[jira] Created: (FELIX-1186) Defer the construction of a log message
Defer the construction of a log message --- Key: FELIX-1186 URL: https://issues.apache.org/jira/browse/FELIX-1186 Project: Felix Issue Type: Improvement Components: Declarative Services (SCR) Affects Versions: scr-1.0.8 Reporter: Agemo Cui Priority: Trivial There are a lot of log messages at the DEBUG level constructed in the first place. My thinking is to put the construction of a message after the threshold of the log level is compared to, which could improve the performance and especially means much on a resource constrained device. Since most of the log message is constructed by simply concatenating String values of several objects, the prototype of the method BundleComponentActivator.log(a singleton utility may be better) could be like the following. public void log( int level, ComponentMetadata metadata, Throwable ex, Object... objs ); And because most messages consist of no more than 3 objects, we can even implement 3 more log methods as follows to avoid the creation of an object array. public void log( int level, ComponentMetadata metadata, Throwable ex, Object obj ); public void log( int level, ComponentMetadata metadata, Throwable ex, Object obj0, Object obj1 ); public void log( int level, ComponentMetadata metadata, Throwable ex, Object obj0, Object obj1, Object obj2 ); And the final log message can be constructed after "if ( m_logLevel >= level )". -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Created: (FELIX-1185) If a static/mandatory reference to a service is unregistered, the component should be deactivated synchronously instead of asynchronously
If a static/mandatory reference to a service is unregistered, the component should be deactivated synchronously instead of asynchronously - Key: FELIX-1185 URL: https://issues.apache.org/jira/browse/FELIX-1185 Project: Felix Issue Type: Bug Components: Declarative Services (SCR) Affects Versions: scr-1.0.8 Reporter: Agemo Cui Fix For: scr-1.0.10 In the specification cmpn 112.3.3 Reference Policy, it says "Component configurations are deactivated before any bound service for a reference having a static policy becomes unavailable." My understanding is the deactivate method of the component must be called before any unbind method for a static/mandatory reference is called. And it's reasonable for a static/mandatory reference to be still available in the deactivate method. If the component is deactivated asynchronously when a static/mandatory reference to a service is unregistered, then it's possible that the unbind method is called before the deactivate method is called, which makes the service unavailable in the deactivate method. This bug may relate to FELIX-1178. The fix for this bug should also fix FELIX-1178. No need to add a new flag. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Created: (FELIX-1184) maven-bundle-plugin does not play well with maven-shade-plugin relocate
maven-bundle-plugin does not play well with maven-shade-plugin relocate --- Key: FELIX-1184 URL: https://issues.apache.org/jira/browse/FELIX-1184 Project: Felix Issue Type: Bug Components: Maven Bundle Plugin Affects Versions: maven-bundle-plugin-2.0.0 Reporter: David Jencks maven-shade-plugin v 1.2.1 If your build runs shade to relocate some classes from a preexisting jar and the maven-bundle-plugin to geinerate osgi metadata the bundle plugin refuses to generate any Export-Package, Import-Package or Private-Package headers. I assume it doesn't find any classes. I don't know whose fault this is. To see this in action check out https://svn.apache.org/repos/asf/geronimo/xbean/trunk/xbean-asm-shaded rev 778992 and uncomment the bundle plugin and comment the transformers section of the shade plugin config. This is also reported as http://jira.codehaus.org/browse/MSHADE-51 -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: Google Summer of Code: Marcin Wilkos
On May 27, 2009, at 12:11 , Guillaume Nodet wrote: I don't think having a UserAdmin delegating to JAAS could work because JAAS does not provide anything about modifying the underlying storage for creating / removing users or groups. UserAdmin provides such features, so I think it has to be to other way around: it should be quite easy to implement a JAAS login module that delegates to UserAdmin. I appearantly don't know JAAS well enough, that's a good point. Also, the compendium spec (107.7) talks a bit about JAAS and UserAdmin, that might be worth having a look at. Given I don't think requiring JAAS is a good idea, that's why I proposed such a simple API. Ok. I don't really see any drawback to such a pluggable mechanism, as I think it can be implemented for both JAAS and UserAdmin in a few lines of code: [snip..] It's not a big drawback, I agree. I still have a small preference for using UserAdmin as the basis (even if you cannot implement any of the methods that modify things using JAAS) but a small extra interface is okay too. Greetings, Marcel
[jira] Resolved: (FELIX-1179) FileInstall should recognize Jar files by content instead of extension
[ https://issues.apache.org/jira/browse/FELIX-1179?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Richard S. Hall resolved FELIX-1179. Resolution: Fixed Assignee: Richard S. Hall Thanks for the patch Filippo. I only made minor changes to the formatting. (FYI, see http://felix.apache.org/site/coding-standards.html for Felix coding style standards). Please close this issue if you are satisfied. > FileInstall should recognize Jar files by content instead of extension > -- > > Key: FELIX-1179 > URL: https://issues.apache.org/jira/browse/FELIX-1179 > Project: Felix > Issue Type: Improvement > Components: File Install >Affects Versions: fileinstall-1.0.0 > Environment: generic >Reporter: Sahoo >Assignee: Richard S. Hall > Fix For: fileinstall-1.2.0 > > Attachments: FELIX-1179-2.txt, FELIX-1179.txt > > > Currently FileInstall recognizes files of two types: .cfg files and .jar > files. I know there is already a request to have a plugin mechanism in > FileInstall to support different kinds of file types, but that's more of a > long term change. In short term, we can modify fileinstall to recognize Jar > files by their content instead of going by just file extensions. It will > allow us to use files like .war files in watched dir. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Closed: (FELIX-1162) Component.getReferences returns null if a component that has references is not enabled.
