[
https://issues.apache.org/jira/browse/KARAF-172?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jamie goodyear closed KARAF-172.
--------------------------------
> Implement a mechanism that would allow a karaf application to distingush
> between UserPrincipal & RolePrincipal without depending from Karaf JAAS
> Modules
> --------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: KARAF-172
> URL: https://issues.apache.org/jira/browse/KARAF-172
> Project: Karaf
> Issue Type: New Feature
> Reporter: Ioannis Canellos
> Assignee: Ioannis Canellos
> Fix For: 2.1.0
>
> Attachments: KARAF-172-patch.txt
>
>
> A karaf application that makes use of JAAS for authentication and
> authorization will obtain a LoginContext that contains UserPrincipal and
> RolePrincipal objects (both classes are inside
> org.apache.karaf.jaas:org.apache.karaf.jaas.modules).
> If such application needs to distinguish between those two(e.g role based
> authorization), will have to depend from
> org.apache.karaf.jaas:org.apache.karaf.jaas.modules.
> I think that the application needs to be decoupled from Karaf JAAS Modules
> and this is why I think that an alternative needs to be provided to the user.
> Such alternative could be the use of a convention (maybe like having a prefix
> on Roles, or goruping roles under a Group with a fixed name (jboss
> approach)). This mechanism could be implemented by Karaf Login Modules and
> even better could be pluggable.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
