Hi Reto, > Could you help me understand what using your bundle would imply. Is this a > regular bundle that can just be added to any OSGi application ore are some > special tweaks needed starting/configuring the platform?
I have added a usage section [1] which provides required steps. Hope that helps. Also let me know if you require more details Chetan Mehrotra [1] https://github.com/chetanmeh/c/wiki/JAAS-in-OSGi#wiki-usage On Fri, Sep 28, 2012 at 4:40 AM, Reto Bachmann-Gmür <[email protected]> wrote: > Hi Chetan > > Recently we have added security to Stanbol so that it can be run with a > security manager in place. Regarding authentication of HTTP clients for now > the providers must implement our own service interface [1]. The > authentication providers authenticate a user before subsequent processing > of the request is executed as the authenticated subject. > > Could you help me understand what using your bundle would imply. Is this a > regular bundle that can just be added to any OSGi application ore are some > special tweaks needed starting/configuring the platform? > > Cheers, > Reto > > > 1. > http://svn.apache.org/viewvc/stanbol/trunk/commons/security/src/main/java/org/apache/stanbol/commons/security/auth/AuthenticationMethod.java?view=markup > > On Wed, Sep 26, 2012 at 3:56 PM, Chetan Mehrotra > <[email protected]>wrote: > >> I have been working on a poc to simplify usage if JAAS with Sling and >> Jackrabbit. Using of JAAS within OSGi is often tricky because of >> classloading issues. There has been some work done around this >> >> 1. JAAS support in Apache Karaf >> 2. Proposal by Stefan Vladov in the presentation [1] given by him at >> OSGi Community Event 2011 >> >> Following the proposal at #2 and borrowing some ideas from Apache >> Karaf I implemented a bundle which simplifies usage of JAAS within >> OSGi env. It supports following features >> >> 1. It can work both in Standalone and AppServer deployments i.e. in >> those environment where global JAAS configuration might be used by >> other applications and our usage of JAAS should not affect them >> 2. It enables usage of OSGi Configuration support to dynamically >> configure the login modules. >> 3. It allows LoginModule instances to be created via factories >> registered in OSGi Service Registry >> 4. It does not require the client to depend on any OSGi API >> 5. It works well with the dynamic nature of the OSGi env >> 6. Implementation depends only on Core OSGi API and ConfigAdmin >> >> Complete details are provided at [2] >> >> Kindly have a look at it and provide feedback!! >> >> Chetan Mehrotra >> >> [1] >> http://www.slideshare.net/mfrancis/common-security-services-consolidation-patterns-for-legacy-components-stefan-vladov >> [2] https://github.com/chetanmeh/c/wiki/JAAS-in-OSGi >>
