tomcat-5.5.20/bin/startup.sh~), you can access the application 376using URL (defined in servlet/WEB-INF/web.xml) 377 378 make javazxid 379 export JAVA_HOME=/apps/java/j2sdk1.4.2 380 export LD_LIBRARY_PATH=~/zxid-0.34/zxidjava:$LD_LIBRARY_PATH 381 cd ~/apache-tomcat-5.5.20 # Need to be here to avoid class path problems 382 killall java; bin/startup.sh 383 tail -f ~/apache-tomcat-5.5.20/logs/catalina.out & 384 http://sp1.zxidsp.org:8080/zxidservlet/zxidHLO?o=E 385 386N.B. You should make sure sp1.zxidsp.org resolves to the machine 387where you are running Tomcat, e.g. localhost (127.0.0.1). 388 3899.4 Using ZXID with AXIS2 390------------------------- 391 392 axis2-1.4.1-war.zip 393 zxidservlet/META-INF/module.xml 394 /d/sampo/apache-tomcat-5.5.20/webapps/axis2/WEB-INF/services/META-INF/services.xml 395 /d/sampo/apache-tomcat-5.5.20/webapps/axis2/WEB-INF/conf/axis2.xml 396 3979.5 Programming with ZXID Java API 398---------------------------------- 399 400For detailed usage examples of the Java interface you should study 401the zxid.java file. 402 403The Java interface is contained in a package called ~zxidjava~. This 404package contains the main wrapper class ~zxidjni~ as well as a number 405of data type specific classes. The ~zxidjni~ class is just 406a container for procedural zxid API - all methods of this class 407are static. 408 409To start using the ZXID Java interface you need to do two 410things: 411 412 import zxidjava.*; 413 414somewhere near top of your program pulls in the zxidjava package, 415including the zxidjni class. Then you need to have a static 416initializer somewhere in your program to pull in the libzxidjni.so: 417 418 public class myprog { 419 static { 420 System.loadLibrary("zxidjni"); 421 } 422 423 public static void main(String argv[]) throws java.io.IOException 424 { 425 // ... 426 } 427 } 428 429From here on you can call the C API procedures as static methods 430of the zxidjni class, e.g: 431 432 cf = zxidjni.new_conf("/var/zxid/"); 433 434Note that the ~zxid_~ prefix is omitted in favour of the ~zxidjni~ 435class name qualifier. 436 4379.5.1 Integrating SSO Directly to Your Java Servlet 438~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 439 440Although zxidsrvlet.java provides a "no programming required" 441SSO integration for Servlet, just like mod_auth_saml provides 442for Apache httpd, sometimes you will want to integrate SSO 443directly into your servlet, e.g. to avoid distributing a second 444servlet. 445 446(*** also in zxid-simple.pd) 447 448Consider 449 450 01 import zxidjava.*; 451 02 import java.io.*; 452 03 import javax.servlet.*; 453 04 import javax.servlet.http.*; 454 05 public class zxidhlo extends HttpServlet { 455 06 static { System.loadLibrary("zxidjni"); } 456 07 static final String conf 457 08 = "PATH=/var/zxid/&URL=http://sp1.zxidsp.org:8080/zxidservlet/zxidHLO"; 458 09 public void do_zxid(HttpServletRequest req, HttpServletResponse res, String qs) 459 10 throws ServletException, IOException { 460 11 String ret = zxidjni.simple(conf, qs, 0xd54); 461 12 switch (ret.charAt(0)) { 462 13 case 'L': /* Redirect: ret == "LOCATION: urlCRLF2" */ 463 14 res.sendRedirect(ret.substring(10, ret.length() - 4)); 464 15 return; 465 16 case '<': 466 17 switch (ret.charAt(1)) { 467 18 case 's': /* <se: SOAP envelope */ 468 19 case 'm': /* <m20: metadata */ 469 20 res.setContentType("text/xml"); 470 21 break; 471 22 default: 472 23 res.setContentType("text/html"); 473 24 break; 474 25 } 475 26 res.setContentLength(ret.length()); 476 27 res.getOutputStream().print(ret); 477 28 break; 478 29 case 'd': /* Logged in case */ 479 30 //my_parse_ldif(ret); 480 31 res.setContentType("text/html"); 481 32 res.getOutputStream().print(zxidjni.fed_mgmt(conf, sesid, 0xd54)); 482 33 break; 483 34 default: 484 35 System.err.print("Unknown zxid_simple() response:"); 485 36 System.err.print(ret); 486 37 } 487 38 } 488 39 public void doGet(HttpServletRequest req, HttpServletResponse res) 489 40 throws ServletException, IOException { 490 41 // LECP/ECP PAOS header checks 491 42 do_zxid(req, res, req.getQueryString()); 492 43 } 493 44 public void doPost(HttpServletRequest req, HttpServletResponse res) 494 45 throws ServletException, IOException { 495 46 String qs; 496 47 int len = req.getContentLength(); 497 48 byte[] b = new byte[len]; 498 49 int got = req.getInputStream().read(b, 0, len); 499 50 qs = new String(b, 