Yeah, the RBAC support that's there now is quite pluggable. You can basically use anything to set the roles in the current javax.security.auth.Subject. Currently JAAS is one way to do it, but you can also do it using other technologies and/or use your own custom roles (instead of the Karaf built-in RolePrincipal).
Additionally, the ACLs are defined using OSGi ConfigAdmin. The Felix ConfigAdmin implementation that's used in Karaf is already pluggable in the sense that you can provide alternative sources of the configuration, but if that isn't enough you can also provide a ConfigAdmin facade over whatever technology you like to use to provide the ACLs... Best regards, David On 11 October 2013 05:45, Jean-Baptiste Onofré <j...@nanthrax.net> wrote: > Hi Lothar, > > Not yet, but it's something what we plan. > > We can imagine to delegate to a LoginModule that use Shiro. > > Regards > JB > > > On 10/11/2013 01:23 AM, Lothar Werzinger wrote: >> >> Hi, >> >> I just read JBO's blog about upcoming RBAC support in Karaf >> >> http://blog.nanthrax.net/2013/10/coming-in-karaf-3-0-0-jaas-users-groups-roles-and-acls/ >> >> and I was wondering if Karaf will support using Apache Shiro >> http://shiro.apache.org/ too. >> We are using Shiro in some of our apps already and it would be nice to >> be able to configure RBAC for Karaf in Shiro. >> >> Thanks >> >> This message and any attachment (the "message") is intended solely for >> the addressees and is confidential. If you receive this message by >> mistake, please delete it and notify the sender immediately. Any use not >> in accordance with its purpose, any out-spread or disclosure, either as >> a whole or partially, is prohibited except with formal approval. >> Internet cannot guarantee the integrity of this message, therefore >> Tradescape will not be liable for the message if modified. >> >> - >> > > -- > Jean-Baptiste Onofré > jbono...@apache.org > http://blog.nanthrax.net > Talend - http://www.talend.com
