karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (KARAF-4784) OsgiConfiguration for JAAS should fallback to default configuration
Date Mon, 28 Nov 2016 13:11:58 GMT

    [ https://issues.apache.org/jira/browse/KARAF-4784?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15701925#comment-15701925
] 

ASF GitHub Bot commented on KARAF-4784:
---------------------------------------

GitHub user shyrkov opened a pull request:

    https://github.com/apache/karaf/pull/271

    [KARAF-4784] OsgiConfiguration for JAAS should fallback to default configuration

    The details of the fix are described in the ticket https://issues.apache.org/jira/browse/KARAF-4784
    We've tested the fix successfully on our side.
    
    Thank you!

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/Jahia/karaf KARAF-4784

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/karaf/pull/271.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #271
    
----
commit 0be169531e9423c72f64205e4a5b34dd7207a91e
Author: Sergiy Shyrkov <sshyrkov@jahia.com>
Date:   2016-10-19T08:50:13Z

    [KARAF-4784] OsgiConfiguration for JAAS should fallback to default configuration

----


> OsgiConfiguration for JAAS should fallback to default configuration
> -------------------------------------------------------------------
>
>                 Key: KARAF-4784
>                 URL: https://issues.apache.org/jira/browse/KARAF-4784
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf-security
>    Affects Versions: 4.0.7
>            Reporter: Benjamin Papez
>
> We will use Karaf embedded in the next version of our Web Application, which means that
we still first start the application server (Tomcat/JBoss/Websphere) and then Karaf is started
inside. Some of our customers are using a JAAS configuration, mainly Kerberos for SPNEGO.
Unfortunately with the step to use Karaf the current default JAAS configuration is no longer
picked up and used, because Karaf is setting the {{org.apache.karaf.jaas.config.impl.OsgiConfiguration}}
object into {{javax.security.auth.login.Configuration.setConfiguration}} within the {{OsgiConfiguration.init}}
method.
> This way all standard/app-server specific ways of JAAS configuration are ignored.
> I would propose a modification to {{OsgiConfiguration}}, with something like:
> {code}
>     private Configuration defaultConfiguration;
>     public void init() {
>         try {
>             defaultConfiguration = Configuration.getConfiguration();
>         } catch (RuntimeException ex) {
>             // default configuration for fallback could not be retrieved - should be
logged
>         }
>         Configuration.setConfiguration(this);
>     }
>     ...
>     public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
>         JaasRealm realm = null;
>         for (JaasRealm r : realms) {
>             if (r.getName().equals(name)) {
>                 if (realm == null || r.getRank() > realm.getRank()) {
>                     realm = r;
>                 }
>             }
>         }
>         if (realm != null) {
>             return realm.getEntries();
>         } else if (defaultConfiguration != null) {
>            return defaultConfiguration.getAppConfigurationEntry(name);
>         }
>         return null;
>     }
>     public void refresh() {
>         if (defaultConfiguration != null) {
>             defaultConfiguration.refresh();
>         }
>     }
> {code}
> This way if no OSGI configured JAAS realm can find an {{AppConfigurationEntry}}, we would
still try to get it from the default JAAS configuration, and our customers could keep the
same JAAS configuration as before. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message