0, got); 500 51 do_zxid(req, res, qs); 501 52 } 502 53 } 503 5049.6 Known Problems and Limitations 505---------------------------------- 506 507The zx_str type is generally NOT nul terminated. We try to 508map these in the SWIG type maps, but any function returning 509char* currently maps to Java String type, yet there is no 510way of knowing how long the string type is. Therefore 511it's not safe to call functions returning char*. For example, 512consider 513 514 int zx_LEN_SO_sa_Action(struct zx_ctx* c, struct zx_sa_Action_s* x); 515 char* zx_ENC_SO_sa_Action(struct zx_ctx* c, struct zx_sa_Action_s* x, char* p); 516 struct zx_str* zx_EASY_ENC_SO_sa_Action(struct zx_ctx* c, struct zx_sa_Action_s* x); 517 518The intent of the LEN_SO plus ENC_SO pair is that you first compute 519length, allocate sufficient buffer, and then render the encoding into 520the buffer. The ENC_SO in fact returns char* one past the end of the 521string. It is NOT safe to cal ENC_SO from Java because the SWIG 522generated interface would make Java believe that the char* one past 523end of string is a C string in its own right. Thus the only 524safe one to call is the EASY_ENC_SO variant. 525 5269.7 Troubleshooting class loader 527-------------------------------- 528 5299.7.1 Symlinks 530~~~~~~~~~~~~~~ 531 532If you get 533 534 java.lang.ClassNotFoundException: zxidhlo 535 org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1355) 536 org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1201) 537 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) 538 org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) 539 org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) 540 org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) 541 org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) 542 org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80) 543 org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) 544 java.lang.Thread.run(Thread.java:595) 545 546Then you forgot to turn on the symlinks (see ~allowLinking~, above). Or you 547forgot to make the symlinks (e.g. ln -s ../.. classes). Alternately can 548just copy the files and directories to the right place in the Tomcat tree. 549See section "Running as servlet under Tomcat", above. 550 551Following is another manifestation of the same problem: 552 553 javax.servlet.ServletException: Wrapper cannot find servlet class zxidappdemo or a class it depends on 554 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) 555 org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) 556 org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) 557 org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) 558 org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) 559 org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80) 560 org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) 561 java.lang.Thread.run(Thread.java:534) 562 563 root cause 564 565 java.lang.ClassNotFoundException: zxidappdemo 566 org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1355) 567 org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1201) 568 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) 569 org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) 570 org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) 571 org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) 572 org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) 573 org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80) 574 org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) 575 java.lang.Thread.run(Thread.java:534) 576 577Overall, it is incomprehensible why Tomcat developers hate symlinks so 578much that they make every effort to deny the developers benefit of 579this useful mechanism. 580 581In Tomcat6 the symlink enablement receipe of Tomcat5 apparently does 582not work any longer and the web is full of confused users who loose 583hours and days wrestling with this problem. If you are stuck with 584this, do yourself a favor: just copy the directory and files that the 585symlink would have pointed to. Its suboptimal, but in the end of the 586day it works. 587 588It is also worthwhile to explicitly check that the classes it is 589looking for have actually been compiled. 