Hi, just been able to verify it. No changes need to be done to Karaf, just the configuration Ed mentioned is needed. Especially the org.jolokia.authMode=jaas is needed. I already had the realm configured, but left this to basic.
regards, Achim 2015-01-19 14:33 GMT+01:00 Jean-Baptiste Onofré <[email protected]>: > Yes, it should be one or the other ;) > > On 01/19/2015 02:31 PM, Achim Nierbeck wrote: > >> Well, I started with 2) but missed the >> >> org.jolokia.authMode=jaas >> >> part. That's why I will try if this will help in not requiring to disable >> 1) >> >> :-) >> >> regards, Achim >> >> >> 2015-01-19 14:28 GMT+01:00 Jean-Baptiste Onofré <[email protected] >> <mailto:[email protected]>>: >> >> Correct, it's what I did. >> >> Actually, I did two things: >> >> 1/ first I disabled the KarafMBeanServerBuilder in bin/karaf >> 2/ I added the jolokia cfg >> >> Regards >> JB >> >> >> On 01/19/2015 02:22 PM, Ed Welch wrote: >> >> I have this working in 3.0.2, in the file >> etc/org.jolokia.osgi.cfg: >> >> org.jolokia.user=karaf >> org.jolokia.realm=karaf >> org.jolokia.authMode=jaas >> >> I know that the realm and authMode settings are ignored unless >> the user property is also set. >> >> Achim, do you have at least these three options set in the cfg >> file? >> >> Regards, >> Ed >> >> On Mon, 19 Jan 2015 10:07:55 +0100, Jean-Baptiste Onofré >> <[email protected] <mailto:[email protected]>> wrote: >> >> Hi, >> >> Let me check, but I think I did a hack in jolokia for that >> (or in the >> HTTP service ACL, I don't remember). >> >> I keep you posted (on IRC or here). >> >> Regards >> JB >> >> On 01/19/2015 09:46 AM, Achim Nierbeck wrote: >> >> Hi, >> >> I was experimenting with Karaf 3.0.3-SNAPSHOT plus >> Jolokia to get some >> details about the state of the server. >> First I used Jolokia 1.2.4-SNAPSHOT since it supports a >> configuration >> based on config admin service. I was able to point it to >> use the karaf >> realm this way. >> Now I still face an issue which I think is due to the >> "rather new" RBAC >> stuff. >> Every time I do query for example for the heap usage I'm >> faced by a >> 403, Insufficient roles/credentials for operation. >> >> This is rather anoying, one way is to disable RBAC, but >> that can't be >> really a solution. >> So does anyone know how to fix this? >> >> regards, Achim >> >> >> -- >> >> Apache Member >> Apache Karaf <http://karaf.apache.org/> Committer & PMC >> OPS4J Pax Web >> <http://wiki.ops4j.org/__display/paxweb/Pax+Web/ >> <http://wiki.ops4j.org/display/paxweb/Pax+Web/>> >> Committer >> & Project Lead >> blog <http://notizblog.nierbeck.de/__> >> Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS >> > >> >> Software Architect / Project Manager / Scrum Master >> >> >> -- >> Jean-Baptiste Onofré >> [email protected] <mailto:[email protected]> >> http://blog.nanthrax.net >> Talend - http://www.talend.com >> >> >> >> >> -- >> Jean-Baptiste Onofré >> [email protected] <mailto:[email protected]> >> http://blog.nanthrax.net >> Talend - http://www.talend.com >> >> >> >> >> -- >> >> Apache Member >> Apache Karaf <http://karaf.apache.org/> Committer & PMC >> OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/> Committer >> & Project Lead >> blog <http://notizblog.nierbeck.de/> >> Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS> >> >> Software Architect / Project Manager / Scrum Master >> >> > -- > Jean-Baptiste Onofré > [email protected] > http://blog.nanthrax.net > Talend - http://www.talend.com > -- Apache Member Apache Karaf <http://karaf.apache.org/> Committer & PMC OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/> Committer & Project Lead blog <http://notizblog.nierbeck.de/> Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS> Software Architect / Project Manager / Scrum Master
