Why don't we use pax-exam whiteboard for doing that (registering the camelServlet + JAASecurity) ? It could be also interesting that we provide a Generic Servlet Filter to work with JAAS of Karaf. In this case, we don't have to create for each servlet that we would like to use its own JAAS SecurityManager + HttpContext?
On Fri, Jan 14, 2011 at 5:36 PM, Guillaume Nodet <[email protected]> wrote: > Shouldn't the component be registered automatically using an activator ? > Registering a serlvet is not the standard way in OSGi, it would only work > with pax-web. > So I think registering the servlet directly in the HttpService would allow > you to create your own HttpContext and use it to do the authentication. > > Though forcing the use of JAAS may not be a good idea from a pure Karaf > perspective ... > > On Fri, Jan 14, 2011 at 08:27, Guillaume Nodet <[email protected]> wrote: > >> Right, see how it's done in Karaf for the web console: >> >> http://svn.apache.org/repos/asf/karaf/trunk/webconsole/branding/src/main/java/org/apache/karaf/webconsole/JaasSecurityProvider.java >> >> That one is called by the HttpContext created by the webconsole in the >> handleSecurity() method: >> >> http://svn.apache.org/repos/asf/felix/trunk/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java >> >> On Fri, Jan 14, 2011 at 07:33, Achim Nierbeck <[email protected]>wrote: >> >>> I think for the OSGI Servlets, the OSGi container does the security >>> directly like done with the webconsole plugin. Could you please take a >>> look at it. Never the less I will take a deeper look at this later >>> today :) >>> >>> >>> 2011/1/14 Charles Moulliard <[email protected]>: >>> > Hi, >>> > >>> > I have deployed successfully camel OSGI Servlet (as mentioned in the >>> > wiki page updated of camel) - 2.6-SNAPSHOT and being able to use it >>> > with a camel >>> > >>> > Now I would like to configure jetty using the configuration file >>> > deployed in /etc/jetty.xml like this >>> > >>> > <?xml version="1.0" encoding="UTF-8"?> >>> > <!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting// DTD >>> > Configure//EN" "http://jetty.mortbay.org/configure.dtd";> >>> > <Configure class="org.eclipse.jetty.server.Server"> >>> > >>> > <!-- =========================================================== --> >>> > <!-- Set connectors --> >>> > <!-- =========================================================== --> >>> > <!-- One of each type! --> >>> > <!-- =========================================================== --> >>> > >>> > <!-- Use this connector for many frequently idle connections >>> > and for threadless continuations. >>> > --> >>> > <Call name="addConnector"> >>> > <Arg> >>> > <New >>> class="org.eclipse.jetty.server.nio.SelectChannelConnector"> >>> > <Set name="host"><Property name="jetty.host"/></Set> >>> > <Set name="port"><Property name="jetty.port" >>> default="8282"/></Set> >>> > <Set name="maxIdleTime">300000</Set> >>> > <Set name="Acceptors">2</Set> >>> > <Set name="statsOn">false</Set> >>> > <Set name="confidentialPort">8443</Set> >>> > <Set name="lowResourcesConnections">20000</Set> >>> > <Set name="lowResourcesMaxIdleTime">5000</Set> >>> > </New> >>> > </Arg> >>> > </Call> >>> > >>> > <Call name="addBean"> >>> > <Arg> >>> > <New class="org.eclipse.jetty.plus.jaas.JAASLoginService"> >>> > <Set name="name">karaf</Set> >>> > <Set name="loginModuleName">karaf</Set> >>> > </New> >>> > </Arg> >>> > </Call> >>> > >>> > - This option is enable using the following property : >>> > org.ops4j.pax.web.config.file=./etc/jetty.xml >>> > - The security is enable with the JAASLoginService >>> > >>> > Unfortunately the client is not authenticated when the browser sends >>> > the request to the Jetty Server and receive well an answer from camel >>> > route. >>> > >>> > Any idea is welcome ? >>> > >>> > Here is the list of bundles deployed. >>> > >>> > [ 240] [Active ] [ ] [ ] [ 60] camel-http >>> > (2.6.0.SNAPSHOT) >>> > [ 241] [Active ] [ ] [ ] [ 60] camel-servlet >>> > (2.6.0.SNAPSHOT) >>> > [ 242] [Active ] [ ] [ ] [ 60] CAMEL :: OSGI :: >>> > Servlet (1.0.0) >>> > [ 248] [Active ] [ ] [Started] [ 60] spring-context.xml >>> (0.0.0) >>> > [ 249] [Active ] [ ] [ ] [ 60] OPS4J Pax Web - >>> > Extender - Whiteboard (0.8.2.SNAPSHOT) >>> > [ 250] [Active ] [ ] [ ] [ 60] OPS4J Pax Url - >>> > war:, war-i: (1.2.1) >>> > [ 251] [Active ] [ ] [ ] [ 60] OPS4J Pax Web - >>> > Jsp Support (0.8.2.SNAPSHOT) >>> > [ 252] [Active ] [ ] [ ] [ 60] OPS4J Pax Web - >>> > Extender - WAR (0.8.2.SNAPSHOT) >>> > [ 253] [Active ] [ ] [ ] [ 60] OPS4J Pax Web - >>> > FileInstall Deployer (0.8.2.SNAPSHOT) >>> > [ 254] [Active ] [ ] [ ] [ 60] OPS4J Pax Web - >>> > API (0.8.2.SNAPSHOT) >>> > [ 255] [Active ] [ ] [ ] [ 60] OPS4J Pax Web - >>> > Service SPI (0.8.2.SNAPSHOT) >>> > [ 256] [Active ] [ ] [ ] [ 60] OPS4J Pax Web - >>> > Runtime (0.8.2.SNAPSHOT) >>> > [ 257] [Active ] [ ] [ ] [ 60] OPS4J Pax Web - >>> > Jetty (0.8.2.SNAPSHOT) >>> > [ 269] [Active ] [ ] [ ] [ 60] Jetty :: >>> > Utilities (7.2.2.v20101205) >>> > [ 270] [Active ] [ ] [ ] [ 60] Jetty :: Plus >>> > (7.2.2.v20101205) >>> > [ 271] [Active ] [ ] [ ] [ 60] Jetty :: JNDI >>> > Naming (7.2.2.v20101205) >>> > >>> > >>> > >>> > Regards, >>> > >>> > >>> > Charles Moulliard >>> > >>> > Sr. Principal Solution Architect - FuseSource >>> > Apache Committer >>> > >>> > Blog : http://cmoulliard.blogspot.com >>> > Twitter : http://twitter.com/cmoulliard >>> > Linkedin : http://www.linkedin.com/in/charlesmoulliard >>> > Skype: cmoulliard >>> > >>> >> >> >> >> -- >> Cheers, >> Guillaume Nodet >> ------------------------ >> Blog: http://gnodet.blogspot.com/ >> ------------------------ >> Open Source SOA >> http://fusesource.com >> >> >> > > > -- > Cheers, > Guillaume Nodet > ------------------------ > Blog: http://gnodet.blogspot.com/ > ------------------------ > Open Source SOA > http://fusesource.com >