590 5919.7.2 Class Path or Java Version 592~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 593 594If you get 595 596 javax.servlet.ServletException: Error allocating a servlet instance 597 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) 598 org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) 599 org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) 600 org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) 601 org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) 602 org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80) 603 org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) 604 java.lang.Thread.run(Thread.java:534) 605 606 root cause 607 608 java.lang.NoClassDefFoundError: javax/servlet/http/HttpServlet 609 java.lang.ClassLoader.defineClass1(Native Method) 610 java.lang.ClassLoader.defineClass(ClassLoader.java:620) 611 java.security.SecureClassLoader.defineClass(SecureClassLoader.java:124) 612 java.net.URLClassLoader.defineClass(URLClassLoader.java:260) 613 java.net.URLClassLoader.access$100(URLClassLoader.java:56) 614 java.net.URLClassLoader$1.run(URLClassLoader.java:195) 615 java.security.AccessController.doPrivileged(Native Method) 616 java.net.URLClassLoader.findClass(URLClassLoader.java:188) 617 java.lang.ClassLoader.loadClass(ClassLoader.java:306) 618 sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:268) 619 java.lang.ClassLoader.loadClass(ClassLoader.java:251) 620 org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1270) 621 org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1201) 622 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) 623 org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) 624 org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) 625 org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) 626 org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) 627 org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80) 628 org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) 629 java.lang.Thread.run(Thread.java:595) 630 631Then the problem is with class path. Apparently running the startup.sh script from anywhere 632else than top level of Tomcat distribution produces the above error. 633 634If, however, you get 635 636 javax.servlet.ServletException: Error allocating a servlet instance 637 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) 638 org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) 639 org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) 640 org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) 641 org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) 642 org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80) 643 org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) 644 java.lang.Thread.run(Thread.java:534) 645 646 root cause 647 648 java.lang.UnsupportedClassVersionError: zxidappdemo (Unsupported major.minor version 50.0) 649 java.lang.ClassLoader.defineClass0(Native Method) 650 java.lang.ClassLoader.defineClass(ClassLoader.java:537) 651 java.security.SecureClassLoader.defineClass(SecureClassLoader.java:123) 652 org.apache.catalina.loader.WebappClassLoader.findClassInternal(WebappClassLoader.java:1815) 653 org.apache.catalina.loader.WebappClassLoader.findClass(WebappClassLoader.java:869) 654 org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1322) 655 org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1201) 656 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) 657 org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) 658 org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) 659 org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) 660 org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) 661 org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80) 662 org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) 663 java.lang.Thread.run(Thread.java:534) 664 665the reason is that you have compiled the zxidappdemo.class (and/or other classes) with 666newer version of Java that what is running the Tomcat server, e.g. compiled with 667Java 1.6, running with Java 1.4. This is a common problem, just search the web. 668 669Some common Java class version numbers: 670 671* Java 6 (1.6): Version 50.0 672* Java 5 (1.5): Version 49.0 673* Java 1.4.2: Version 48.0 674 6759.7.3 LD_LIBRARY_PATH 676~~~~~~~~~~~~~~~~~~~~~ 677 678If you get 679 680 javax.servlet.ServletException: Error instantiating servlet class zxidhlo 681 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) 682 org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) 683 org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) 684 org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) 685 org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) 686 org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80) 687 org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) 688 java.lang.Thread.run(Thread.java:534) 689 690 root cause 691 692 java.lang.UnsatisfiedLinkError: no zxidjni in java.library.path 693 java.lang.ClassLoader.loadLibrary(ClassLoader.java:1517) 694 java.lang.Runtime.loadLibrary0(Runtime.java:788) 695 java.lang.System.loadLibrary(System.java:834) 696 zxidhlo.