Yeah, for instance users would tune the login.properties to add MyAppAuthentication subject, not only the karaf one.
Regards JB -----Original Message----- From: Andreas Pieber <[email protected]> Date: Sun, 30 Jan 2011 12:21:23 To: <[email protected]> Reply-To: [email protected] Subject: Re: Keep clean repo and JAAS configuration for the end-users If blueprint supports this a big +1 (never tried this but somehow sceptical if this works :)); I like to use the same jaas config for karaf and my application --> If I could change the entire implementation and flags... great! kind regards, andreas On Sun, Jan 30, 2011 at 10:27:44AM +0100, Jean-Baptiste Onofré wrote: > Hi all, > > I have some questions about the current scm repo: > > - @David: I saw that you created an assemblies module. We still have > the assembly module defined and used in the <modules/> main POM. I > guess it's a temporary situation and, after some more tests, the > assemblies module will replace the assembly module ? What about > profiles implementation and brainstorm ? > - @Achim: I saw that you added a src/main/configfiles directory > (containing a jetty.xml) in the assembly module. Why not used the > src/main/filtered-resources directory (and eventually create a new > directory in this one) or define a new sub-module ? I don't wanna > split the resources in a lot of directories. WDYT ? > > Now regarding the JAAS configuration. Correct me if I'm wrong, but > up to now, the JAAS configuration is defined in the blueprint > (OSGI-INF/blueprint/karaf-jaas-module.xml) descriptor of the > jaas/modules module: > > <jaas:config name="karaf"> > <jaas:module > className="org.apache.karaf.jaas.modules.properties.PropertiesLoginModule" > flags="required"> > users = $[karaf.base]/etc/users.properties > encryption.name = ${encryption.name} > encryption.enabled = ${encryption.enabled} > encryption.prefix = ${encryption.prefix} > encryption.suffix = ${encryption.suffix} > encryption.algorithm = ${encryption.algorithm} > encryption.encoding = ${encryption.encoding} > </jaas:module> > </jaas:config> > > So by default, we "force" the usage of the PropertiesLoginModule. > > It could be helpful for the end users to have access to a > etc/login.properties file to be able to define the login modules to > use with the policy associated (required, sufficient, optional). > For instance, we can add a property in the > etc/org.apache.karaf.jaas.cfg file to define the location of this > login.properties file (etc/login.properties by default) and > reference the PropertiesLoginModule by default. It could be more > clear for the users. > > WDYT ? > > Thank > Regards > JB > > > > >
