Repository: karaf Updated Branches: refs/heads/karaf-2.x f69273226 -> 97dc5077b
[KARAF-3268]remove karaf.admin.role Project: http://git-wip-us.apache.org/repos/asf/karaf/repo Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/97dc5077 Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/97dc5077 Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/97dc5077 Branch: refs/heads/karaf-2.x Commit: 97dc5077becdd69739db21b699103e339b395c2a Parents: f692732 Author: Freeman Fang <[email protected]> Authored: Thu Oct 9 16:25:15 2014 +0800 Committer: Freeman Fang <[email protected]> Committed: Thu Oct 9 16:25:15 2014 +0800 ---------------------------------------------------------------------- .../org/apache/karaf/admin/etc/system.properties | 13 ------------- .../src/main/distribution/text/etc/system.properties | 13 ------------- .../standard/src/main/resources/features.xml | 2 +- manual/src/main/webapp/users-guide/security.conf | 15 --------------- 4 files changed, 1 insertion(+), 42 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/karaf/blob/97dc5077/admin/core/src/main/resources/org/apache/karaf/admin/etc/system.properties ---------------------------------------------------------------------- diff --git a/admin/core/src/main/resources/org/apache/karaf/admin/etc/system.properties b/admin/core/src/main/resources/org/apache/karaf/admin/etc/system.properties index 4a7bead..41a5f85 100644 --- a/admin/core/src/main/resources/org/apache/karaf/admin/etc/system.properties +++ b/admin/core/src/main/resources/org/apache/karaf/admin/etc/system.properties @@ -55,19 +55,6 @@ karaf.shell.init.script = ${karaf.etc}/shell.init.script # # karaf.shell.history.maxSize = 0 -# -# Default role name used for console authorization (JMX, SSH and WEB) -# The syntax is the following: -# [classname:]principal -# where classname is the class name of the principal object -# (defaults to org.apache.karaf.jaas.modules.RolePrincipal) -# and principal is the name of the principal of that class -# (defaults to admin). -# -# Note that this value can be overriden using the various ConfigAdmin -# configurations for JMX, SSH or the WebConsole. -# -karaf.admin.role = admin # # Roles to use when logging into a local Karaf console. http://git-wip-us.apache.org/repos/asf/karaf/blob/97dc5077/assemblies/apache-karaf/src/main/distribution/text/etc/system.properties ---------------------------------------------------------------------- diff --git a/assemblies/apache-karaf/src/main/distribution/text/etc/system.properties b/assemblies/apache-karaf/src/main/distribution/text/etc/system.properties index 1b3dace..36e0b18 100644 --- a/assemblies/apache-karaf/src/main/distribution/text/etc/system.properties +++ b/assemblies/apache-karaf/src/main/distribution/text/etc/system.properties @@ -55,19 +55,6 @@ karaf.shell.init.script = ${karaf.etc}/shell.init.script # # karaf.shell.history.maxSize = 0 -# -# Default role name used for console authorization (JMX, SSH and WEB) -# The syntax is the following: -# [classname:]principal -# where classname is the class name of the principal object -# (defaults to org.apache.karaf.jaas.modules.RolePrincipal) -# and principal is the name of the principal of that class -# (defaults to admin). -# -# Note that this value can be overriden using the various ConfigAdmin -# configurations for JMX, SSH or the WebConsole. -# -karaf.admin.role = admin # # Roles to use when logging into a local Karaf console. http://git-wip-us.apache.org/repos/asf/karaf/blob/97dc5077/assemblies/features/standard/src/main/resources/features.xml ---------------------------------------------------------------------- diff --git a/assemblies/features/standard/src/main/resources/features.xml b/assemblies/features/standard/src/main/resources/features.xml index 99008d4..d0b3add 100644 --- a/assemblies/features/standard/src/main/resources/features.xml +++ b/assemblies/features/standard/src/main/resources/features.xml @@ -178,7 +178,7 @@ <feature name="webconsole" description="Karaf WebConsole for administration and monitoring" version="${project.version}"> <config name="org.apache.karaf.webconsole"> realm=karaf - role=${karaf.admin.role} + role=admin </config> <feature>http</feature> <feature>aries-blueprint</feature> http://git-wip-us.apache.org/repos/asf/karaf/blob/97dc5077/manual/src/main/webapp/users-guide/security.conf ---------------------------------------------------------------------- diff --git a/manual/src/main/webapp/users-guide/security.conf b/manual/src/main/webapp/users-guide/security.conf index b1ab90c..1e7e867 100644 --- a/manual/src/main/webapp/users-guide/security.conf +++ b/manual/src/main/webapp/users-guide/security.conf @@ -74,21 +74,6 @@ or to ssh ssh -p 8101 -i ~/karaf.id_dsa karaf@localhost {code} -h2. Managing roles - -JAAS roles can be used by various components. The three management layers (SSH, JMX and WebConsole) all use a global role based authorization system. The default role name is configured in the {{etc/system.properties}} using the {{karaf.admin.role}} system property and the default value is {{admin}}. All users authenticating for the management layer must have this role defined. - -The syntax for this value is the following: -{code} -[classname:]principal -{code} -where classname is the class name of the principal object (defaults to org.apache.karaf.jaas.modules.RolePrincipal) and principal is the name of the principal of that class (defaults to admin). - -Note that roles can be changed for a given layer using ConfigAdmin in the following configurations: -|| Layer || PID || Value || -| SSH | org.apache.karaf.shell | sshRole | -| JMX | org.apache.karaf.management | jmxRole | -| Web | org.apache.karaf.webconsole | role | h2. Enabling password encryption
