Author: buildbot Date: Wed Aug 21 08:57:06 2019 New Revision: 1049094 Log: Staging update by buildbot for felix
Modified: websites/staging/felix/trunk/content/ (props changed) websites/staging/felix/trunk/content/documentation/subprojects/apache-felix-web-console/web-console-security-provider.html Propchange: websites/staging/felix/trunk/content/ ------------------------------------------------------------------------------ --- cms:source-revision (original) +++ cms:source-revision Wed Aug 21 08:57:06 2019 @@ -1 +1 @@ -1865515 +1865611 Modified: websites/staging/felix/trunk/content/documentation/subprojects/apache-felix-web-console/web-console-security-provider.html ============================================================================== --- websites/staging/felix/trunk/content/documentation/subprojects/apache-felix-web-console/web-console-security-provider.html (original) +++ websites/staging/felix/trunk/content/documentation/subprojects/apache-felix-web-console/web-console-security-provider.html Wed Aug 21 08:57:06 2019 @@ -95,6 +95,20 @@ h2:hover > .headerlink, h3:hover > .head </ul> </div> <p>As of Apache Felix Web Console 3.1.0 security of the Web Console can be extended by providing a <code>WebConsoleSecurityProvicer</code> service. An extension to this service has been introduced with the <code>WebConsoleSecurityProvider2</code> service in Apache Felix Web Console 3.1.4.</p> +<p>As of Web Console 4.3.16 it is now possible to <em>require</em> a WebConsoleSecurityProvider service to be present in order for the Web Console to become +active. This can be used to prevent bypassing the security provider if this is provided asynchronously. +To do this, the WebConsoleSecurityProvider service needs to be registered with a <em>Service Registration</em> property to identify itself:</p> +<div class="codehilite"><pre>"<span class="n">webconsole</span><span class="p">.</span><span class="n">security</span><span class="p">.</span><span class="n">provider</span><span class="p">.</span><span class="n">id</span>" <span class="p">=</span> "<span class="n">my</span><span class="p">.</span><span class="n">security</span><span class="p">.</span><span class="n">provider</span>" +</pre></div> + + +<p>Then the Web Console can be informed about the security providers it needs to operate by setting the following <em>OSGi Framework</em> property:</p> +<div class="codehilite"><pre>"<span class="n">felix</span><span class="p">.</span><span class="n">webconsole</span><span class="p">.</span><span class="n">security</span><span class="p">.</span><span class="n">providers</span>" <span class="p">=</span> "<span class="n">my</span><span class="p">.</span><span class="n">security</span><span class="p">.</span><span class="n">provider</span>" +</pre></div> + + +<p>With this property specified, the Web Console will not activate until the service with the specified property is present. Local login as typically done with +<code>admin/password</code> is disabled when this property is specified.</p> <h2 id="webconsolesecurityprovider">WebConsoleSecurityProvider<a class="headerlink" href="#webconsolesecurityprovider" title="Permanent link">¶</a></h2> <p>The <code>WebConsoleSecurityProvider</code> service provides two methods:</p> <p>{code:java} @@ -172,7 +186,7 @@ public boolean authorize( Object user, S <h2 id="sample">Sample<a class="headerlink" href="#sample" title="Permanent link">¶</a></h2> <p>A sample of a <code>WebConsoleSecurityProvider</code> service is the Apache Sling implementation <a href="http://svn.apache.org/repos/asf/sling/trunk/bundles/extensions/webconsolesecurityprovider/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/SlingWebConsoleSecurityProvider.java"><code>SlingWebConsoleSecurityProvider</code></a>. This implementation uses a JCR implementation to login to the repository and thus validate the credentials.</p> <div class="timestamp" style="margin-top: 30px; font-size: 80%; text-align: right;"> - Rev. 1712598 by cziegeler on Wed, 4 Nov 2015 17:48:20 +0000 + Rev. 1865611 by davidb on Wed, 21 Aug 2019 08:56:22 +0000 </div> <div class="trademarkFooter"> Apache Felix, Felix, Apache, the Apache feather logo, and the Apache Felix project