On Fri, Sep 28, 2012 at 1:27 PM, Chetan Mehrotra <[email protected]>wrote:
> Hi Reto, > > > Could you help me understand what using your bundle would imply. Is this > a > > regular bundle that can just be added to any OSGi application ore are > some > > special tweaks needed starting/configuring the platform? > > I have added a usage section [1] which provides required steps. Hope > that helps. Also let me know if you require more details > > Chetan Mehrotra > [1] https://github.com/chetanmeh/c/wiki/JAAS-in-OSGi#wiki-usage Thanks! The bundle looks good and can be installed in stanbol, from the documentation the existing stanbol api could be migrated to provide a LoginModule. It would be great if it could soon be available either as felix component or as independent project (as long as it gets into maven central). Reto > > > > On Fri, Sep 28, 2012 at 4:40 AM, Reto Bachmann-Gmür <[email protected]> > wrote: > > Hi Chetan > > > > Recently we have added security to Stanbol so that it can be run with a > > security manager in place. Regarding authentication of HTTP clients for > now > > the providers must implement our own service interface [1]. The > > authentication providers authenticate a user before subsequent processing > > of the request is executed as the authenticated subject. > > > > Could you help me understand what using your bundle would imply. Is this > a > > regular bundle that can just be added to any OSGi application ore are > some > > special tweaks needed starting/configuring the platform? > > > > Cheers, > > Reto > > > > > > 1. > > > http://svn.apache.org/viewvc/stanbol/trunk/commons/security/src/main/java/org/apache/stanbol/commons/security/auth/AuthenticationMethod.java?view=markup > > > > On Wed, Sep 26, 2012 at 3:56 PM, Chetan Mehrotra > > <[email protected]>wrote: > > > >> I have been working on a poc to simplify usage if JAAS with Sling and > >> Jackrabbit. Using of JAAS within OSGi is often tricky because of > >> classloading issues. There has been some work done around this > >> > >> 1. JAAS support in Apache Karaf > >> 2. Proposal by Stefan Vladov in the presentation [1] given by him at > >> OSGi Community Event 2011 > >> > >> Following the proposal at #2 and borrowing some ideas from Apache > >> Karaf I implemented a bundle which simplifies usage of JAAS within > >> OSGi env. It supports following features > >> > >> 1. It can work both in Standalone and AppServer deployments i.e. in > >> those environment where global JAAS configuration might be used by > >> other applications and our usage of JAAS should not affect them > >> 2. It enables usage of OSGi Configuration support to dynamically > >> configure the login modules. > >> 3. It allows LoginModule instances to be created via factories > >> registered in OSGi Service Registry > >> 4. It does not require the client to depend on any OSGi API > >> 5. It works well with the dynamic nature of the OSGi env > >> 6. Implementation depends only on Core OSGi API and ConfigAdmin > >> > >> Complete details are provided at [2] > >> > >> Kindly have a look at it and provide feedback!! > >> > >> Chetan Mehrotra > >> > >> [1] > >> > http://www.slideshare.net/mfrancis/common-security-services-consolidation-patterns-for-legacy-components-stefan-vladov > >> [2] https://github.com/chetanmeh/c/wiki/JAAS-in-OSGi > >> >
