Jetty 9.3 SSL Keystore Path and SOAP Backchannel Errors

[Cantor, Scott]

On 8/19/15, 2:37 PM, "users on behalf of Domingues, Michael D" <users-bounces at shibboleth.net on behalf of michael-domingues at uiowa.edu> wrote:



>Thanks Scott. I've done a bit more testing, and Jetty is still exiting with the [files] directive left in place, even though it only logs at Warning. A regression on this point was introduced in Jetty 9.3.X, when they refactored how modules are loaded. The code on the 9.2.X branch looks fine: Jetty should log the warnings, but proceed to start anyway.

That's why I didn't notice, I never tried it under 9.3 without just removing the line first to get rid of the noise.

>I've opened a bug report [1] on that; for now, as a better workaround, as opposed to modifying the ssl.mod file in place or creating a copy in JETTY_BASE, you can just tack --skip-file-validation=ssl on the effective command-line when starting Jetty, and all's well that ends well. Shib wiki page Jetty93 updated accordingly.

Sounds fine.

>As to the second issue, I did a bit more digging and found that this was actually caused a Confluence bug [2] related to the copy-paste functionality in the code macro.

Nice find. Maybe we should add some kind of note to the wiki about this. I don't want to add a header to every page or anything, but seems like this has probably bitten people in the past without us knowing.

-- Scott

>