[jira] [Commented] (KARAF-4784) OsgiConfiguration for JAAS should fallback to default configuration

[ASF subversion and git services (JIRA)]

    [ 
https://issues.apache.org/jira/browse/KARAF-4784?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15728354#comment-15728354
 ] 

ASF subversion and git services commented on KARAF-4784:
--------------------------------------------------------

Commit 333feab0e2cefcf845f7499ccbd87ff90ac4235b in karaf's branch 
refs/heads/master from [~jbonofre]
[ https://git-wip-us.apache.org/repos/asf?p=karaf.git;h=333feab ]

[KARAF-4784] This closes #271


> OsgiConfiguration for JAAS should fallback to default configuration
> -------------------------------------------------------------------
>
>                 Key: KARAF-4784
>                 URL: https://issues.apache.org/jira/browse/KARAF-4784
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf-security
>    Affects Versions: 4.0.7
>            Reporter: Benjamin Papez
>            Assignee: Guillaume Nodet
>             Fix For: 4.1.0
>
>
> We will use Karaf embedded in the next version of our Web Application, which 
> means that we still first start the application server 
> (Tomcat/JBoss/Websphere) and then Karaf is started inside. Some of our 
> customers are using a JAAS configuration, mainly Kerberos for SPNEGO. 
> Unfortunately with the step to use Karaf the current default JAAS 
> configuration is no longer picked up and used, because Karaf is setting the 
> {{org.apache.karaf.jaas.config.impl.OsgiConfiguration}} object into 
> {{javax.security.auth.login.Configuration.setConfiguration}} within the 
> {{OsgiConfiguration.init}} method.
> This way all standard/app-server specific ways of JAAS configuration are 
> ignored.
> I would propose a modification to {{OsgiConfiguration}}, with something like:
> {code}
>     private Configuration defaultConfiguration;
>     public void init() {
>         try {
>             defaultConfiguration = Configuration.getConfiguration();
>         } catch (RuntimeException ex) {
>             // default configuration for fallback could not be retrieved - 
> should be logged
>         }
>         Configuration.setConfiguration(this);
>     }
>     ...
>     public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
>         JaasRealm realm = null;
>         for (JaasRealm r : realms) {
>             if (r.getName().equals(name)) {
>                 if (realm == null || r.getRank() > realm.getRank()) {
>                     realm = r;
>                 }
>             }
>         }
>         if (realm != null) {
>             return realm.getEntries();
>         } else if (defaultConfiguration != null) {
>            return defaultConfiguration.getAppConfigurationEntry(name);
>         }
>         return null;
>     }
>     public void refresh() {
>         if (defaultConfiguration != null) {
>             defaultConfiguration.refresh();
>         }
>     }
> {code}
> This way if no OSGI configured JAAS realm can find an 
> {{AppConfigurationEntry}}, we would still try to get it from the default JAAS 
> configuration, and our customers could keep the same JAAS configuration as 
> before. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)