[
https://issues.apache.org/jira/browse/FELIX-1162?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Agemo Cui closed FELIX-1162.
It works perfect. Thanks.
> Component.getReferences returns null if a component that has references is
> not enabled.
> ---
>
> Key: FELIX-1162
> URL: https://issues.apache.org/jira/browse/FELIX-1162
> Project: Felix
> Issue Type: Bug
> Components: Declarative Services (SCR)
>Affects Versions: scr-1.0.8
>Reporter: Agemo Cui
>Assignee: Felix Meschberger
>Priority: Minor
> Fix For: scr-1.0.10
>
> Attachments: FELIX-1162.patch
>
>
> The implementation of method
> {color:blue}org.apache.felix.scr.Component.getReferences{color} in class
> {color:blue}org.apache.felix.scr.impl.AbstractComponentManager{color} doesn't
> use {color:red}m_componentMetadata{color} but
> {color:red}m_dependencyManagers{color} to return the service references of a
> component, which causes a calling of {color:blue}getReferences{color} to
> return null before "enable component" is scheduled.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
Re: FAQ page anchors not working
2009/5/27 Stuart McCulloch > 2009/5/27 Richard S. Hall > >> I was just looking at our OSGi FAQ: >> >>http://felix.apache.org/site/apache-felix-osgi-faq.html >> >> And noticed that the anchor links at the top do not work, nor do they work >> for any of the other FAQs. They do appear to work on the source Wiki. >> >> Is this a known issue? Does anyone know how to fix it? >> > > looks like an encoding issue, for example one exported anchor is: > > ApacheFelixOSGiFAQ-Shouldabundleimportitsownexportedpackages%253F > > but the working anchor (at least using Firefox, English locale) is: > > ApacheFelixOSGiFAQ-Shouldabundleimportitsownexportedpackages%3F > > ie. single-byte, not a double-byte beginning with "25" > looks like the anchor is getting double-encoded somewhere: foo? --> foo%3F --> foo%253F (because % == 0x25) but I'm not sure how to fix this :( > > -> richard >> > > -- > Cheers, Stuart > -- Cheers, Stuart
Re: FAQ page anchors not working
2009/5/27 Richard S. Hall > I was just looking at our OSGi FAQ: > >http://felix.apache.org/site/apache-felix-osgi-faq.html > > And noticed that the anchor links at the top do not work, nor do they work > for any of the other FAQs. They do appear to work on the source Wiki. > > Is this a known issue? Does anyone know how to fix it? > looks like an encoding issue, for example one exported anchor is: ApacheFelixOSGiFAQ-Shouldabundleimportitsownexportedpackages%253F but the working anchor (at least using Firefox, English locale) is: ApacheFelixOSGiFAQ-Shouldabundleimportitsownexportedpackages%3F ie. single-byte, not a double-byte beginning with "25" but I'm not sure how to fix this :( -> richard > -- Cheers, Stuart
FAQ page anchors not working
I was just looking at our OSGi FAQ: http://felix.apache.org/site/apache-felix-osgi-faq.html And noticed that the anchor links at the top do not work, nor do they work for any of the other FAQs. They do appear to work on the source Wiki. Is this a known issue? Does anyone know how to fix it? -> richard
Re: Google Summer of Code: Marcin Wilkos
Hi,
While I would argue along the same lines as Marcel, your proposal is
quote appealing ...
