Updated Branches:
refs/heads/master bf6705f1e -> 8fbcb873f
Itests for the system command shell security ACL
Also renamed the test names in the Kar and Shell command tests as they
were wrongly named.
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.o
Updated Branches:
refs/heads/master 1a0dafcf9 -> bf6705f1e
Itests for the shell command shell security ACL
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/bf6705f1
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/bf
Updated Branches:
refs/heads/master 05521f5c3 -> 1a0dafcf9
Itests for the kar shell security ACL
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/1a0dafcf
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/1a0dafcf
Dif
Updated Branches:
refs/heads/master 7564c4dd4 -> 056fef39b
Re-enable itests for feature shell command security ACL
Changed slightly to address spurious failure
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/056fef39
Tree
Updated Branches:
refs/heads/master e807ffcf2 -> a8780e05d
Itests for the jaas shell command security ACL
I've also temporarily disabled FeatureSshCommandSecurityTest as it
sometimes fails. Will re-enable once I figured out why
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commi
Updated Branches:
refs/heads/master e473d9a9b -> 90c14c2fb
Itests for the feature shell commands security ACL
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/90c14c2f
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree
Updated Branches:
refs/heads/master f7356e71e -> e2e59666f
Some comments in the SSH Command itests.
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/e2e59666
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/e2e59666
Updated Branches:
refs/heads/master ff2eb3bc9 -> f7356e71e
Reorganize the SSH command security itests a little.
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/f7356e71
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tr
Updated Branches:
refs/heads/master 37266e036 -> ff2eb3bc9
Additional itests for the bundle commands.
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/ff2eb3bc
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/ff2eb3b
Updated Branches:
refs/heads/master 169e91774 -> 37266e036
Even more itests for the config commands.
Also includes a bugfix to a typo in the org.apache.karaf.command.acl.config.cfg
which was identified by the new itests. Hurray to testing!
Project: http://git-wip-us.apache.org/repos/asf/kar
Updated Branches:
refs/heads/master 891c43b7e -> 169e91774
More itest changes for config commands.
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/169e9177
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/169e9177
D
Updated Branches:
refs/heads/master 5335f674d -> 891c43b7e
Additional itests for command security.
These cover the config: commands.
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/891c43b7
Tree: http://git-wip-us.apache.
Author: davidb
Date: Thu Dec 5 15:47:21 2013
New Revision: 1548174
URL: http://svn.apache.org/r1548174
Log:
Added an SSH-client based itest to test some of the command ACLs
Currently it only tests the ones for the bundle scope, will add more later.
Added:
karaf/trunk/itests/src/test/java
Author: davidb
Date: Thu Nov 28 09:09:58 2013
New Revision: 1546320
URL: http://svn.apache.org/r1546320
Log:
Further improvements to the shell commands ACLs
Modified:
karaf/trunk/assemblies/features/framework/src/main/resources/resources/etc/org.apache.karaf.command.acl.shell.cfg
Modified
Author: davidb
Date: Wed Nov 27 16:54:50 2013
New Revision: 1546107
URL: http://svn.apache.org/r1546107
Log:
Fixes to itests so that they run with the new command ACLs
Modified:
karaf/trunk/itests/src/test/java/org/apache/karaf/itests/FeatureTest.java
karaf/trunk/itests/src/test/java
Author: davidb
Date: Wed Nov 27 16:30:36 2013
New Revision: 1546093
URL: http://svn.apache.org/r1546093
Log:
More shell command ACLs.
Added:
karaf/trunk/assemblies/features/framework/src/main/resources/resources/etc/org.apache.karaf.command.acl.feature.cfg
karaf/trunk/assemblies
Author: davidb
Date: Wed Nov 27 16:15:10 2013
New Revision: 1546088
URL: http://svn.apache.org/r1546088
Log:
ACLs for the bundle commands.
Added:
karaf/trunk/assemblies/features/framework/src/main/resources/resources/etc/org.apache.karaf.command.acl.bundle.cfg
Added:
karaf/trunk
Author: davidb
Date: Wed Nov 27 14:50:25 2013
New Revision: 1546054
URL: http://svn.apache.org/r1546054
Log:
Re-enabling system command ACLs
itests have been updated to properly deal with the requirements on roles for
the affected commands.
