[jira] [Commented] (KARAF-4784) OsgiConfiguration for JAAS should fallback to default configuration
[ https://issues.apache.org/jira/browse/KARAF-4784?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15728355#comment-15728355 ] ASF GitHub Bot commented on KARAF-4784: --- Github user asfgit closed the pull request at: https://github.com/apache/karaf/pull/271 > OsgiConfiguration for JAAS should fallback to default configuration > --- > > Key: KARAF-4784 > URL: https://issues.apache.org/jira/browse/KARAF-4784 > Project: Karaf > Issue Type: Bug > Components: karaf-security >Affects Versions: 4.0.7 >Reporter: Benjamin Papez >Assignee: Guillaume Nodet > Fix For: 4.1.0 > > > We will use Karaf embedded in the next version of our Web Application, which > means that we still first start the application server > (Tomcat/JBoss/Websphere) and then Karaf is started inside. Some of our > customers are using a JAAS configuration, mainly Kerberos for SPNEGO. > Unfortunately with the step to use Karaf the current default JAAS > configuration is no longer picked up and used, because Karaf is setting the > {{org.apache.karaf.jaas.config.impl.OsgiConfiguration}} object into > {{javax.security.auth.login.Configuration.setConfiguration}} within the > {{OsgiConfiguration.init}} method. > This way all standard/app-server specific ways of JAAS configuration are > ignored. > I would propose a modification to {{OsgiConfiguration}}, with something like: > {code} > private Configuration defaultConfiguration; > public void init() { > try { > defaultConfiguration = Configuration.getConfiguration(); > } catch (RuntimeException ex) { > // default configuration for fallback could not be retrieved - > should be logged > } > Configuration.setConfiguration(this); > } > ... > public AppConfigurationEntry[] getAppConfigurationEntry(String name) { > JaasRealm realm = null; > for (JaasRealm r : realms) { > if (r.getName().equals(name)) { > if (realm == null || r.getRank() > realm.getRank()) { > realm = r; > } > } > } > if (realm != null) { > return realm.getEntries(); > } else if (defaultConfiguration != null) { >return defaultConfiguration.getAppConfigurationEntry(name); > } > return null; > } > public void refresh() { > if (defaultConfiguration != null) { > defaultConfiguration.refresh(); > } > } > {code} > This way if no OSGI configured JAAS realm can find an > {{AppConfigurationEntry}}, we would still try to get it from the default JAAS > configuration, and our customers could keep the same JAAS configuration as > before. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KARAF-4784) OsgiConfiguration for JAAS should fallback to default configuration
[ https://issues.apache.org/jira/browse/KARAF-4784?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15728354#comment-15728354 ] ASF subversion and git services commented on KARAF-4784: Commit 333feab0e2cefcf845f7499ccbd87ff90ac4235b in karaf's branch refs/heads/master from [~jbonofre] [ https://git-wip-us.apache.org/repos/asf?p=karaf.git;h=333feab ] [KARAF-4784] This closes #271 > OsgiConfiguration for JAAS should fallback to default configuration > --- > > Key: KARAF-4784 > URL: https://issues.apache.org/jira/browse/KARAF-4784 > Project: Karaf > Issue Type: Bug > Components: karaf-security >Affects Versions: 4.0.7 >Reporter: Benjamin Papez >Assignee: Guillaume Nodet > Fix For: 4.1.0 > > > We will use Karaf embedded in the next version of our Web Application, which > means that we still first start the application server > (Tomcat/JBoss/Websphere) and then Karaf is started inside. Some of our > customers are using a JAAS configuration, mainly Kerberos for SPNEGO. > Unfortunately with the step to use Karaf the current default JAAS > configuration is no longer picked up and used, because Karaf is setting the > {{org.apache.karaf.jaas.config.impl.OsgiConfiguration}} object into > {{javax.security.auth.login.Configuration.setConfiguration}} within the > {{OsgiConfiguration.init}} method. > This way all standard/app-server specific ways of JAAS configuration are > ignored. > I would propose a modification to {{OsgiConfiguration}}, with something like: > {code} > private Configuration defaultConfiguration; > public void init() { > try { > defaultConfiguration = Configuration.getConfiguration(); > } catch (RuntimeException ex) { > // default configuration for fallback could not be retrieved - > should be logged > } > Configuration.setConfiguration(this); > } > ... > public AppConfigurationEntry[] getAppConfigurationEntry(String name) { > JaasRealm realm = null; > for (JaasRealm r : realms) { > if (r.getName().equals(name)) { > if (realm == null || r.getRank() > realm.getRank()) { > realm = r; > } > } > } > if (realm != null) { > return realm.getEntries(); > } else if (defaultConfiguration != null) { >return defaultConfiguration.getAppConfigurationEntry(name); > } > return null; > } > public void refresh() { > if (defaultConfiguration != null) { > defaultConfiguration.refresh(); > } > } > {code} > This way if no OSGI configured JAAS realm can find an > {{AppConfigurationEntry}}, we would still try to get it from the default JAAS > configuration, and our customers could keep the same JAAS configuration as > before. