karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Guillaume Nodet (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (KARAF-4784) OsgiConfiguration for JAAS should fallback to default configuration
Date Thu, 01 Dec 2016 16:26:58 GMT

     [ https://issues.apache.org/jira/browse/KARAF-4784?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Guillaume Nodet resolved KARAF-4784.
------------------------------------
       Resolution: Fixed
         Assignee: Guillaume Nodet
    Fix Version/s: 4.1.0

> OsgiConfiguration for JAAS should fallback to default configuration
> -------------------------------------------------------------------
>
>                 Key: KARAF-4784
>                 URL: https://issues.apache.org/jira/browse/KARAF-4784
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf-security
>    Affects Versions: 4.0.7
>            Reporter: Benjamin Papez
>            Assignee: Guillaume Nodet
>             Fix For: 4.1.0
>
>
> We will use Karaf embedded in the next version of our Web Application, which means that
we still first start the application server (Tomcat/JBoss/Websphere) and then Karaf is started
inside. Some of our customers are using a JAAS configuration, mainly Kerberos for SPNEGO.
Unfortunately with the step to use Karaf the current default JAAS configuration is no longer
picked up and used, because Karaf is setting the {{org.apache.karaf.jaas.config.impl.OsgiConfiguration}}
object into {{javax.security.auth.login.Configuration.setConfiguration}} within the {{OsgiConfiguration.init}}
method.
> This way all standard/app-server specific ways of JAAS configuration are ignored.
> I would propose a modification to {{OsgiConfiguration}}, with something like:
> {code}
>     private Configuration defaultConfiguration;
>     public void init() {
>         try {
>             defaultConfiguration = Configuration.getConfiguration();
>         } catch (RuntimeException ex) {
>             // default configuration for fallback could not be retrieved - should be
logged
>         }
>         Configuration.setConfiguration(this);
>     }
>     ...
>     public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
>         JaasRealm realm = null;
>         for (JaasRealm r : realms) {
>             if (r.getName().equals(name)) {
>                 if (realm == null || r.getRank() > realm.getRank()) {
>                     realm = r;
>                 }
>             }
>         }
>         if (realm != null) {
>             return realm.getEntries();
>         } else if (defaultConfiguration != null) {
>            return defaultConfiguration.getAppConfigurationEntry(name);
>         }
>         return null;
>     }
>     public void refresh() {
>         if (defaultConfiguration != null) {
>             defaultConfiguration.refresh();
>         }
>     }
> {code}
> This way if no OSGI configured JAAS realm can find an {{AppConfigurationEntry}}, we would
still try to get it from the default JAAS configuration, and our customers could keep the
same JAAS configuration as before. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message