Modified:
karaf/trunk/assemblies/features
Author: davidb
Date: Wed Nov 27 14:03:39 2013
New Revision: 1546037
URL: http://svn.apache.org/r1546037
Log:
Commenting out 2 system command ACLs as they cause itest failures.
Modified:
karaf/trunk/assemblies/features/framework/src/main/resources/resources/etc
Author: davidb
Date: Wed Nov 27 13:20:11 2013
New Revision: 1546025
URL: http://svn.apache.org/r1546025
Log:
Inline comments explanation of the command ACL config files.
Modified:
karaf/trunk/assemblies/features/framework/src/main/resources/resources/etc
Author: davidb
Date: Wed Nov 27 12:55:51 2013
New Revision: 1546018
URL: http://svn.apache.org/r1546018
Log:
Additional ACLs for the system subshell commands
By default the following roles are required with this change:
system:property - admin
system:shutdown - admin
system:start-level
Author: davidb
Date: Wed Nov 27 12:20:57 2013
New Revision: 1546012
URL: http://svn.apache.org/r1546012
Log:
Small fix for the "org.apache.karaf.service.guard.roles" property values.
The "org.apache.karaf.service.guard.roles" service property is set by the OSGi
Service Gu
Author: davidb
Date: Wed Nov 27 11:17:48 2013
New Revision: 1545997
URL: http://svn.apache.org/r1545997
Log:
Additional ACLs for the shell:new and shell:java commands
These commands are now limited to the admin role by default because they have
the power to execute any piece of Java code
Author: davidb
Date: Tue Nov 26 10:53:41 2013
New Revision: 1545607
URL: http://svn.apache.org/r1545607
Log:
Enable JMX RBAC by default (just like on the 3.x branch)
Modified:
karaf/branches/karaf-2.x/assemblies/apache-karaf/src/main/distribution/unix-shell/bin/karaf
karaf/branches
Author: davidb
Date: Tue Nov 26 08:47:29 2013
New Revision: 1545569
URL: http://svn.apache.org/r1545569
Log:
Adding back the strangely necessary (but unnecessary) casts that are apparently
needed for a JDK 1.7 build...
Modified:
karaf/branches/karaf-2.x/jaas/modules/src/main/java/org
Author: davidb
Date: Tue Nov 26 08:43:30 2013
New Revision: 1545567
URL: http://svn.apache.org/r1545567
Log:
[KARAF-2568] Backport of JMX Security itest to 2.x
Also contains fixes to the users.properties file and additional testing to
ensure that it is not possible to log in as a group directly
Author: davidb
Date: Mon Nov 25 14:36:32 2013
New Revision: 1545300
URL: http://svn.apache.org/r1545300
Log:
Extra system test to ensure that you cannot log in as a groupname directly.
Modified:
karaf/trunk/itests/src/test/java/org/apache/karaf/itests/JMXSecurityTest.java
Modified:
karaf
Author: davidb
Date: Mon Nov 25 11:01:42 2013
New Revision: 1545218
URL: http://svn.apache.org/r1545218
Log:
[KARAF-2568] Backport to 2.x of JMXSecurityMBean
The JMXSecurityMBean contains four canInvoke() variants which can inform the
client whether a certain JMX operation can be invoked or not
Author: davidb
Date: Tue Nov 12 20:13:07 2013
New Revision: 1541215
URL: http://svn.apache.org/r1541215
Log:
Add support for groups in security.
A user can be a member of a group or have roles assigned directly.
Groups typically have one or more roles assigned. Users that are part of
that group
Author: davidb
Date: Mon Nov 11 10:25:59 2013
New Revision: 1540655
URL: http://svn.apache.org/r1540655
Log:
itests for JMX role-based access control.
Added:
karaf/trunk/itests/src/test/java/org/apache/karaf/itests/JMXSecurityTest.java
Modified:
karaf/trunk/itests/src/test/java/org
Author: davidb
Date: Mon Nov 11 09:48:12 2013
New Revision: 1540648
URL: http://svn.apache.org/r1540648
Log:
Fix to Karaf JMX ConfigAdmin ACL
Modified:
karaf/trunk/assemblies/features/framework/src/main/resources/resources/etc/jmx.acl.org.apache.karaf.config.cfg
Modified:
karaf/trunk
31 matches
Mail list logo