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KARAF-4784) OsgiConfiguration for JAAS should fallback to default configuration
[ https://issues.apache.org/jira/browse/KARAF-4784?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712375#comment-15712375 ] ASF subversion and git services commented on KARAF-4784: Commit ad3e4bd98e71eba03fd79f8fae1194f4c803c7aa in karaf's branch refs/heads/master from [~gnt] [ https://git-wip-us.apache.org/repos/asf?p=karaf.git;h=ad3e4bd ] [KARAF-4784] OsgiConfiguration for JAAS should fallback to default configuration > OsgiConfiguration for JAAS should fallback to default configuration > --- > > Key: KARAF-4784 > URL: https://issues.apache.org/jira/browse/KARAF-4784 > Project: Karaf > Issue Type: Bug > Components: karaf-security >Affects Versions: 4.0.7 >Reporter: Benjamin Papez > > We will use Karaf embedded in the next version of our Web Application, which > means that we still first start the application server > (Tomcat/JBoss/Websphere) and then Karaf is started inside. Some of our > customers are using a JAAS configuration, mainly Kerberos for SPNEGO. > Unfortunately with the step to use Karaf the current default JAAS > configuration is no longer picked up and used, because Karaf is setting the > {{org.apache.karaf.jaas.config.impl.OsgiConfiguration}} object into > {{javax.security.auth.login.Configuration.setConfiguration}} within the > {{OsgiConfiguration.init}} method. > This way all standard/app-server specific ways of JAAS configuration are > ignored. > I would propose a modification to {{OsgiConfiguration}}, with something like: > {code} > private Configuration defaultConfiguration; > public void init() { > try { > defaultConfiguration = Configuration.getConfiguration(); > } catch (RuntimeException ex) { > // default configuration for fallback could not be retrieved - > should be logged > } > Configuration.setConfiguration(this); > } > ... > public AppConfigurationEntry[] getAppConfigurationEntry(String name) { > JaasRealm realm = null; > for (JaasRealm r : realms) { > if (r.getName().equals(name)) { > if (realm == null || r.getRank() > realm.getRank()) { > realm = r; > } > } > } > if (realm != null) { > return realm.getEntries(); > } else if (defaultConfiguration != null) { >return defaultConfiguration.getAppConfigurationEntry(name); > } > return null; > } > public void refresh() { > if (defaultConfiguration != null) { > defaultConfiguration.refresh(); > } > } > {code} > This way if no OSGI configured JAAS realm can find an > {{AppConfigurationEntry}}, we would still try to get it from the default JAAS > configuration, and our customers could keep the same JAAS configuration as > before. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KARAF-4784) OsgiConfiguration for JAAS should fallback to default configuration
[ https://issues.apache.org/jira/browse/KARAF-4784?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712373#comment-15712373 ] ASF subversion and git services commented on KARAF-4784: Commit 040c805f47abe0f0a3fd18258e14bec5f4bca5a8 in karaf's branch refs/heads/master from [~gnt] [ https://git-wip-us.apache.org/repos/asf?p=karaf.git;h=040c805 ] [KARAF-4784] OsgiConfiguration for JAAS should fallback to default configuration > OsgiConfiguration for JAAS should fallback to default configuration > --- > > Key: KARAF-4784 > URL: https://issues.apache.org/jira/browse/KARAF-4784 > Project: Karaf > Issue Type: Bug > Components: karaf-security >Affects Versions: 4.0.7 >Reporter: Benjamin Papez > > We will use Karaf embedded in the next version of our Web Application, which > means that we still first start the application server > (Tomcat/JBoss/Websphere) and then Karaf is started inside. Some of our > customers are using a JAAS configuration, mainly Kerberos for SPNEGO. > Unfortunately with the step to use Karaf the current default JAAS > configuration is no longer picked up and used, because Karaf is setting the > {{org.apache.karaf.jaas.config.impl.OsgiConfiguration}} object