FYI: https://issues.apache.org/jira/browse/KARAF-3453
Regards JB On 01/19/2015 10:46 PM, Achim Nierbeck wrote:
Hi, just been able to verify it. No changes need to be done to Karaf, just the configuration Ed mentioned is needed. Especially the org.jolokia.authMode=jaas is needed. I already had the realm configured, but left this to basic. regards, Achim 2015-01-19 14:33 GMT+01:00 Jean-Baptiste Onofré <[email protected] <mailto:[email protected]>>: Yes, it should be one or the other ;) On 01/19/2015 02:31 PM, Achim Nierbeck wrote: Well, I started with 2) but missed the org.jolokia.authMode=jaas part. That's why I will try if this will help in not requiring to disable 1) :-) regards, Achim 2015-01-19 14:28 GMT+01:00 Jean-Baptiste Onofré <[email protected] <mailto:[email protected]> <mailto:[email protected] <mailto:[email protected]>>>: Correct, it's what I did. Actually, I did two things: 1/ first I disabled the KarafMBeanServerBuilder in bin/karaf 2/ I added the jolokia cfg Regards JB On 01/19/2015 02:22 PM, Ed Welch wrote: I have this working in 3.0.2, in the file etc/org.jolokia.osgi.cfg: org.jolokia.user=karaf org.jolokia.realm=karaf org.jolokia.authMode=jaas I know that the realm and authMode settings are ignored unless the user property is also set. Achim, do you have at least these three options set in the cfg file? Regards, Ed On Mon, 19 Jan 2015 10:07:55 +0100, Jean-Baptiste Onofré <[email protected] <mailto:[email protected]> <mailto:[email protected] <mailto:[email protected]>>> wrote: Hi, Let me check, but I think I did a hack in jolokia for that (or in the HTTP service ACL, I don't remember). I keep you posted (on IRC or here). Regards JB On 01/19/2015 09:46 AM, Achim Nierbeck wrote: Hi, I was experimenting with Karaf 3.0.3-SNAPSHOT plus Jolokia to get some details about the state of the server. First I used Jolokia 1.2.4-SNAPSHOT since it supports a configuration based on config admin service. I was able to point it to use the karaf realm this way. Now I still face an issue which I think is due to the "rather new" RBAC stuff. Every time I do query for example for the heap usage I'm faced by a 403, Insufficient roles/credentials for operation. This is rather anoying, one way is to disable RBAC, but that can't be really a solution. So does anyone know how to fix this? regards, Achim -- Apache Member Apache Karaf <http://karaf.apache.org/> Committer & PMC OPS4J Pax Web <http://wiki.ops4j.org/____display/paxweb/Pax+Web/ <http://wiki.ops4j.org/__display/paxweb/Pax+Web/> <http://wiki.ops4j.org/__display/paxweb/Pax+Web/ <http://wiki.ops4j.org/display/paxweb/Pax+Web/>>> Committer & Project Lead blog <http://notizblog.nierbeck.de/____ <http://notizblog.nierbeck.de/__>> Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS> Software Architect / Project Manager / Scrum Master -- Jean-Baptiste Onofré [email protected] <mailto:[email protected]> <mailto:[email protected] <mailto:[email protected]>> http://blog.nanthrax.net Talend - http://www.talend.com -- Jean-Baptiste Onofré [email protected] <mailto:[email protected]> <mailto:[email protected] <mailto:[email protected]>> http://blog.nanthrax.net Talend - http://www.talend.com -- Apache Member Apache Karaf <http://karaf.apache.org/> Committer & PMC OPS4J Pax Web <http://wiki.ops4j.org/__display/paxweb/Pax+Web/ <http://wiki.ops4j.org/display/paxweb/Pax+Web/>> Committer & Project Lead blog <http://notizblog.nierbeck.de/__> Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS> Software Architect / Project Manager / Scrum Master -- Jean-Baptiste Onofré [email protected] <mailto:[email protected]> http://blog.nanthrax.net Talend - http://www.talend.com -- Apache Member Apache Karaf <http://karaf.apache.org/> Committer & PMC OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/> Committer & Project Lead blog <http://notizblog.nierbeck.de/> Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS> Software Architect / Project Manager / Scrum Master
-- Jean-Baptiste Onofré [email protected] http://blog.nanthrax.net Talend - http://www.talend.com
