It's just on my laptop for now, but I can commit anywhere, either github for other people to have a look or any karaf branch.
On Tue, Oct 30, 2012 at 1:04 PM, Jean-Baptiste Onofré <[email protected]>wrote: > You don't put it on your github fork (it's what I understood) ? > > Regards > JB > > > On 10/30/2012 01:01 PM, Guillaume Nodet wrote: > >> Well, I haven't committed anything yet, I was looking for feedback before >> ... >> >> On Tue, Oct 30, 2012 at 12:25 PM, Jean-Baptiste Onofré <[email protected] >> >wrote: >> >> Thanks for the update Guillaume and great job ! >>> >>> I gonna experiment (in combination with sub-shell) and extend to JMX, but >>> it looks very good. >>> >>> Thanks again, >>> Regards >>> JB >>> >>> >>> On 10/30/2012 12:20 PM, Guillaume Nodet wrote: >>> >>> I've worked last week on a solution for KARAF-979, i.e. providing a way >>>> to >>>> secure shell commands. >>>> What I came up with is the following. >>>> >>>> A new simple authentication service, exposed as an OSGi service with the >>>> following interface >>>> >>>> public interface AuthorizationService { >>>> >>>> void checkPermission(Subject subject, String permission); >>>> >>>> boolean isPermitted(Subject subject, String permission); >>>> >>>> } >>>> >>>> >>>> This service would be used transparently by karaf commands by modifying >>>> the >>>> BlueprintCommand class and calling checkPermission with the current >>>> Subject >>>> and a permission which is >>>> "command:" + [scope] + ":" + [command] >>>> >>>> Permissions can be set through ConfigAdmin using a single property which >>>> contains an xml which looks like: >>>> <entries> >>>> <entry permission="[xxx]" roles="[xxx]" type="add|set|modify" >>>> /> >>>> [ more entries ] >>>> </entries> >>>> >>>> The matching is done by checking the permission given in the call to the >>>> AuthorizationService with the entries in the configuration. Matching >>>> entries are used to compute the list of authorized roles and those roles >>>> are checked against the roles of the authenticated Subject. >>>> This mechanism is the same we had in ServiceMix 3.x. >>>> >>>> This allows to define permissions for a subshell or a single command. >>>> It >>>> does not provide a very easy way to split read operations from write >>>> operations and this would have to be done in an example configuration >>>> maybe >>>> to ease the user task. >>>> That said, the mechanism is easily extensible and we can later add >>>> permissions for JMX access or any other part of Karaf that would benefit >>>> from that. >>>> >>>> Thoughts welcomed, as usual. >>>> >>>> >>>> >>>> >>>> -- >>> Jean-Baptiste Onofré >>> [email protected] >>> http://blog.nanthrax.net >>> Talend - http://www.talend.com >>> >>> >> >> >> > -- > Jean-Baptiste Onofré > [email protected] > http://blog.nanthrax.net > Talend - http://www.talend.com > -- ------------------------ Guillaume Nodet ------------------------ Blog: http://gnodet.blogspot.com/ ------------------------ FuseSource, Integration everywhere http://fusesource.com
