FYI:

https://issues.apache.org/jira/browse/KARAF-3453

Regards
JB

On 01/19/2015 10:46 PM, Achim Nierbeck wrote:
Hi,

just been able to verify it.
No changes need to be done to Karaf, just the configuration Ed mentioned
is needed.
Especially the
org.jolokia.authMode=jaas
is needed.
I already had the realm configured, but left this to basic.

regards, Achim


2015-01-19 14:33 GMT+01:00 Jean-Baptiste Onofré <[email protected]
<mailto:[email protected]>>:

    Yes, it should be one or the other ;)

    On 01/19/2015 02:31 PM, Achim Nierbeck wrote:

        Well, I started with 2) but missed the

        org.jolokia.authMode=jaas

        part. That's why I will try if this will help in not requiring
        to disable 1)

        :-)

        regards, Achim


        2015-01-19 14:28 GMT+01:00 Jean-Baptiste Onofré <[email protected]
        <mailto:[email protected]>
        <mailto:[email protected] <mailto:[email protected]>>>:

             Correct, it's what I did.

             Actually, I did two things:

             1/ first I disabled the KarafMBeanServerBuilder in bin/karaf
             2/ I added the jolokia cfg

             Regards
             JB


             On 01/19/2015 02:22 PM, Ed Welch wrote:

                 I have this working in 3.0.2, in the file
        etc/org.jolokia.osgi.cfg:

                 org.jolokia.user=karaf
                 org.jolokia.realm=karaf
                 org.jolokia.authMode=jaas

                 I know that the realm and authMode settings are ignored
        unless
                 the user property is also set.

                 Achim, do you have at least these three options set in
        the cfg file?

                 Regards,
                 Ed

                 On Mon, 19 Jan 2015 10:07:55 +0100, Jean-Baptiste Onofré
                 <[email protected] <mailto:[email protected]>
        <mailto:[email protected] <mailto:[email protected]>>> wrote:

                     Hi,

                     Let me check, but I think I did a hack in jolokia
        for that
                     (or in the
                     HTTP service ACL, I don't remember).

                     I keep you posted (on IRC or here).

                     Regards
                     JB

                     On 01/19/2015 09:46 AM, Achim Nierbeck wrote:

                         Hi,

                         I was experimenting with Karaf 3.0.3-SNAPSHOT plus
                         Jolokia to get some
                         details about the state of the server.
                         First I used Jolokia 1.2.4-SNAPSHOT since it
        supports a
                         configuration
                         based on config admin service. I was able to
        point it to
                         use the karaf
                         realm this way.
                         Now I still face an issue which I think is due
        to the
                         "rather new" RBAC
                         stuff.
                         Every time I do query for example for the heap
        usage I'm
                         faced by a
                         403, Insufficient roles/credentials for operation.

                         This is rather anoying, one way is to disable
        RBAC, but
                         that can't be
                         really a solution.
                         So does anyone know how to fix this?

                         regards, Achim


                         --

                         Apache Member
                         Apache Karaf <http://karaf.apache.org/>
        Committer & PMC
                         OPS4J Pax Web

        <http://wiki.ops4j.org/____display/paxweb/Pax+Web/
        <http://wiki.ops4j.org/__display/paxweb/Pax+Web/>

        <http://wiki.ops4j.org/__display/paxweb/Pax+Web/
        <http://wiki.ops4j.org/display/paxweb/Pax+Web/>>> Committer
                         & Project Lead
                         blog <http://notizblog.nierbeck.de/____
        <http://notizblog.nierbeck.de/__>>
                         Co-Author of Apache Karaf Cookbook
        <http://bit.ly/1ps9rkS>

                         Software Architect / Project Manager / Scrum Master


                     --
                     Jean-Baptiste Onofré
        [email protected] <mailto:[email protected]>
        <mailto:[email protected] <mailto:[email protected]>>
        http://blog.nanthrax.net
                     Talend - http://www.talend.com




             --
             Jean-Baptiste Onofré
        [email protected] <mailto:[email protected]>
        <mailto:[email protected] <mailto:[email protected]>>
        http://blog.nanthrax.net
             Talend - http://www.talend.com




        --

        Apache Member
        Apache Karaf <http://karaf.apache.org/> Committer & PMC
        OPS4J Pax Web <http://wiki.ops4j.org/__display/paxweb/Pax+Web/
        <http://wiki.ops4j.org/display/paxweb/Pax+Web/>> Committer
        & Project Lead
        blog <http://notizblog.nierbeck.de/__>
        Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS>

        Software Architect / Project Manager / Scrum Master


    --
    Jean-Baptiste Onofré
    [email protected] <mailto:[email protected]>
    http://blog.nanthrax.net
    Talend - http://www.talend.com




--

Apache Member
Apache Karaf <http://karaf.apache.org/> Committer & PMC
OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/> Committer
& Project Lead
blog <http://notizblog.nierbeck.de/>
Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS>

Software Architect / Project Manager / Scrum Master


--
Jean-Baptiste Onofré
[email protected]
http://blog.nanthrax.net
Talend - http://www.talend.com

Reply via email to