L.S., Using the optional import by default (for quick and easy branding) and documenting how to build a more 'safe' branding by unzipping the distro and hacking it to remove the optional imports sounds like a good compromise to me.
Having something like goosh.org for our own console inside the web console sounds like a great idea too. For securing the web console, wouldn't it make sense to integrate that with Karaf's JAAS support, so we can plug in other providers afterwards (e.g. things like LDAP)? Regards, Gert Vanthienen ------------------------ Open Source SOA: http://fusesource.com Blog: http://gertvanthienen.blogspot.com/ 2009/5/26 Guillaume Nodet <gno...@gmail.com>: > On Tue, May 26, 2009 at 11:00, Carsten Ziegeler <cziege...@apache.org> wrote: >> Filippo Diotalevi wrote: >>> On Tue, May 26, 2009 at 8:11 AM, Gert Vanthienen >>> <gert.vanthie...@gmail.com> wrote: >>>> L.S., >>>> Marcin Wilkos will start coding on his Google Summer of Code project >>>> this week after spending the last few weeks on getting to know the >>>> projects a bit better. The goal of the project is to build an >>>> extensible web-based management console for Apache Felix Karaf and >>>> ServiceMix 4. >>>> >>>> We've had a very short discussion on the ServiceMix dev list in April >>>> [1], but we would like to continue working on the Felix dev list for >>>> now, as most of the work will be targeted at Felix Karaf anyway. >>> >>> That's very interesting. >>> I think some starting points might be >>> http://issues.apache.org/jira/browse/FELIX-1013 ("umbrella issue" for >>> web console extensibility) >>> http://issues.apache.org/jira/browse/FELIX-1051 (localization support) >>> >>> >> We had some discussions on this topic, but never really got to the point >> to implement it (just because of lack of time :) ). >> I've been thinking about this lately and I'm more and more thinking >> about not using an optional import. Rebranding something is usely meant >> that it stays rebranded, like if you want to bundle the web console with >> your own product. It is too easy to uninstall the optional bundle. > > You're right to some degree. I'd like the console to be branded with Karaf, > while people using Karaf may want to rebrand it too. Rebranding Karaf > also means rebranding the Karaf shell and both should be able to be > done easily and I don't think unzipping karaf distribution and hacking > more than one bundle is an easy way. > >> So I think we need a safer way. We also had the discussion (and I think >> there is a jira issue for this as well), to configure which >> configuration tabs are available - you might not want to use the tab for >> the config admin which comes with the web console - or you want to >> disable the obr tab etc. >> Again this could be done with some configuration and/or optional >> importants but can be easily overriden which is not what you want. >> >> So to keep the long story short, I'm more in favour of customization at >> build time, you create your project, which depends on the web console >> and it just adds additional files, overwrites configs (whatever) and >> creates "your" web console bundle. >> >> Maybe there is a better way inbetween those two solutions? > > If we use an optional import, people wanting to safely rebrand the > console without allowing people to modify it could still choose to > repackage the web console bundle by putting customized resources > directly into it and remove this optional import, right ? > >> Btw, I also think that we should secure the web console and check the >> role of the current user for authorization purposes. > > Right. I think at some point we also want to add access to the shell > through the web console and we also need to secure the shell commands. > Hiram and I did some experiment some time ago, but it was based on a > gwt web console, so it will need to be rewritten. Such a shell could > provided access to other shell commands for admin confortable with > command lines. > >> Carsten >> -- >> Carsten Ziegeler >> cziege...@apache.org >> > > > > -- > Cheers, > Guillaume Nodet > ------------------------ > Blog: http://gnodet.blogspot.com/ > ------------------------ > Open Source SOA > http://fusesource.com >