into > {{javax.security.auth.login.Configuration.setConfiguration}} within the > {{OsgiConfiguration.init}} method. > This way all standard/app-server specific ways of JAAS configuration are > ignored. > I would propose a modification to {{OsgiConfiguration}}, with something like: > {code} > private Configuration defaultConfiguration; > public void init() { > try { > defaultConfiguration = Configuration.getConfiguration(); > } catch (RuntimeException ex) { > // default configuration for fallback could not be retrieved - > should be logged > } > Configuration.setConfiguration(this); > } > ... > public AppConfigurationEntry[] getAppConfigurationEntry(String name) { > JaasRealm realm = null; > for (JaasRealm r : realms) { > if (r.getName().equals(name)) { > if (realm == null || r.getRank() > realm.getRank()) { > realm = r; > } > } > } > if (realm != null) { > return realm.getEntries(); > } else if (defaultConfiguration != null) { >return defaultConfiguration.getAppConfigurationEntry(name); > } > return null; > } > public void refresh() { > if (defaultConfiguration != null) { > defaultConfiguration.refresh(); > } > } > {code} > This way if no OSGI configured JAAS realm can find an > {{AppConfigurationEntry}}, we would still try to get it from the default JAAS > configuration, and our customers could keep the same JAAS configuration as > before. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KARAF-4784) OsgiConfiguration for JAAS should fallback to default configuration
[ https://issues.apache.org/jira/browse/KARAF-4784?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15701925#comment-15701925 ] ASF GitHub Bot commented on KARAF-4784: --- GitHub user shyrkov opened a pull request: https://github.com/apache/karaf/pull/271 [KARAF-4784] OsgiConfiguration for JAAS should fallback to default configuration The details of the fix are described in the ticket https://issues.apache.org/jira/browse/KARAF-4784 We've tested the fix successfully on our side. Thank you! You can merge this pull request into a Git repository by running: $ git pull https://github.com/Jahia/karaf KARAF-4784 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/karaf/pull/271.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #271 commit 0be169531e9423c72f64205e4a5b34dd7207a91e Author: Sergiy ShyrkovDate: 2016-10-19T08:50:13Z [KARAF-4784] OsgiConfiguration for JAAS should fallback to default configuration > OsgiConfiguration for JAAS should fallback to default configuration > --- > > Key: KARAF-4784 > URL: https://issues.apache.org/jira/browse/KARAF-4784 > Project: Karaf > Issue Type: Bug > Components: karaf-security >Affects Versions: 4.0.7 >Reporter: Benjamin Papez > > We will use Karaf embedded in the next version of our Web Application, which > means that we still first start the application server > (Tomcat/JBoss/Websphere) and then Karaf is started inside. Some of our > customers are using a JAAS configuration, mainly Kerberos for SPNEGO. > Unfortunately with the step to use Karaf the current default JAAS > configuration is no longer picked up and used, because Karaf is setting the > {{org.apache.karaf.jaas.config.impl.OsgiConfiguration}} object into > {{javax.security.auth.login.Configuration.setConfiguration}} within the > {{OsgiConfiguration.init}} method. > This way all standard/app-server specific ways of JAAS configuration are > ignored. > I would propose a modification to {{OsgiConfiguration}}, with something like: > {code} > private Configuration defaultConfiguration; > public void init() { > try { > defaultConfiguration = Configuration.getConfiguration(); > } catch (RuntimeException ex) { > // default configuration for fallback could not be retrieved - > should be logged > } > Configuration.setConfiguration(this); > } > ... > public AppConfigurationEntry[] getAppConfigurationEntry(String name) { > JaasRealm realm = null; > for (JaasRealm r : realms) { > if (r.getName().equals(name)) { > if (realm == null || r.getRank() > realm.getRank()) { > realm = r; > } > } > } > if (realm != null) { > return realm.getEntries(); > } else if (defaultConfiguration != null) { >return defaultConfiguration.getAppConfigurationEntry(name); > } > return null; > } > public void refresh() { > if (defaultConfiguration != null) { > defaultConfiguration.refresh(); > } > } > {code} > This way if no OSGI configured JAAS realm can find an > {{AppConfigurationEntry}}, we would still try to get it from the default JAAS > configuration, and our customers could keep the same JAAS configuration as > before. -- This message was sent by Atlassian JIRA (v6.3.4#6332)