<clinit>(zxidhlo.java:20) 697 sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) 698 sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39) 699 sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) 700 java.lang.reflect.Constructor.newInstance(Constructor.java:274) 701 java.lang.Class.newInstance0(Class.java:308) 702 java.lang.Class.newInstance(Class.java:261) 703 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) 704 org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) 705 org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) 706 org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) 707 org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) 708 org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80) 709 org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) 710 java.lang.Thread.run(Thread.java:534) 711 712Then it is not finding zxidjava/libzxidjni.so. Either say 713 714 export LD_LIBRARY_PATH=~/zxid-0.34/zxidjava:$LD_LIBRARY_PATH 715 716or place libzxidjni.so in $CATALINA_HOME/shared/lib or even /usr/lib 717(perhaps overkill, but if you are desperate). Make sure the library 718has at least read and execute permissions for the tomcat user, or make 719it world readable and executable. Note that the library file name 720really is libzxidjni.so despite the misleading exception suggesting 721just "zxidjni". 722 7239.7.4 Native Library Already Loaded 724~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 725 726If you get 727 728 java.lang.UnsatisfiedLinkError: Native Library /home/sampo/zxid/zxidjava/libzxidjni.so already loaded in another classloader 729 java.lang.ClassLoader.loadLibrary0(ClassLoader.java:1551) 730 java.lang.ClassLoader.loadLibrary(ClassLoader.java:1511) 731 java.lang.Runtime.loadLibrary0(Runtime.java:788) 732 java.lang.System.loadLibrary(System.java:834) 733 zxidhlo.<clinit>(zxidhlo.java:20) 734 sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) 735 sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39) 736 sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) 737 java.lang.reflect.Constructor.newInstance(Constructor.java:274) 738 java.lang.Class.newInstance0(Class.java:308) 739 java.lang.Class.newInstance(Class.java:261) 740 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) 741 org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) 742 org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) 743 org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) 744 org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) 745 org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80) 746 org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) 747 java.lang.Thread.run(Thread.java:534) 748 749Then ... ? Currently it seems you have to restart Tomcat. 750 751See 752 753* http://forums.sun.com/thread.jspa?threadID=633985 (gone 20131111) 754* https://forums.oracle.com/message/6471947 (still works 20131111) 755 756In essence the Java environment has arbitrary restriction that same 757library can not be used twice, e.g. due to two instances of same 758application. Most trivial way around this is to create two copies 759of the libzxidjni.so with different names. 