[jira] [Work logged] (ARTEMIS-4263) support access to our JaasCallbackhandler from a jdk http Authenticator

Fri, 28 Apr 2023 09:26:04 -0700 


     [ 
https://issues.apache.org/jira/browse/ARTEMIS-4263?focusedWorklogId=859699&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-859699
 ]

ASF GitHub Bot logged work on ARTEMIS-4263:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 28/Apr/23 16:25
            Start Date: 28/Apr/23 16:25
    Worklog Time Spent: 10m 
      Work Description: gemmellr commented on code in PR #4458:
URL: https://github.com/apache/activemq-artemis/pull/4458#discussion_r1180602494


##########
artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/AuthenticatorAdapter.java:
##########
@@ -0,0 +1,128 @@
+/**

Review Comment:
   Because this isnt the description, it isnt actually doc, its a licence 
header.  Its a waste of time for the javadoc processor to even be looking at 
it. Its formatted differently than it should be (has tags, and changed indent). 
Its inconsistent with the rest of the codebase (even the test in this same PR).





Issue Time Tracking
-------------------

    Worklog Id:     (was: 859699)
    Time Spent: 1h 40m  (was: 1.5h)

> support access to our JaasCallbackhandler from a jdk http Authenticator
> -----------------------------------------------------------------------
>
>                 Key: ARTEMIS-4263
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-4263
>             Project: ActiveMQ Artemis
>          Issue Type: Improvement
>          Components: JAAS
>    Affects Versions: 2.28.0
>            Reporter: Gary Tully
>            Assignee: Gary Tully
>            Priority: Major
>          Time Spent: 1h 40m
>  Remaining Estimate: 0h
>
> To allow the jolokia jvm agent to utilise jaas with our callback handler, it 
> is necessary to provide a wrapper that is aware of the capabilities of the 
> various artemis login modules and provide the necessary callback 
> implementation
> httpserver supports an extension point in the form of a 
> {{com.sun.net.httpserver.Authenticator}} that we can use.  the jolokia jvm 
> agent has an authenticator that does jaas but is limited to plain 
> credentials. We can plug in a similar Artemis jaas delegating authenticator 
> and do proper rbac when the jolokia jvm agent is in play.
> This will allow us to reduce the surface are that we expose to support 
> jolokia, avoiding the need for jetty. 
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to