karaf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Guillaume Nodet <gno...@gmail.com>
Subject Re: Karaf Webconsole and JAAS how does it work?
Date Tue, 13 Jul 2010 14:34:02 GMT
On Tue, Jul 13, 2010 at 4:26 PM, Achim Nierbeck <achim.nierbeck@ptv.de> wrote:
>
> OK, got it.
>
> Got an LoginException which says it can't find the class
> org.apache.karaf.jaas.boot.ProxyLoginModule
>
> but just to mention, I don't think  it is a good style to catch an exception
> and not to do anything with it.
> At leas you should log a warning, just for the records :)

Yes, but the problem is that this is a security related exception, so
you certainly don't want to expose passwords in the log ...
We've had users complaining about such exposure of sensitive data.

>
> Now, what can I do about the "missing" Class :-)
>

I bet you changed the default config.properties.  The
org.apache.karaf.jaas.boot should be boot delegated.

>
> Guillaume Nodet wrote:
>>
>> Yeah, debugging is a good solution in that case.
>> You should try to put a breakpoint in
>> org.apache.karaf.webconsole.JaasSecurityProvider#authenticate method
>> and see what happens.
>> If you don't hit that breakpoint, it means the webconsole does not see
>> karaf authenticator, else you should see an exception in that method.
>>
>> On Tue, Jul 13, 2010 at 2:30 PM, Achim Nierbeck <achim.nierbeck@ptv.de>
>> wrote:
>>>
>>> That's what is driving me nuts, I do not have any exceptions.
>>> It asks me for the credentials over and over again :(
>>>
>>> I just started the whole server with DEBUG log level and the sift logger
>>> enabled.
>>> It looks like I'm not authorized, I'll attach the
>>> org.ops4j.pax.web.pax-web-jetty.log file
>>>
>>> http://karaf.922171.n3.nabble.com/file/n963228/org.ops4j.pax.web.pax-web-jetty.log
>>> org.ops4j.pax.web.pax-web-jetty.log
>>>
>>>
>>> Guillaume Nodet wrote:
>>>>
>>>> Any exception in the log ? Also, I'm not sure to understand what you
>>>> see, is the http request denied ?
>>>>
>>>>
>>>> On Tue, Jul 13, 2010 at 2:03 PM, Achim Nierbeck <achim.nierbeck@ptv.de>
>>>> wrote:
>>>>>
>>>>>
>>>>> I already did that, and I also configured
>>>>> the pax-web Container with the following file:
>>>>>
>>>>> org.ops4j.pax.web.cfg
>>>>>
>>>>> and the following properties:
>>>>>
>>>>> org.apache.karaf.features.configKey=org.ops4j.pax.web
>>>>> org.osgi.service.http.port=8080
>>>>> org.ops4j.pax.web.session.timeout=30
>>>>>
>>>>> so if I call
>>>>>
>>>>> http://localhost:8080/system/console
>>>>>
>>>>> i do get the request for username and passwort, but I'm still not able
>>>>> to
>>>>> get to the webconsole,
>>>>> which is quite strange since I did this also with the Karaf 1.6.0
>>>>> release
>>>>> where it did work.
>>>>>
>>>>>
>>>>> Guillaume Nodet wrote:
>>>>>>
>>>>>> I think that' s because the webconsole feature has some additional
>>>>>> config:
>>>>>>
>>>>>>         <config name="org.apache.karaf.webconsole">
>>>>>>           realm=karaf
>>>>>>         </config>
>>>>>>
>>>>>> If you put a file named org.apache.karaf.webconsole.cfg in the etc
dir
>>>>>> with the above properties, it should work.
>>>>>>
>>>>>> On Tue, Jul 13, 2010 at 10:35 AM, Achim Nierbeck
>>>>>> <achim.nierbeck@ptv.de>
>>>>>> wrote:
>>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> Right now I'm repackaging the Karaf 1.99 with some additional
>>>>>>> bundles.
>>>>>>> Basically it is the same as if I would use the features
>>>>>>> spring
>>>>>>> spring-dm
>>>>>>> http
>>>>>>> war
>>>>>>> webconsole
>>>>>>>
>>>>>>> and some additional bundles for all kinds of apache commons stuff.
>>>>>>>
>>>>>>> when i call the webconsole I do get the prompt for the credentials,
>>>>>>> but
>>>>>>> they
>>>>>>> are not accepted.
>>>>>>>
>>>>>>> If i use the "Vanilla" Karaf 1.99 and install those features
later it
>>>>>>> works,
>>>>>>> so I don't know right now where the
>>>>>>> problem is.
>>>>>>>
>>>>>>> Thanks in advance :)
>>>>>>>
>>>>>>> Achim
>>>>>>> --
>>>>>>> View this message in context:
>>>>>>> http://karaf.922171.n3.nabble.com/Karaf-Webconsole-and-JAAS-how-does-it-work-tp962815p962815.html
>>>>>>> Sent from the Karaf - Dev mailing list archive at Nabble.com.
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Cheers,
>>>>>> Guillaume Nodet
>>>>>> ------------------------
>>>>>> Blog: http://gnodet.blogspot.com/
>>>>>> ------------------------
>>>>>> Open Source SOA
>>>>>> http://fusesource.com
>>>>>>
>>>>>>
>>>>>
>>>>> --
>>>>> View this message in context:
>>>>> http://karaf.922171.n3.nabble.com/Karaf-Webconsole-and-JAAS-how-does-it-work-tp962815p963158.html
>>>>> Sent from the Karaf - Dev mailing list archive at Nabble.com.
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Cheers,
>>>> Guillaume Nodet
>>>> ------------------------
>>>> Blog: http://gnodet.blogspot.com/
>>>> ------------------------
>>>> Open Source SOA
>>>> http://fusesource.com
>>>>
>>>>
>>>
>>> --
>>> View this message in context:
>>> http://karaf.922171.n3.nabble.com/Karaf-Webconsole-and-JAAS-how-does-it-work-tp962815p963228.html
>>> Sent from the Karaf - Dev mailing list archive at Nabble.com.
>>>
>>
>>
>>
>> --
>> Cheers,
>> Guillaume Nodet
>> ------------------------
>> Blog: http://gnodet.blogspot.com/
>> ------------------------
>> Open Source SOA
>> http://fusesource.com
>>
>>
>
> --
> View this message in context: http://karaf.922171.n3.nabble.com/Karaf-Webconsole-and-JAAS-how-does-it-work-tp962815p963549.html
> Sent from the Karaf - Dev mailing list archive at Nabble.com.
>



-- 
Cheers,
Guillaume Nodet
------------------------
Blog: http://gnodet.blogspot.com/
------------------------
Open Source SOA
http://fusesource.com

Mime
View raw message