[3.x] WLS JMS Object-Based Security

docs/mp/reactivemessaging/weblogic.adoc

@@ -1,6 +1,6 @@
 ///////////////////////////////////////////////////////////////////////////////
 
-    Copyright (c) 2022 Oracle and/or its affiliates.
+    Copyright (c) 2022, 2023 Oracle and/or its affiliates.
 
     Licensed under the Apache License, Version 2.0 (the "License");
     you may not use this file except in compliance with the License.
@@ -43,6 +43,9 @@ WebLogic installation.
 WARNING: Avoid placing `wlthint3client.jar` on Helidon classpath, client library location needs to be
 configured and loaded by Helidon messaging connector.
 
+WARNING: Don't forget to start your Helidon app with `--add-opens=java.base/java.io=ALL-UNNAMED` to allow
+wlthint3client use reflection.
+
 include::{rootdir}/includes/dependencies.adoc[]
 
 [source,xml]

messaging/connectors/jms/src/main/java/io/helidon/messaging/connectors/jms/ConnectionContext.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, 2022 Oracle and/or its affiliates.
+ * Copyright (c) 2020, 2023 Oracle and/or its affiliates.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -111,7 +111,7 @@ private Object lookup(String jndi) {
         try {
             return ctx.lookup(jndi);
         } catch (NamingException e) {
-            LOGGER.log(Level.FINE, e, () -> "JNDI lookup of " + jndi + " failed");
+            LOGGER.log(Level.WARNING, e, () -> "JNDI lookup of " + jndi + " failed");
             return null;
         }
     }

messaging/connectors/wls-jms/src/main/java/io/helidon/messaging/connectors/wls/IsolatedContextFactory.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022 Oracle and/or its affiliates.
+ * Copyright (c) 2022, 2023 Oracle and/or its affiliates.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,6 +18,7 @@
 import java.lang.reflect.Constructor;
 import java.lang.reflect.InvocationTargetException;
 import java.util.Hashtable;
+import java.util.Optional;
 
 import javax.naming.Context;
 import javax.naming.NamingException;
@@ -28,23 +29,26 @@
  */
 public class IsolatedContextFactory implements InitialContextFactory {
 
-    private static final String WLS_INIT_CTX_FACTORY = "weblogic.jndi.WLInitialContextFactory";
+    private static final String WLS_INIT_CTX_FACTORY_DEFAULT = "weblogic.jms.WLInitialContextFactory";
 
     @Override
     public Context getInitialContext(Hashtable<?, ?> env) throws NamingException {
         return ThinClientClassLoader.executeInIsolation(() -> {
+            String wlsInitFactoryClass =
+                    Optional.ofNullable((String) env.get("wls-init-ctx-factory"))
+                            .orElse(WLS_INIT_CTX_FACTORY_DEFAULT);
             try {
-                Class<?> wlInitialContextFactory = ThinClientClassLoader.getInstance().loadClass(WLS_INIT_CTX_FACTORY);
+                Class<?> wlInitialContextFactory = ThinClientClassLoader.getInstance().loadClass(wlsInitFactoryClass);
                 Constructor<?> contextFactoryConstructor = wlInitialContextFactory.getConstructor();
                 InitialContextFactory contextFactoryInstance = (InitialContextFactory) contextFactoryConstructor.newInstance();
                 return contextFactoryInstance.getInitialContext(env);
             } catch (ClassNotFoundException e) {
-                throw new RuntimeException("Cannot find " + WLS_INIT_CTX_FACTORY, e);
+                throw new RuntimeException("Cannot find " + wlsInitFactoryClass, e);
             } catch (NoSuchMethodException
                      | InvocationTargetException
                      | InstantiationException
                      | IllegalAccessException e) {
-                throw new RuntimeException("Cannot instantiate " + WLS_INIT_CTX_FACTORY, e);
+                throw new RuntimeException("Cannot instantiate " + wlsInitFactoryClass, e);
             }
         });
     }

messaging/connectors/wls-jms/src/main/java/io/helidon/messaging/connectors/wls/ThinClientClassLoader.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022 Oracle and/or its affiliates.
+ * Copyright (c) 2022, 2023 Oracle and/or its affiliates.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -57,7 +57,9 @@ protected Class<?> loadClass(String name, boolean resolve) throws ClassNotFoundE
             try {
                 return super.loadClass(name, resolve);
             } catch (ClassNotFoundException e) {
-                LOGGER.log(TRACE, "Cannot load class " + name + " from WLS thin client classloader.", e);
+                LOGGER.log(TRACE, () -> "Cannot load class "
+                        + name
+                        + " from WLS thin client classloader, delegating to ctx classloader.", e);
                 contextClassLoader.loadClass(name);
             }
         }
@@ -94,6 +96,11 @@ static <T> T executeInIsolation(IsolationSupplier<T> supplier) {
     }
 
     boolean inWlsJar(String name) {
+        // Load jms exceptions from inside the thin jar to avoid deserialization issues
+        if (name.startsWith("javax.jms") && name.endsWith("Exception")) {
+            return true;
+        }
+
         // Load only javax JMS API from outside, so cast works
         return !name.startsWith("javax.jms")
                 && !name.equals(IsolatedContextFactory.class.getName());