760 761From comment 7 on https://forums.oracle.com/message/6471947: 762 763<<code: 764public String getMacAddress() throws IOException { 765if(m_EthoLib == null) { 766try { 767ClassLoader sysCL = getClass().getClassLoader().getSystemClassLoader(); 768Class cb = sysCL.loadClass("settings.EthZeroMacAddress"); 769EthZeroMacAddress Q = (EthZeroMacAddress) cb.newInstance(); 770m_EthoLib = Q; 771} catch(ClassNotFoundException e) { 772throw new IOException(e.getMessage()); 773} catch (InstantiationException e) { 774throw new IOException(e.getMessage()); 775} catch (IllegalAccessException e) { 776throw new IOException(e.getMessage()); 777} 778} 779return m_EthoLib.getMACaddress(); 780} 781>> 782 783<<email: 784From: Diana Penciuc <dianapenciuc@gmail.com> 785Date: 2013/11/18 786Subject: zxidjava.dll call from java web application 787To: sampo@zxid.org 788 789Hi Sampo, 790 791I understand you did not receive my previous email, so here we go again: 792 793I basically followed the procedure indicated here : 794http://code.google.com/p/static-dll-bootstrapper/ 795 796The main idea is to create a jar containing a class from which I make the 797call to load the library. Then put this jar in the common class loader 798folder under the glassfish web server (which is ../domain/lib). 799 800I also send you an exemple of a web application I used for testing (from 801which I make the call to the class loaded in glassfish). 802 803See you soon, 804Diana 805>> 806 8079.7.5 Win32 Java loanLibrary() error 808~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 809 810 java.lang.UnsatisfiedLinkError: Given procedure could not be found 811 812 -mno-cygwin 813 -Wl,--add-stdcall-alias 814 815No documented solution to this mystery error. It is believed to come 816from Windows dynamic linker. 817 8189.7.6 Mystery 819~~~~~~~~~~~~~ 820 821java.lang.IllegalArgumentException: Document base /var/lib/tomcat6/webapps/e2eTA does not exist or is not a readable directory 822 at org.apache.naming.resources.FileDirContext.setDocBase(FileDirContext.java:142) 823 at org.apache.catalina.core.StandardContext.resourcesStart(StandardContext.java:4249) 824 at org.apache.catalina.core.StandardContext.start(StandardContext.java:4418) 825 at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791) 826 at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771) 827 at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:546) 828 at org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:1041) 829 at org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:964) 830 at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:502) 831 at org.apache.catalina.startup.HostConfig.check(HostConfig.java:1345) 832 at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:303) 833 at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119) 834 at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1337) 835 at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1601) 836 at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1610) 837 at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1590) 838 at java.lang.Thread.run(Thread.java:636) 83907-Feb-2012 11:52:49 org.apache.catalina.core.StandardContext resourcesStart 840SEVERE: Error starting static Resources 841java.lang.IllegalArgumentException: Document base /var/lib/tomcat6/webapps/e2eTA does not exist or is not a readable directory 842 at org.apache.naming.resources.FileDirContext.setDocBase(FileDirContext.java:142) 843 at org.apache.catalina.core.StandardContext.resourcesStart(StandardContext.java:4249) 844 at org.apache.catalina.core.StandardContext.start(StandardContext.java:4418) 845 at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791) 846 at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771) 847 at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:546) 848 at org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:1041) 849 at org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:964) 850 at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:502) 851 at org.apache.catalina.startup.HostConfig.check(HostConfig.java:1345) 852 at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:303) 853 at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119) 854 at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1337) 855 at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1601) 856 at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1610) 857 at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1590) 858 at java.lang.Thread.run(Thread.java:636) 859 860Yet the directory /var/lib/tomcat6/webapps/e2eTA does exist and has WEB-INF subdirectory 861with web.xml in it. 862 863Seems the problem was that the e2eTA was a symlink. Despite being correctly made 864and despite <Context allowLinking="true" reloadable="true"> being set, it still 865would not work until I copied the link's destination to its place. 