>>>>> cooshal <[email protected]>:
> Hi:
> thank you for your reply.
> Thank you for sharing the project. I looked at the project, but I guess this
> implementation is too complicated for my current needs. I have an extremely
> simply HTML/JS application, for which I want it to be authenticated using
> karaf realm, for example.
Well... simple HTML/JS applications is what I use it for. :-)
It's actually pretty simple:
1. You need to create a bundle defining the web context (ie. the local
path of your web application eg. "/myapp"). That's mostly
boilerplate and you can look at my sample projects:
https://github.com/steinarb/authservice/tree/master/authservice.web.security
https://github.com/steinarb/ukelonn/tree/master/ukelonn.web.security
https://github.com/steinarb/handlereg/tree/master/handlereg.web.security
2. The bundle needs to create a web context helper. Some examples of
DS components creating a web context helper
https://github.com/steinarb/authservice/blob/master/authservice.web.security/src/main/java/no/priv/bang/authservice/web/security/AuthserviceServletContextHelper.java#L22
https://github.com/steinarb/ukelonn/blob/master/ukelonn.web.security/src/main/java/no/priv/bang/ukelonn/web/security/UkelonnServletContextHelper.java#L7
https://github.com/steinarb/handlereg/blob/master/handlereg.web.security/src/main/java/no/priv/bang/handlereg/web/security/HandleregServletContextHelper.java#L22
(no actual code, just a DS component with some magical annotations)
3. The bundle needs to create a shiro filter and attach it to the web
context. The shiro filter needs to receive Realm and SessionDAO as
OSGi service injections (authservice provides these):
https://github.com/steinarb/authservice/blob/master/authservice.web.security/src/main/java/no/priv/bang/authservice/web/security/AuthserviceShiroFilter.java#L44
https://github.com/steinarb/ukelonn/blob/master/ukelonn.web.security/src/main/java/no/priv/bang/ukelonn/web/security/UkelonnShiroFilter.java#L41
https://github.com/steinarb/handlereg/blob/master/handlereg.web.security/src/main/java/no/priv/bang/handlereg/web/security/HandleregShiroFilter.java#L38
(have to do the configuration in code instead of using shiro.ini,
because the shiro.ini code can't find the shiro classes in an OSGi
context. However the dependency injections of Realm and SessionDAO
makes things simpler)
4. If you want to have fine control of the paths in your webapp, use a
shiro.ini file, some examples:
https://github.com/steinarb/authservice/blob/master/authservice.web.security/src/main/resources/shiro.ini
https://github.com/steinarb/ukelonn/blob/master/ukelonn.web.security/src/main/resources/shiro.ini
https://github.com/steinarb/handlereg/blob/master/handlereg.web.security/src/main/resources/shiro.ini
Once you have this in place I think you can basically use whatever way
you want to define your web application, you just need to use the
webcontext defined by the web context helper.
And you need to use a reverse proxy to fix the paths of the shiro
authentication cookies. That bit is a bit of a hack, but I don't see it
much myself, since I was using a reverse proxy anyway.
> I was following a sample from pax-web repo for the configuration stuffs,
> https://github.com/ops4j/org.ops4j.pax.web/tree/master/samples/wab-jetty-web.
> I could configure the web.xml file and set the authentication stuffs there.
> This works perfectly fine, if I package my app as a war, but this does not
> work if I package it as a bundle. That is where I got stuck.
FWIW my way should work fine with web whiteboard OSGi bundles, and
possibly also with WAR bundles. :-)
(I haven't tried WAR bundles with this approach myself. After I got web
whiteboard working I haven't looked back...)
This may be also of interest
1. A simple react frontend example as an OSGi bundle, using web
whiteboard
https://github.com/steinarb/frontend-karaf-demo
a. Use maven to compile a frontend into a bundle.js file that is
added as a resource in the OSGi bundle
https://github.com/steinarb/frontend-karaf-demo/blob/master/pom.xml#L105
https://github.com/steinarb/frontend-karaf-demo/tree/master/src/main/frontend
b. Create a web whiteboard servlet that serves the bundle.js on all
paths leading to your webapp
https://github.com/steinarb/frontend-karaf-demo/blob/master/src/main/java/no/priv/bang/demos/frontendkarafdemo/ReactServlet.java#L24
2. A serving a jersey REST service as an OSGi bundle, using web
whiteboard
https://github.com/steinarb/jersey-karaf-feature