So, as much as I would probably prefer to reuse existing API (namely
UserAdmin), for then purpose of the WebConsole this might be sufficient.
Regards
Felix
Guillaume Nodet schrieb:
I don't think having a UserAdmin delegating to JAAS could work because
JAAS does not provide anything about modifying the underlying storage
for creating / removing users or groups. UserAdmin provides such
features, so I think it has to be to other way around: it should be
quite easy to implement a JAAS login module that delegates to
UserAdmin.
Given I don't think requiring JAAS is a good idea, that's why I
proposed such a simple API.
I don't really see any drawback to such a pluggable mechanism, as I
think it can be implemented for both JAAS and UserAdmin in a few lines
of code:
public class UserAdminProvider implements WebConsoleSecurityProvider {
private UserAdmin userAdmin;
private String userProperty;
private String credProperty;
public class UserAdminProvider(UserAdmin userAdmin, String
userProperty, String credProperty) {
this.userAdmin = userAdmin;
this.userProperty = userProperty;
this.credProperty = credProperty;
}
public Object authenticate(String username, Object credential)
throws SecurityException {
User user = userAdmin.getUser(userProperty, userName);
if (user == null) throw new SecurityException("No such user");
if (!user.hasCredential(credProperty, credential)) throw new
SecurityException("Bad credential");
return user;
}
public void authorize(Object user, String role) throws SecurityException {
Authorization auth = userAdmin.getAuthorization((User) user);
if (!auth.hasRole(role)) throw new SecurityException("Not authorized");
}
}
public class JAASProvider implements WebConsoleSecurityProvider {
private String domain;
public JAASProvider(String domain) {
this.domain = domain;
}
public Object authenticate(String username, Object credential)
throws SecurityException {
Subject subject = new Subject();
LoginContext loginContext = new LoginContext(domain, subject,
new CallbackHandler() {
public void handle(Callback[] callbacks) throws
IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof NameCallback) {
((NameCallback) callbacks[i]).setName(username);
} else if (callbacks[i] instanceof
PasswordCallback && credentials instanceof String) {
((PasswordCallback)
callbacks[i]).setPassword(((String) credential).toCharArray());
} else if (callbacks[i] instanceof
CertificateCallback && credentials instanceof X509Certificate) {
((CertificateCallback)
callbacks[i]).setCertificate((X509Certificate) credential);
} else {
throw new UnsupportedCallbackException(callbacks[i]);
}
}
}
});
loginContext.login();
return subject;
}
public void authorize(Object user, String role) throws SecurityException {
if (!((Subject) user).getPrincipals().contains(new
GroupPrincipal(role))) throw new SecurityException("Not authorized");
}
}
Pluggability / extensibility is always a good thing imho, as long as
it's not overengineered, which is not the case here imho.
On Wed, May 27, 2009 at 11:31, Marcel Offermans
wrote:
Hello Guillaume,
On May 27, 2009, at 11:20 , Guillaume Nodet wrote:
Right, I think there is a real need to support UserAdmin, but given
both JAAS and UserAdmin will be used for the same thing, it should be
easy to support both using a simple interface:
public interface WebConsoleSecurityProvider {
/** Check if the user with the specified password exists and
return an object identifying the user, else throw an exception */
public Object authenticate(String username, String password)
throws SecurityException;
/** Check that the authenticated user has the given role
permission or throw an exception */
public void authorize(Object user, String role) throws
SecurityException;
}
Imho, this should be sufficient to provide authentication and
authorization for the web console and can be easily implemented using
UserAdmin or JAAS.
To be honest, UserAdmin already is an interface which abstracts from an
implementation, so I don't really see a need to add another interface to
abstract from that. Having a JAAS backend for UserAdmin would be nice too
since that would be usable in a much broader context.
