karaf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jean-Baptiste Onofré" ...@nanthrax.net>
Subject Re: Keep clean repo and JAAS configuration for the end-users
Date Sun, 30 Jan 2011 11:46:57 GMT
Yeah, for instance users would tune the login.properties to add MyAppAuthentication subject,
not only the karaf one.

-----Original Message-----
From: Andreas Pieber <anpieber@gmail.com>
Date: Sun, 30 Jan 2011 12:21:23 
To: <dev@karaf.apache.org>
Reply-To: dev@karaf.apache.org
Subject: Re: Keep clean repo and JAAS configuration for the end-users

If blueprint supports this a big +1 (never tried this but somehow sceptical if
this works :)); I like to use the same jaas config for karaf and my application 
--> If I could change the entire implementation and flags... great!

kind regards,

On Sun, Jan 30, 2011 at 10:27:44AM +0100, Jean-Baptiste Onofré wrote:
> Hi all,
> I have some questions about the current scm repo:
> - @David: I saw that you created an assemblies module. We still have
> the assembly module defined and used in the <modules/> main POM. I
> guess it's a temporary situation and, after some more tests, the
> assemblies module will replace the assembly module ? What about
> profiles implementation and brainstorm ?
> - @Achim: I saw that you added a src/main/configfiles directory
> (containing a jetty.xml) in the assembly module. Why not used the
> src/main/filtered-resources directory (and eventually create a new
> directory in this one) or define a new sub-module ? I don't wanna
> split the resources in a lot of directories. WDYT ?
> Now regarding the JAAS configuration. Correct me if I'm wrong, but
> up to now, the JAAS configuration is defined in the blueprint
> (OSGI-INF/blueprint/karaf-jaas-module.xml) descriptor of the
> jaas/modules module:
>     <jaas:config name="karaf">
>         <jaas:module className="org.apache.karaf.jaas.modules.properties.PropertiesLoginModule"
> flags="required">
>             users = $[karaf.base]/etc/users.properties
>             encryption.name = ${encryption.name}
>             encryption.enabled = ${encryption.enabled}
>             encryption.prefix = ${encryption.prefix}
>             encryption.suffix = ${encryption.suffix}
>             encryption.algorithm = ${encryption.algorithm}
>             encryption.encoding = ${encryption.encoding}
>         </jaas:module>
>     </jaas:config>
> So by default, we "force" the usage of the PropertiesLoginModule.
> It could be helpful for the end users to have access to a
> etc/login.properties file to be able to define the login modules to
> use with the policy associated (required, sufficient, optional).
> For instance, we can add a property in the
> etc/org.apache.karaf.jaas.cfg file to define the location of this
> login.properties file (etc/login.properties by default) and
> reference the PropertiesLoginModule by default. It could be more
> clear for the users.
> WDYT ?
> Thank
> Regards
> JB

View raw message