866 867Potentially permissions error, says google, and this indeed seemed to fix it. 868 8699.8 Logging and Debugging Tips 870------------------------------ 871 872In case you add debug prints, the stderr (System.err) output 873appears to go by default to apache-tomcat-5.5.20/logs/catalina.out 874 8759.8.1 Debugging libzxidjni.so under jdb and gdb 876~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 877 878Debugging the JNI C code would appear to require running java or jdb 879under gdb and setting break points in the C code. Unfortunately this 880appears to be particularly tricky. A possible approach is to introduce 881a sleep(1) in the C code and then use gdb to attach to the java 882process. Unfortunately even this method does not seem to allow us to 883set break points. 884 885 export LD_LIBRARY_PATH=zxidjava:$LD_LIBRARY_PATH 886 export QUERY_STRING='e=https%3A%2F%2Fidp.symdemo.com%3A8880%2Fidp.xml&l2=+Login+%28SAML20%3APOST%29+&fc=1&fn=prstnt&fq=&fy=&fa=&fm=exact' 887 888N.B. In following "$" means Unix shell prompt, "%" gdb prompt, and ">" 889jdb prompt. 890 891 $ gdb jdb 892 % set env LD_LIBRARY_PATH=zxidjava 893 % set env QUERY_STRING=e=https%3A%2F%2Fidp.symdemo.com%3A8880%2Fidp.xml&l2=+Login+%28SAML20%3APOST%29+&fc=1&fn=prstnt&fq=&fy=&fa=&fm=exact 894 % r zxid 895 > stop at zxid:24 896 > run 897 > next # or step 898 > print cf 899 > cont 900 9019.8.2 Enabling core dumps 902~~~~~~~~~~~~~~~~~~~~~~~~~ 903 904How to debug 905 906 *** glibc detected *** /usr/lib/jvm/java-6-openjdk/bin/java: free(): invalid pointer: 0x09c2120c *** 907 908* First enable them at system level 909 ulimit -c unlimited 910 911* Enable glibc to dump core on malloc/free errors 912 - export MALLOC_CHECK_=3 # Note trailing underscore 913 - or edit /etc/default/tomcat6: echo 'MALLOC_CHECK_=3' >>/etc/default/tomcat6 914 - or add to code mallopt(M_CHECK_ACTION, 3). In case of Java program you do it like 915 zxidjni.set_opt(cf, 7, 3); // Cause glibc malloc/free to dump core on error 916 917* The cores should go to current working directory, but under Tomcat 918 detemining this seems to be a nightmare. You can solve this by setting 919 systemwide default core path to known value, e.g: 920 921 echo '/tmp/core' > /proc/sys/kernel/core_pattern # On Linux 922 923<<ignore: 924/usr/lib/jvm/java-6-openjdk/bin/java 925-Djava.util.logging.config.file=/var/lib/tomcat6/conf/logging.properties 926-Djava.awt.headless=true 927-Xmx128m 928-XX:+UseConcMarkSweepGC 929-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 930-Djava.endorsed.dirs=/usr/share/tomcat6/endorsed 931-classpath /usr/share/tomcat6/bin/bootstrap.jar 932-Dcatalina.base=/var/lib/tomcat6 933-Dcatalina.home=/usr/share/tomcat6 934-Djava.io.tmpdir=/tmp/tomcat6-tmp 935org.apache.catalina.startup.Bootstrap start 936>> 937 938<<if: ZXIDBOOK>> 939<<else: >> 940 94196 License 942========== 943 944Copyright (c) 2006-2009 Symlabs (symlabs@symlabs.com), All Rights Reserved. 945Author: Sampo Kellom�ki (sampo@iki.fi) 946 947Copyright (c) 2010-2011 Sampo Kellom�ki (sampo@iki.fi), All Rights Reserved. 948 949See file COPYING for complete information. 950 95197 FAQ extract 952============== 953 954See zxid-faq.pd for full story. 955 95697.1 Compilation Problems 957------------------------- 958 95997.1.5 All files under zx missing 960~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 961 962(*** also appears in README.zxid FAQ) 963 964You need to symlink zx to zxid source directory, thus 965 966 ln -s . zx 967 968If you do not have it, then you will get a lot of file inclusion errors for 969headers that are supposed to be in path starting by zx/ 970 971The symlink is there to keep all hand written source files on top 972level of directory for ease of development, yet allow inclusions to go 973through ~zx~ subdirectory. When zxid is installed, it goes to 974/usr/include/zx. Hence the symlink keeps the includes the same whether 975developing or using installed version. 976 97797.1.6 Compiler Warnings 978~~~~~~~~~~~~~~~~~~~~~~~~ 979 980(*** also appears in README.zxid FAQ) 981 982If you compile zxid with compiler warnings turned on (CFLAGS += -Wall), 983you will see quite a number of warnings, most of which are 984unwarranted. Since the warnings are unwarranted, I ship zxid Makefile 985with warnings turned off. If this bothers you, feel free to investigate 986the warnings and report to me any issues you uncover. 