Greetings, Marcel
Re: Google Summer of Code: Marcin Wilkos
L.S., >From now on, you can expect a weekly report on the mailing lists from Marcin about his progress (as well as probably a lot of other mails with questions/remarks/... ;)). You can also follow his work on http://twitter.com/mwilkos Regards, Gert Vanthienen Open Source SOA: http://fusesource.com Blog: http://gertvanthienen.blogspot.com/ 2009/5/26 Gert Vanthienen : > L.S., > > > Marcin Wilkos will start coding on his Google Summer of Code project > this week after spending the last few weeks on getting to know the > projects a bit better. The goal of the project is to build an > extensible web-based management console for Apache Felix Karaf and > ServiceMix 4. > > We've had a very short discussion on the ServiceMix dev list in April > [1], but we would like to continue working on the Felix dev list for > now, as most of the work will be targeted at Felix Karaf anyway. We > would definitely consider building this on top the Felix Web Console. > It already has some of the functionality we're looking for and it > already is extensible -- there some information on the Felix website > [2] and I know the Sling project has built some extensions to the > console, so we can find a code example there. Is there any other > information around for this? Are there any limitations we have to be > aware of before starting the project? > > I guess we already know about one such limitation: Apache Felix Karaf > has the ability to 'rebrand' the text console with another ASCII art > logo and header, so we would want that for the web console as well. > As far as I can see, this is not yet supported by the Felix Web > Console. Are there any plans to support that? > > > Regards, > > Gert Vanthienen > > Open Source SOA: http://fusesource.com > Blog: http://gertvanthienen.blogspot.com/ > > > [1] > http://www.nabble.com/%22Web-based-management-console-for-ServiceMix%22-proposal-for-Google--Summer-of-Code-2009-td22967846ef12049.html#a22967846 > [2] http://felix.apache.org/site/apache-felix-web-console.html >
Re: Google Summer of Code: Marcin Wilkos
I don't think having a UserAdmin delegating to JAAS could work because
JAAS does not provide anything about modifying the underlying storage
for creating / removing users or groups. UserAdmin provides such
features, so I think it has to be to other way around: it should be
quite easy to implement a JAAS login module that delegates to
UserAdmin.
Given I don't think requiring JAAS is a good idea, that's why I
proposed such a simple API.
I don't really see any drawback to such a pluggable mechanism, as I
think it can be implemented for both JAAS and UserAdmin in a few lines
of code:
public class UserAdminProvider implements WebConsoleSecurityProvider {
private UserAdmin userAdmin;
private String userProperty;
private String credProperty;
public class UserAdminProvider(UserAdmin userAdmin, String
userProperty, String credProperty) {
this.userAdmin = userAdmin;
this.userProperty = userProperty;
this.credProperty = credProperty;
}
public Object authenticate(String username, Object credential)
throws SecurityException {
User user = userAdmin.getUser(userProperty, userName);
if (user == null) throw new SecurityException("No such user");
if (!user.hasCredential(credProperty, credential)) throw new
SecurityException("Bad credential");
return user;
}
public void authorize(Object user, String role) throws SecurityException {
Authorization auth = userAdmin.getAuthorization((User) user);
if (!auth.hasRole(role)) throw new SecurityException("Not authorized");
}
}
public class JAASProvider implements WebConsoleSecurityProvider {
private String domain;
public JAASProvider(String domain) {
this.domain = domain;
}
public Object authenticate(String username, Object credential)
throws SecurityException {
Subject subject = new Subject();
LoginContext loginContext = new LoginContext(domain, subject,
new CallbackHandler() {
public void handle(Callback[] callbacks) throws
IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof NameCallback) {
((NameCallback) callbacks[i]).setName(username);
} else if (callbacks[i] instanceof
PasswordCallback && credentials instanceof String) {
((PasswordCallback)
callbacks[i]).setPassword(((String) credential).toCharArray());
} else if (callbacks[i] instanceof
CertificateCallback && credentials instanceof X509Certificate) {
((CertificateCallback)
callbacks[i]).setCertificate((X509Certificate) credential);
} else {
throw new UnsupportedCallbackException(callbacks[i]);
}
}
}
});
loginContext.login();
return subject;
}
public void authorize(Object user, String role) throws SecurityException {
if (!((Subject) user).getPrincipals().contains(new
GroupPrincipal(role))) throw new SecurityException("Not authorized");
}
}
Pluggability / extensibility is always a good thing imho, as long as
it's not overengineered, which is not the case here imho.
