GitHub user neykov reopened a pull request:
https://github.com/apache/brooklyn-server/pull/41
[OSGi] Support JAAS auth in Jetty
Replace BrooklynPropertiesSecurityFilter with JAX-RS functionality.
Depends on #31, merge together with
https://github.com/apache/brooklyn-ui/pull/10
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/neykov/brooklyn-server jetty-jaas
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/brooklyn-server/pull/41.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #41
----
commit 1bd54e8e86844cf94093a064655c8bb705b7a7db
Author: Svetoslav Neykov <[email protected]>
Date: 2016-02-18T13:02:29Z
JAAS LoginModule delegating to Brooklyn's SecurityProviders
An implementation of a JAAS LoginModule, delegating to the SecurityProvider
configured in brooklyn.properties. Used as the authentication mechanism for the
REST API when running in Karaf.
Currently configured as a separate realm, used only for web.
commit 8043106811135c57e5cd213000c54da850003e59
Author: Svetoslav Neykov <[email protected]>
Date: 2016-02-28T13:03:29Z
[BROOKLYN-183] Configure Jetty to use JAAS authentication
* Implement an OSGi fragment so PAX-WEB code can load Jetty classes
dynamically
* Default jetty.xml for karaf, registering the BrooklynLoginModule JAAS
implementation
* Register JaasLoginService programatically in classical launcher
* Add support for roles in BrooklynLoginModule
* Register a default jaas.conf for classical launcher if one not already
registered externally
* Configure Karaf Jetty to listen on port 8081
commit f552f4acd5a484ae52b9437e92b435609d78aa01
Author: Svetoslav Neykov <[email protected]>
Date: 2016-02-28T13:36:24Z
[BROOKLYN-183] Merge HaMasterCheckFilter (servlet) with
HaHotCheckResourceFilter (JAX-RS)
Move over missing functionality and deprecate HaMasterCheckFilter.
commit cd3a06f0426dbac9b010dec723ab63b9c4a61cb4
Author: Svetoslav Neykov <[email protected]>
Date: 2016-02-28T13:39:58Z
[BROOKLYN-183] ManagementContextProvider support in web.xml files
Support adding the provider in web.xml files. If no management context
passed in the constructor look for it in the servlet context.
commit 194e9250c903c3b51593c699bdf51a6b9f53f06a
Author: Svetoslav Neykov <[email protected]>
Date: 2016-02-28T13:48:13Z
[BROOKLYN-183] Split servlet filter BrooklynPropertiesSecurityFilter into
various JAX-RS parts
* LogoutApi & LogoutResource
* RequestTaggingRsFilter - still need a servlet version of it because of
the LoggingFilter, so get the tag from the request if one is present, generate
otherwise
* EntitlementContextFilter - initialise thread request entitlements
* Support identical functionality in Jersey
* Deprecate BrooklynPropertiesSecurityFilter
commit a0f610d8360fbb706a01e5a112b605c6d5bb86ce
Author: Svetoslav Neykov <[email protected]>
Date: 2016-02-28T13:49:51Z
[BROOKLYN-183] Deprecate setting a security filter in the launcher
Instead add a new property skipSecurity corresponding to the
"--noConsoleSecurity" cli option.
commit 5e0939a9ee81c02f760156344b563cd45b7fab95
Author: Svetoslav Neykov <[email protected]>
Date: 2016-03-07T10:59:27Z
Mark resources as testing
commit 7c2a9064ff1ab8b1835a6d106e4ad57eddcc6f0d
Author: Svetoslav Neykov <[email protected]>
Date: 2016-03-07T13:10:10Z
Fix failing tests because of auth request
Explicitly disable web server authentication for tests that don't need it.
commit 7499d9ef282a26a5c5ff437269fc877ccec434b5
Author: Svetoslav Neykov <[email protected]>
Date: 2016-03-07T14:02:06Z
Fix for logout logic - break reauth loop
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
