Determining if This Patch Is Needed
If your application uses one or more of these JGSS providers:
com.dstc.security.kerberos.provider.WedgetailGSSProvider
com.dstc.security.kerberos.winSSPI.WinSSPIProvider
com.dstc.security.kerberos.gssext.ThreadLocalSingleGSSKrb5Provider
com.quest.vsj.jboss.gssext.GSSKrb5ProviderForJBoss (VSJ JBoss Edition only)
com.quest.vsj.gssext.UnifiedGSSKrb5Provider
and you need to support JDK 1.7 and above, apply this patch. Without this patch, these JGSS providers are only supported on Sun JDK 1.4, 1.5 and 1.6; with this patch, 1.4, 1.5 and 1.6 are still supported, and in addition Sun/Oracle/openjdk JDK 1.7 and above are supported.
If your application does not use any of these JGSS providers then this patch provides no benefit (but also does no harm).
The most common use case where these JGSS providers are necessary is LDAP/SASL/GSSAPI/Kerberos (using javax.naming.* as the LDAP API) to Active Directory (for example, the 'ldap2' example in VSJ Standard Edition). Many other common uses of Single Sign-On for Java do not require any of these JGSS providers.
Resolved Issues
The following is a list of issues resolved in this patch.
Feature Resolved Issue Defect ID
New in this patch JGSS providers: add support for Sun/Oracle/openjdk 1.7 and above 3598
Please download the Hotfix called, Quest Single Sign-On for Java 3.3 Hotfix (Patch_3598) for solution SOL102197 by Clicking Here.
Files Updated
This patch updates the main lib/vsj-*-3.*.jar file in your VSJ release, per step 2, Identify the JAR file that must be patched, in the Installing This Patch section below.
Compatibility of This Patch
The following is a list of product versions and platforms compatible with this patch.
Product Name | Product Version | Platform
VSJ JBoss Edition | 3.2 | Sun/Oracle/openjdk JDK 1.4 and above
VSJ WebSphere Edition | 3.2 | Sun/Oracle/openjdk JDK 1.4 and above
VSJ WebLogic Edition | 3.2 Patch 3550 | Sun/Oracle/openjdk JDK 1.4 and above
VSJ Patch 3560 | 3.2, 3.3 | Sun/Oracle/openjdk JDK 1.4 and above
VSJ Patch 3609 | 3.2, 3.3 | Sun/Oracle/openjdk JDK 1.4 and above
VSJ Tomcat Edition | 3.3 | Sun/Oracle/openjdk JDK 1.4 and above
VSJ Standard Edition | 3.3 Patch 3548 | Sun/Oracle/openjdk JDK 1.4 and above
VSJ Standard Edition | 3.3 Patch 3596 | Sun/Oracle/openjdk JDK 1.4 and above
Installing This Patch
This patch updates Java classes in compatible VSJ releases listed above. It provides new implementations of some existing classes and also adds new classes.
The classes that constitute this patch are packaged in a JAR file, vsj-patch-3598.jar, included in this patch distribution. The classes from this patch JAR file must be merged into the appropriate VSJ JAR file in the applicable VSJ release. There are two ways to perform this merge: manually, or using the Ant build.xml included in this patch distribution.
To install this patch using Ant:
Install Apache Ant if you do not have it already, and configure your PATH and JAVA_HOME environment variables.
Identify the JAR file that must be patched in your VSJ release.
For VSJ 3.2 releases, this is lib/vsj-*-3.2.jar (for example, vsj-weblogic-3.2.jar)
For VSJ Standard Edition 3.3, this is lib/vsj-standard-3.3.jar
For VSJ Tomcat Edition 3.3, this is lib/vsj-tomcat-3.3-core.jar
Edit the apply-patch.properties file (included in this patch distribution) to specify the path to the JAR file identified above.
Change to the directory that contains this unpacked patch distribution (including the apply-patch.properties, build.xml, and vsj-patch-3598.jar files).
Run Ant ("ant") with no arguments. This will replace the JAR file identified above with an updated version that includes the new classes from the patch JAR file.
Follow the appropriate process for your VSJ release to use the modified JAR file in your applications. (For VSJ Standard Edition, rebuild your web applications using the modified JAR file and then redeploy them. For other VSJ editions, copy the modified JAR file into the appropriate location in your Java application server, just as you previously did when installing the unmodified JAR file from your original VSJ release).
To install this patch manually:
Find the "jar" command in your Java JDK / JRE.
Use jar's "x" and "f" options to extract the classes from vsj-patch-3598.jar into a temporary directory tree.
Identify the JAR file that must be patched in your VSJ release (as above).
Use jar's "u" and "f" options to update that JAR file with the contents of the temporary directory tree.
Remove the temporary directory tree.
Follow the appropriate process for your VSJ release to use the modified JAR file in your applications. (For VSJ Standard Edition, rebuild your web applications using the modified JAR file and then redeploy them. For other VSJ editions, copy the modified JAR file into the appropriate location in your Java application server, just as you previously did when installing the unmodified JAR file from your original VSJ release).
Determining if This Patch Is Installed
This patch introduces a number of new classes, including the "com.dstc.security.kerberos.provider.GSSMechClasses" class; unpatched VSJ distributions do not have this class. One way to check whether this class is present (and hence whether this patch has been applied) is to use the javap command-line tool in the JDK, for example
javap -classpath vsj-standard-3.3.jar com.dstc.security.kerberos.provider.GSSMechClasses
Removing This Patch
To remove this patch:
Unpack a fresh copy of your VSJ release and do not apply this patch to it.
Follow the appropriate process for your VSJ release to use the original (unpatched) JAR file in your applications. (For VSJ Standard Edition, rebuild your web applications using the unpatched JAR file and then redeploy them. For other VSJ editions, copy the unpatched JAR file into the appropriate location in your Java application server).
© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center