On Wed, May 27, 2009 at 11:31, Marcel Offermans
wrote:
> Hello Guillaume,
>
> On May 27, 2009, at 11:20 , Guillaume Nodet wrote:
>
>> Right, I think there is a real need to support UserAdmin, but given
>> both JAAS and UserAdmin will be used for the same thing, it should be
>> easy to support both using a simple interface:
>>
>> public interface WebConsoleSecurityProvider {
>> /** Check if the user with the specified password exists and
>> return an object identifying the user, else throw an exception */
>> public Object authenticate(String username, String password)
>> throws SecurityException;
>> /** Check that the authenticated user has the given role
>> permission or throw an exception */
>> public void authorize(Object user, String role) throws
>> SecurityException;
>> }
>>
>> Imho, this should be sufficient to provide authentication and
>> authorization for the web console and can be easily implemented using
>> UserAdmin or JAAS.
>
> To be honest, UserAdmin already is an interface which abstracts from an
> implementation, so I don't really see a need to add another interface to
> abstract from that. Having a JAAS backend for UserAdmin would be nice too
> since that would be usable in a much broader context.
>
> Greetings, Marcel
>
>
--
Cheers,
Guillaume Nodet
Blog: http://gnodet.blogspot.com/
Open Source SOA
http://fusesource.com
Re: Google Summer of Code: Marcin Wilkos
Hello Guillaume,
On May 27, 2009, at 11:20 , Guillaume Nodet wrote:
Right, I think there is a real need to support UserAdmin, but given
both JAAS and UserAdmin will be used for the same thing, it should be
easy to support both using a simple interface:
public interface WebConsoleSecurityProvider {
/** Check if the user with the specified password exists and
return an object identifying the user, else throw an exception */
public Object authenticate(String username, String password)
throws SecurityException;
/** Check that the authenticated user has the given role
permission or throw an exception */
public void authorize(Object user, String role) throws
SecurityException;
}
Imho, this should be sufficient to provide authentication and
authorization for the web console and can be easily implemented using
UserAdmin or JAAS.
To be honest, UserAdmin already is an interface which abstracts from
an implementation, so I don't really see a need to add another
interface to abstract from that. Having a JAAS backend for UserAdmin
would be nice too since that would be usable in a much broader context.
Greetings, Marcel
[jira] Commented: (FELIX-1183) iPOJO JMX handler doesn't rethrow exceptions
[ https://issues.apache.org/jira/browse/FELIX-1183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12713489#action_12713489 ] S. Ali Tokmen commented on FELIX-1183: -- I guess I've found the source of the issue: Class: org.apache.felix.ipojo.handlers.jmx.DynamicMBeanImpl Method: invoke (line 159) I see that method has a clear "printStackTrace" call. It should instead throw it back to the caller. > iPOJO JMX handler doesn't rethrow exceptions > - > > Key: FELIX-1183 > URL: https://issues.apache.org/jira/browse/FELIX-1183 > Project: Felix > Issue Type: Bug > Components: iPOJO >Affects Versions: iPOJO-1.4.0 > Environment: SNAPSHOT version, SVN revision 37639 >Reporter: S. Ali Tokmen > > When we create an MBean with iPOJO (metadata-based dynamic MBean), if any > method invoke throws an exception, the exception is not rethrown to the > caller. > Instead, the exception's stack trace is printed back on the OSGi gateway's > system.out and the JMX caller gets a "null" return. > Normally, we expect the JMX call to throw an exception if the MBean has > thrown one. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Created: (FELIX-1183) iPOJO JMX handler doesn't rethrow exceptions
iPOJO JMX handler doesn't rethrow exceptions - Key: FELIX-1183 URL: https://issues.apache.org/jira/browse/FELIX-1183 Project: Felix Issue Type: Bug Components: iPOJO Affects Versions: iPOJO-1.4.0 Environment: SNAPSHOT version, SVN revision 37639 Reporter: S. Ali Tokmen When we create an MBean with iPOJO (metadata-based dynamic MBean), if any method invoke throws an exception, the exception is not rethrown to the caller. Instead, the exception's stack trace is printed back on the OSGi gateway's system.out and the JMX caller gets a "null" return. Normally, we expect the JMX call to throw an exception if the MBean has thrown one. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: Google Summer of Code: Marcin Wilkos
Right, I think there is a real need to support UserAdmin, but given
both JAAS and UserAdmin will be used for the same thing, it should be
easy to support both using a simple interface:
public interface WebConsoleSecurityProvider {
/** Check if the user with the specified password exists and
return an object identifying the user, else throw an exception */
public Object authenticate(String username, String password)
throws SecurityException;
/** Check that the authenticated user has the given role
permission or throw an exception */
public void authorize(Object user, String role) throws SecurityException;
}
Imho, this should be sufficient to provide authentication and
authorization for the web console and can be easily implemented using
UserAdmin or JAAS.
