Re: Karaf 3.0.x + Jolokia + JMX + RBAC

Mon, 19 Jan 2015 05:34:48 -0800 

Yes, it should be one or the other ;)

On 01/19/2015 02:31 PM, Achim Nierbeck wrote:

Well, I started with 2) but missed the

org.jolokia.authMode=jaas

part. That's why I will try if this will help in not requiring to disable 1)

:-)

regards, Achim


2015-01-19 14:28 GMT+01:00 Jean-Baptiste Onofré <[email protected]
<mailto:[email protected]>>:

    Correct, it's what I did.

    Actually, I did two things:

    1/ first I disabled the KarafMBeanServerBuilder in bin/karaf
    2/ I added the jolokia cfg

    Regards
    JB


    On 01/19/2015 02:22 PM, Ed Welch wrote:

        I have this working in 3.0.2, in the file etc/org.jolokia.osgi.cfg:

        org.jolokia.user=karaf
        org.jolokia.realm=karaf
        org.jolokia.authMode=jaas

        I know that the realm and authMode settings are ignored unless
        the user property is also set.

        Achim, do you have at least these three options set in the cfg file?

        Regards,
        Ed

        On Mon, 19 Jan 2015 10:07:55 +0100, Jean-Baptiste Onofré
        <[email protected] <mailto:[email protected]>> wrote:

            Hi,

            Let me check, but I think I did a hack in jolokia for that
            (or in the
            HTTP service ACL, I don't remember).

            I keep you posted (on IRC or here).

            Regards
            JB

            On 01/19/2015 09:46 AM, Achim Nierbeck wrote:

                Hi,

                I was experimenting with Karaf 3.0.3-SNAPSHOT plus
                Jolokia to get some
                details about the state of the server.
                First I used Jolokia 1.2.4-SNAPSHOT since it supports a
                configuration
                based on config admin service. I was able to point it to
                use the karaf
                realm this way.
                Now I still face an issue which I think is due to the
                "rather new" RBAC
                stuff.
                Every time I do query for example for the heap usage I'm
                faced by a
                403, Insufficient roles/credentials for operation.

                This is rather anoying, one way is to disable RBAC, but
                that can't be
                really a solution.
                So does anyone know how to fix this?

                regards, Achim


                --

                Apache Member
                Apache Karaf <http://karaf.apache.org/> Committer & PMC
                OPS4J Pax Web
                <http://wiki.ops4j.org/__display/paxweb/Pax+Web/
                <http://wiki.ops4j.org/display/paxweb/Pax+Web/>> Committer
                & Project Lead
                blog <http://notizblog.nierbeck.de/__>
                Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS>

                Software Architect / Project Manager / Scrum Master


            --
            Jean-Baptiste Onofré
            [email protected] <mailto:[email protected]>
            http://blog.nanthrax.net
            Talend - http://www.talend.com




    --
    Jean-Baptiste Onofré
    [email protected] <mailto:[email protected]>
    http://blog.nanthrax.net
    Talend - http://www.talend.com




--

Apache Member
Apache Karaf <http://karaf.apache.org/> Committer & PMC
OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/> Committer
& Project Lead
blog <http://notizblog.nierbeck.de/>
Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS>

Software Architect / Project Manager / Scrum Master



--
Jean-Baptiste Onofré
[email protected]
http://blog.nanthrax.net
Talend - http://www.talend.com

Reply via email to