987 988Following warnings in partuclar are unwarranted: 989 9901. Any unusued variable warnings, especially in generated code. Most 991 common of these is ~se~ variable (see enc-templ.c). 9922. "Suggest parenthesis around assignment when used as truth value." I 993 rely on C language operator precedence. Also, in most cases the 994 assignment is the only expression in the truth test - there simply 995 is no opportunity for ambiguity -- and no justified case for gcc to 996 warn about this. 9973. "Suggest parenthesis around && when used in ||". I rely on C 998 language operator precedence, hence the suggestion is redundant. 999 1000Some warnings you may want to worry about 1001 1002A. "int format, long int arg". On 32 bit platforms int and long 1003 are both 32 bits so this warning is not an issue. On 64 bit platforms, 1004 however, there may be cause for worry. 1005 100697.1.7 SWIG and Java Problems 1007~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1008 1009(*** also appears in README.zxid FAQ) 1010 1011javac -J-Xmx128m -g zxid.java zxidjava/*.java 1012zxidjava/zxidjni.java:159: cannot find symbol 1013symbol : class SWIGTYPE_p_p_void 1014location: class zxidjava.zxidjni 1015 public static zx_str zx_rsa_pub_enc(zx_ctx c, zx_str plain, SWIGTYPE_p_p_void rsa_pkey, int pad) { 1016 ^ 1017zxidjava/zxidjni.java:164: cannot find symbol 1018symbol : class SWIGTYPE_p_p_void 1019location: class zxidjava.zxidjni 1020 public static zx_str zx_rsa_pub_dec(zx_ctx c, zx_str ciphered, SWIGTYPE_p_p_void rsa_pkey, int pad) { 1021 ^ 1022zxidjava/zxidjni.java:169: cannot find symbol 1023symbol : class SWIGTYPE_p_p_void 1024location: class zxidjava.zxidjni 1025 public static zx_str zx_rsa_priv_dec(zx_ctx c, zx_str ciphered, SWIGTYPE_p_p_void rsa_pkey, int pad) { 1026 ^ 1027zxidjava/zxidjni.java:174: cannot find symbol 1028symbol : class SWIGTYPE_p_p_void 1029location: class zxidjava.zxidjni 1030 public static zx_str zx_rsa_priv_enc(zx_ctx c, zx_str plain, SWIGTYPE_p_p_void rsa_pkey, int pad) { 1031 ^ 1032This was due to missing SWIG generated classes. Probably interrupted file transfer. 1033 1034javac -J-Xmx128m -g zxid.java zxidjava/*.java 1035zxid.java:24: cannot find symbol 1036symbol : method new_conf(java.lang.String) 1037location: class zxidjava.zxidjni 1038 cf = zxidjni.new_conf("/var/zxid/"); 1039 ^ 1040zxid.java:27: cannot find symbol 1041symbol : method url_set(zxidjava.zxid_conf,java.lang.String) 1042location: class zxidjava.zxidjni 1043 zxidjni.url_set(cf, url); 1044 ^ 1045zxid.java:28: cannot find symbol 1046 1047jar cf zxidjava.jar *.class 1048jar cf /tmp/zxidjava.jar zxidjava/*.class 1049 1050javac -J-Xmx128m -g zxid.java 1051zxid.java:187: cannot access zxid_conf 1052bad class file: /Library/Java/Extensions/zxidjava.jar(zxid_conf.class) 1053class file contains wrong class: zxidjava.zxid_conf 1054Please remove or make sure it appears in the correct subdirectory of the classpath. 1055 public static int mgmt_screen(zxid_conf cf, zxid_cgi cgi, zxid_ses ses, char op) 1056 ^ 10571 error 1058 1059Underscore in linking error 1060 1061./zxid-java.sh 1062Start... 1063Exception in thread "main" java.lang.NoSuchMethodError: zxidjava.zxidjni.new_conf(Ljava/lang/String;)Lzxidjava/zxid_conf; 1064 at zxid.main(zxid.java:24) 1065 1066This was due to finding some old copies from system paths. 1067 1068java -classpath .:zxidjava -Djava.library.path=zxidjava zxid 1069Start... 1070Exception in thread "main" java.lang.UnsatisfiedLinkError: _zxid_new_conf 1071 at zxidjava.zxidjniJNI._zxid_new_conf(Native Method) 1072 at zxidjava.zxidjni.new_conf(zxidjni.java:586) 1073 at zxid.main(zxid.java:24) 1074 1075 1076 107797.2 Passing Java Session between Servlets 1078------------------------------------------ 1079 1080At Java session level session can only be shared within same servlet 1081container. So limited sharing of data between servlets is possible. 1082 1083However, to cross the servlet container boundary, currently only 1084method is to pass the ZXID level session ID and then recreate the 1085session from persistent storage using ZXID APIs. Cumbersome, but 1086doable. Effectively you would repeat the work done on ll.61-66 of 1087zxidsrvlet.java. 1088 1089<<references: 1090 1091[SAML2core] "Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0", Oasis Standard, 15.3.2005, saml-core-2.0-os 1092 1093 1094>> 1095 1096<<doc-end.pd>> 1097<<notapath: TCP/IP a.k.a xBSD/Unix n/a Perl/mod_perl PHP/mod_php Java/Tomcat>> 1098<<EOF: >> 1099<<fi: >> 1100