On Wed, May 27, 2009 at 10:24, Felix Meschberger wrote:
> Hi,
>
> I would also prefer UserAdmin over JAAS, since this would allow for
> other implementations of that service to provide access control.
>
> For example Carsten and I have once been discussing implementing
> UserAdmin on top of a JCR Repository (e.g. Jackrabbit) to leverage
> existing user setups.
>
> Regards
> Felix
>
> Guillaume Nodet schrieb:
>> I need to read a bit more about UserAdmin.
>> I think it should be possible to have a JAAS LoginModule delegating to
>> UserAdmin.
>>
>> However, for the console, it may be quite easy to come up with a very
>> simple interface that would delegate to either JAAS or UserAdmin. The
>> OSGi EEG is working on a spec for integrating JAAS into OSGi, so I
>> think it makes sense to be able to support both.
>>
>> On Wed, May 27, 2009 at 09:08, Carsten Ziegeler wrote:
>>> Marcel Offermans wrote:
On May 27, 2009, at 8:53 , Gert Vanthienen wrote:
> For securing the web console,
> wouldn't it make sense to integrate that with Karaf's JAAS support, so
> we can plug in other providers afterwards (e.g. things like LDAP)?
Should we not use the UserAdmin compendium service for that? To be
honest, I'm not familiar with Karaf's JAAS support, is that build as an
implementation of UserAdmin?
>>> Yes, I think we should go with UserAdmin, too.
>>>
>>> Carsten
>>>
>>> --
>>> Carsten Ziegeler
>>> cziege...@apache.org
>>>
>>
>>
>>
>
--
Cheers,
Guillaume Nodet
Blog: http://gnodet.blogspot.com/
Open Source SOA
http://fusesource.com
Re: [VOTE] Release Felix SCR Annotations 0.9 and SCR Plugin 1.2
Richard S. Hall wrote: > +1 > > Minor issue: The NOTICE file for annotations doesn't follow the standard > template completely. > Thanks for spotting this, it's now fixed in svn. Carsten -- Carsten Ziegeler cziege...@apache.org
Re: Google Summer of Code: Marcin Wilkos
Hi, I would also prefer UserAdmin over JAAS, since this would allow for other implementations of that service to provide access control. For example Carsten and I have once been discussing implementing UserAdmin on top of a JCR Repository (e.g. Jackrabbit) to leverage existing user setups. Regards Felix Guillaume Nodet schrieb: > I need to read a bit more about UserAdmin. > I think it should be possible to have a JAAS LoginModule delegating to > UserAdmin. > > However, for the console, it may be quite easy to come up with a very > simple interface that would delegate to either JAAS or UserAdmin. The > OSGi EEG is working on a spec for integrating JAAS into OSGi, so I > think it makes sense to be able to support both. > > On Wed, May 27, 2009 at 09:08, Carsten Ziegeler wrote: >> Marcel Offermans wrote: >>> On May 27, 2009, at 8:53 , Gert Vanthienen wrote: >>> For securing the web console, wouldn't it make sense to integrate that with Karaf's JAAS support, so we can plug in other providers afterwards (e.g. things like LDAP)? >>> Should we not use the UserAdmin compendium service for that? To be >>> honest, I'm not familiar with Karaf's JAAS support, is that build as an >>> implementation of UserAdmin? >>> >> Yes, I think we should go with UserAdmin, too. >> >> Carsten >> >> -- >> Carsten Ziegeler >> cziege...@apache.org >> > > >
Re: Google Summer of Code: Marcin Wilkos
Hi Gert, Gert Vanthienen schrieb: > Marcin Wilkos will start coding on his Google Summer of Code project > this week after spending the last few weeks on getting to know the > projects a bit better. The goal of the project is to build an > extensible web-based management console for Apache Felix Karaf and > ServiceMix 4. > > We've had a very short discussion on the ServiceMix dev list in April > [1], but we would like to continue working on the Felix dev list for > now, as most of the work will be targeted at Felix Karaf anyway. We > would definitely consider building this on top the Felix Web Console. Makes absolute sense. > It already has some of the functionality we're looking for and it > already is extensible -- there some information on the Felix website > [2] and I know the Sling project has built some extensions to the > console, so we can find a code example there. Is there any other > information around for this? Are there any limitations we have to be > aware of before starting the project? Yes, it currently is extensible by just registering a javax.servlet.Servlet service with a particular service property set to be used as a marker. For