From 7cd99d2f96b58c151ddb091ddafcdfb37c11a89d Mon Sep 17 00:00:00 2001 From: Tim Vernum Date: Tue, 17 Apr 2018 11:04:31 +1000 Subject: [PATCH] Trigger log4j loading prior to context classloader (elastic/x-pack-elasticsearch#4355) OpenSAML requires that the context classloader be set to the classloader that contains the opensaml jar files in order to initialise itself. However, sometimesrthis seems to cause the classloading for slf4j/log4j to take place while that context classloader is set, which fails. This change forces slf4j/log4j to be initialised prior to setting the context classloader. Original commit: elastic/x-pack-elasticsearch@85ed8eb4882b660fe98e7e2ba6e0ffe768ed1f91 --- .../elasticsearch/xpack/security/authc/saml/SamlUtils.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/saml/SamlUtils.java b/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/saml/SamlUtils.java index 056c6e90b09..9b8d73c2e61 100644 --- a/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/saml/SamlUtils.java +++ b/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/saml/SamlUtils.java @@ -52,8 +52,8 @@ import org.opensaml.core.xml.io.MarshallingException; import org.opensaml.core.xml.util.XMLObjectSupport; import org.opensaml.saml.common.SAMLObject; import org.opensaml.saml.saml2.core.Assertion; -import org.opensaml.saml.saml2.core.NameID; import org.opensaml.saml.saml2.core.Response; +import org.slf4j.LoggerFactory; import org.w3c.dom.Element; import org.w3c.dom.bootstrap.DOMImplementationRegistry; import org.w3c.dom.ls.DOMImplementationLS; @@ -81,6 +81,8 @@ public class SamlUtils { */ static void initialize(Logger logger) throws PrivilegedActionException { if (INITIALISED.compareAndSet(false, true)) { + // We want to force these classes to be loaded _before_ we fiddle with the context classloader + LoggerFactory.getLogger(InitializationService.class); SpecialPermission.check(); AccessController.doPrivileged((PrivilegedExceptionAction) () -> { logger.debug("Initializing OpenSAML");