Hi all,
I made progress on the encryption enchancement in JAAS login module.
I added the encryption interface in the jaas/module bundle and created
an encryption feature which uses jasypt.
The last think to do is to use the encryption service in
AbstractKarafLoginModule when the encryption algorithm is set.
I added a blueprint service reference in jaas/module (I gonna flag this
reference as optional) but I wonder the most elegant way to use this
service reference in the login module (via the abtract). I see two ways:
- inject the service reference in the login module using a
setEncryption() setter in the AbstractKarafLoginModule. To do it, I need
to upgrade the jaas/config bundle to change the <jaas:config/> XSD and
add a encryption setter in <jaas:module/> schema.
- use "old" fashion OSGi service lookup in the AbstractKarafLoginModule
using
bundleContext.getServiceReference("org.apache.karaf.jaas.module.Encryption")
and bundleContext.getService(). In that case I need to add
setBundleContext() in the AbstractKarafLoginModule and blueprint service
reference is not required.
What do you prefer ? Maybe there is another way that you see ?
Thanks
Regards
JB
On 09/09/2010 10:01 PM, Guillaume Nodet wrote:
Sounds good to me. If you need any help, let me know.
On Thu, Sep 9, 2010 at 21:10, Jean-Baptiste Onofré<[email protected]> wrote:
Hi,
on my side, I would like to complete the JAAS work before releasing.
The JAAS enhancement includes:
- adding "cipher" attribute in AbstractKarafLoginModule defining the default
password encryption algorithm.
- adding "util" methods in AbstractKarafLoginModule to encrypt password
(override the password callback)
- update existing login modules to use encrypted password
- update the PropertiesLoginModule to encrypt plain passwords stored in the
etc/users.properties file, prefix encrypted password with {CRYPT} and store
back in etc/users.properties file.
In the same area, I have begun to create an util bundle storing spread
classes and resources such as Properties.
Unfortunately, I have some production issues to fix at work, so I don't
think that I will be able to complete these tasks before sunday evening.
Is it fine for everyone ?
Sorry for the delay :/
Regards
JB
On 09/09/2010 08:19 PM, Guillaume Nodet wrote:
Agreed, I think we should aim to start the release process end of next
week so that the release could be out the week after.
I'd like to get the KARAF-189 and 190 fixed before, as I think they
are quite important to fix.
Actually I'll have a quick look at all the bugs in JIRA as
improvements and new features can be easily defered to 2.2.0 if
needed.
On Thu, Sep 9, 2010 at 20:00, Jamie G.<[email protected]> wrote:
Thanks for renaming the version in JIRA Guillaume.
So the next order of business here should be to review the 2.1.0
entries and see which we think can make it into 2.1.0 and which others
can be pushed to 2.2.0. I'd like to cut a release of Karaf in the near
future.
Cheers,
Jamie
On Mon, Sep 6, 2010 at 5:46 AM, Guillaume Nodet<[email protected]> wrote:
Ok, so I've renamed the version in JIRA to 2.1.0
On Sun, Sep 5, 2010 at 08:40, Guillaume Nodet<[email protected]> wrote:
We used to do that inside the Felix TLP, mostly because of the OSGi
versioning.
In OSGi,
2.0.0< 2.1.0< 2.1.0-SNAPSHOT
This was a rule in Felix, but I agree we could come back to a more
natural versioning and go for 2.1.0
I have never really seen a case where this was actually a problem,
especially if the snapshots are called 2.0.1-SNAPSHOT for example.
On Sun, Sep 5, 2010 at 02:00, Andreas Pieber<[email protected]>
wrote:
Mhm, just curious but y do you jump from 2.0.0 to 2.2.0?
Kind regards,
Andreas
On Fri, Sep 03, 2010 at 11:24:22AM -0230, Jamie G. wrote:
Hi All,
Development since our last release has been proceeding at a brisk
pace. Karaf 2.2.0 is on track to contain 11 bug fixes, 28
improvements, and 7 new features! As such, I believe that we should
begin the discussion of when we would like to cut our next release.
When we've determined what we'd like to include, and have a release
week chosen, I'd be happy to volunteer for the release management
process again.
Cheers,
Jamie
http://icodebythesea.blogspot.com/
--
Cheers,
Guillaume Nodet
------------------------
Blog: http://gnodet.blogspot.com/
------------------------
Open Source SOA
http://fusesource.com
--
Cheers,
Guillaume Nodet
------------------------
Blog: http://gnodet.blogspot.com/
------------------------
Open Source SOA
http://fusesource.com
--
Jean-Baptiste Onofré
---------------------------------
HomePage
http://www.nanthrax.net
---------------------------------
Contacts
[email protected]
[email protected]
---------------------------------
OpenSource
BuildProcess/AutoDeploy
http://buildprocess.sourceforge.net
Apache ServiceMix
http://servicemix.apache.org
-----------------------------------
PGP : 17D4F086