simplicity there is an AbstractWebConsolePlugin which may be extended so as the "plugin" servlet does not need to render the navigation stuff itself. The drawback is, that you have to import the AbstractWebConsolePlugin package in your bundle, which is kind of intrusive IMHO. So I am working on a proxy approach, where again the service is a plain Servlet with two service properties: one denoting the Servlet as a plugin and a second one asking the console to wrap the Servlet inside a proxy for the AbstractWebConsolePlugin. This way the registered Servlet only renders the "interior". > I guess we already know about one such limitation: Apache Felix Karaf > has the ability to 'rebrand' the text console with another ASCII art > logo and header, so we would want that for the web console as well. > As far as I can see, this is not yet supported by the Felix Web > Console. Are there any plans to support that? We have been discussing this and I think there is also an issue for this already. Rebranding is very interesting and important, so I would also be interested in seeing this in the console. Regards Felix
[jira] Created: (FELIX-1182) iPOJO - reconfiguration : get all properties with the update callback
iPOJO - reconfiguration : get all properties with the update callback - Key: FELIX-1182 URL: https://issues.apache.org/jira/browse/FELIX-1182 Project: Felix Issue Type: Wish Components: iPOJO Affects Versions: iPOJO-1.4.0 Reporter: Mathieu Civel Priority: Minor Fix For: iPOJO-1.4.0 When an instance is reconfigured, and the update method is triggered by iPOJO, it can make sense to get also properties that weren't described in the metadata. I know this can be useful only on very rare cases, but i'm currently facing such a case :) This solution will just be perfect :) -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: Google Summer of Code: Marcin Wilkos
I need to read a bit more about UserAdmin. I think it should be possible to have a JAAS LoginModule delegating to UserAdmin. However, for the console, it may be quite easy to come up with a very simple interface that would delegate to either JAAS or UserAdmin. The OSGi EEG is working on a spec for integrating JAAS into OSGi, so I think it makes sense to be able to support both. On Wed, May 27, 2009 at 09:08, Carsten Ziegeler wrote: > Marcel Offermans wrote: >> On May 27, 2009, at 8:53 , Gert Vanthienen wrote: >> >>> For securing the web console, >>> wouldn't it make sense to integrate that with Karaf's JAAS support, so >>> we can plug in other providers afterwards (e.g. things like LDAP)? >> >> Should we not use the UserAdmin compendium service for that? To be >> honest, I'm not familiar with Karaf's JAAS support, is that build as an >> implementation of UserAdmin? >> > Yes, I think we should go with UserAdmin, too. > > Carsten > > -- > Carsten Ziegeler > cziege...@apache.org > -- Cheers, Guillaume Nodet Blog: http://gnodet.blogspot.com/ Open Source SOA http://fusesource.com
Re: Google Summer of Code: Marcin Wilkos
Marcel Offermans wrote: > On May 27, 2009, at 8:53 , Gert Vanthienen wrote: > >> For securing the web console, >> wouldn't it make sense to integrate that with Karaf's JAAS support, so >> we can plug in other providers afterwards (e.g. things like LDAP)? > > Should we not use the UserAdmin compendium service for that? To be > honest, I'm not familiar with Karaf's JAAS support, is that build as an > implementation of UserAdmin? > Yes, I think we should go with UserAdmin, too. Carsten -- Carsten Ziegeler cziege...@apache.org
Re: Google Summer of Code: Marcin Wilkos
Guillaume Nodet wrote: > If we use an optional import, people wanting to safely rebrand the > console without allowing people to modify it could still choose to > repackage the web console bundle by putting customized resources > directly into it and remove this optional import, right ? Doh, yepp, of course :) Sometimes things are too easy. Great! Carsten -- Carsten Ziegeler cziege...@apache.org
Re: Google Summer of Code: Marcin Wilkos
On May 27, 2009, at 8:53 , Gert Vanthienen wrote: For securing the web console, wouldn't it make sense to integrate that with Karaf's JAAS support, so we can plug in other providers afterwards (e.g. things like LDAP)? Should we not use the UserAdmin compendium service for that? To be honest, I'm not familiar with Karaf's JAAS support, is that build as an implementation of UserAdmin? Greetings, Marcel
