Well, since there is no standardized approach for securing applications within OSGi, I think your approach is as good as any other. Playing with your ideas a little bit in my head I would say that it should basically works for all our (Karaf) requirements. Therefore --> good work and +1 :-)
Kind regards, Andreas On Tue, Oct 30, 2012 at 1:28 PM, Jean-Baptiste Onofré <[email protected]>wrote: > OK, no worries. Your introduction looks good to me. > > Regards > JB > > > On 10/30/2012 01:06 PM, Guillaume Nodet wrote: > >> It's just on my laptop for now, but I can commit anywhere, either github >> for other people to have a look or any karaf branch. >> >> On Tue, Oct 30, 2012 at 1:04 PM, Jean-Baptiste Onofré <[email protected] >> >wrote: >> >> You don't put it on your github fork (it's what I understood) ? >>> >>> Regards >>> JB >>> >>> >>> On 10/30/2012 01:01 PM, Guillaume Nodet wrote: >>> >>> Well, I haven't committed anything yet, I was looking for feedback >>>> before >>>> ... >>>> >>>> On Tue, Oct 30, 2012 at 12:25 PM, Jean-Baptiste Onofré <[email protected] >>>> >>>>> wrote: >>>>> >>>> >>>> Thanks for the update Guillaume and great job ! >>>> >>>>> >>>>> I gonna experiment (in combination with sub-shell) and extend to JMX, >>>>> but >>>>> it looks very good. >>>>> >>>>> Thanks again, >>>>> Regards >>>>> JB >>>>> >>>>> >>>>> On 10/30/2012 12:20 PM, Guillaume Nodet wrote: >>>>> >>>>> I've worked last week on a solution for KARAF-979, i.e. providing a >>>>> way >>>>> >>>>>> to >>>>>> secure shell commands. >>>>>> What I came up with is the following. >>>>>> >>>>>> A new simple authentication service, exposed as an OSGi service with >>>>>> the >>>>>> following interface >>>>>> >>>>>> public interface AuthorizationService { >>>>>> >>>>>> void checkPermission(Subject subject, String permission); >>>>>> >>>>>> boolean isPermitted(Subject subject, String permission); >>>>>> >>>>>> } >>>>>> >>>>>> >>>>>> This service would be used transparently by karaf commands by >>>>>> modifying >>>>>> the >>>>>> BlueprintCommand class and calling checkPermission with the current >>>>>> Subject >>>>>> and a permission which is >>>>>> "command:" + [scope] + ":" + [command] >>>>>> >>>>>> Permissions can be set through ConfigAdmin using a single property >>>>>> which >>>>>> contains an xml which looks like: >>>>>> <entries> >>>>>> <entry permission="[xxx]" roles="[xxx]" >>>>>> type="add|set|modify" >>>>>> /> >>>>>> [ more entries ] >>>>>> </entries> >>>>>> >>>>>> The matching is done by checking the permission given in the call to >>>>>> the >>>>>> AuthorizationService with the entries in the configuration. Matching >>>>>> entries are used to compute the list of authorized roles and those >>>>>> roles >>>>>> are checked against the roles of the authenticated Subject. >>>>>> This mechanism is the same we had in ServiceMix 3.x. >>>>>> >>>>>> This allows to define permissions for a subshell or a single command. >>>>>> It >>>>>> does not provide a very easy way to split read operations from write >>>>>> operations and this would have to be done in an example configuration >>>>>> maybe >>>>>> to ease the user task. >>>>>> That said, the mechanism is easily extensible and we can later add >>>>>> permissions for JMX access or any other part of Karaf that would >>>>>> benefit >>>>>> from that. >>>>>> >>>>>> Thoughts welcomed, as usual. >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> >>>>> Jean-Baptiste Onofré >>>>> [email protected] >>>>> http://blog.nanthrax.net >>>>> Talend - http://www.talend.com >>>>> >>>>> >>>>> >>>> >>>> >>>> -- >>> Jean-Baptiste Onofré >>> [email protected] >>> http://blog.nanthrax.net >>> Talend - http://www.talend.com >>> >>> >> >> >> > -- > Jean-Baptiste Onofré > [email protected] > http://blog.nanthrax.net > Talend - http://www.talend.com >
