Hi Bernd, Thanks for your feedback and proposal.
Generally speaking I agree with the proposal. Karaf5 service could be a nice location, but keep in mind that Karaf5 service are not OSGi service (the osgi application manager is itself a K5 service). So, I think we can already prepare some stuff for Karaf 4.4/4.5. Let me think about the roadmap/target. Thanks again ! Regards JB > Le 19 mai 2021 à 11:31, Bernd <e...@zusammenkunft.net> a écrit : > > Hello, > > I noticed that Karaf provides quite useful principals for Roles, Groups and > Client. But if I want to consume or create those principals in my own code, > I have to depend on the karaf-boot bundle. > > I wonder: > > a) would it make sense for Karaf5 to move the classes to a more focused API > jar. That would be helpful if I want to build a Microservice Servlet which > should also run in other containers or if I just dont want to depend on the > -boot bunfle. > > b) would it make sense to provide utilities (JAASContext.getClientIP() or > something) > > c) would it make sense to add this to the logger so that it can add this > (subject/ip) to all log lines generated with active JAAS context. > > d) if I have my own http listener, is there a filter I can use to establish > the JAAS login and especially also attach the http-client IP principal? > > e) we are using Felix RSA/fastbin, I wonder if somebody has experience with > adding instance-level authentication to something like this (and to RMI)? > > Gruss > Bernd
