Hi Paul, thanks for the input.
What I reverse engineer from blueprint and docs is that I indeed need to
publish a JaasRealm on the service registry that wraps (?) the Karaf login
module in some way. Props are indeed per config admin and a Designate for
binding the config, which I am testing just now:
import org.apache.karaf.jaas.config.JaasRealm;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.metatype.annotations.*;
import javax.security.auth.login.AppConfigurationEntry;
import java.util.Dictionary;
import java.util.Enumeration;
@Component(name = "eu.abeel.platform.security.jaas",
service = JaasRealm.class,
configurationPolicy = ConfigurationPolicy.REQUIRE,
configurationPid = "eu.abeel.platform.security.jaas.ldap",
immediate = true)
@Designate(ocd = JaasModuleConfig.class)
public class PlatformJaasRealm implements JaasRealm {
@Activate
public void activate(ComponentContext context, JaasModuleConfig
jaasModuleConfig) {
Dictionary<String, Object> properties = context.getProperties();
Enumeration<String> keys = properties.keys();
while (keys.hasMoreElements()) {
String key = keys.nextElement();
System.out.println(key + " = " + properties.get(key));
}
}
From: Paul McCulloch <pkmccull...@gmail.com>
Sent: dinsdag 21 februari 2023 11:43
To: user@karaf.apache.org
Subject: Re: Karaf LDAP without blueprint
CAUTION: This email originated from outside of Gaston Schul. Do not click
links or open attachments unless you recognize the sender and know the content
is safe.
I use a DS component which instantiates an
org.apache.karaf.jaas.config.JaasRealm and registers it via
org.osgi.framework.BundleContext.registerService(Class<JaasRealm>, JaasRealm,
Dictionary<String, ?>).
My DS component uses Config Admnin to configure the realm. I wrap the standard
Karaf LDAP module in my own caching proxy (as I found concurrency issues with
org.apache.karaf.jaas.modules.ldap.LDAPCache.getCache(LDAPOptions)).
I can't share the code, but I can answer any questions you have.
Paul
On Tue, 21 Feb 2023 at 08:09, Maurice Betzel
<m.bet...@gaston-schul.com<mailto:m.bet...@gaston-schul.com>> wrote:
Dear community,
I am building a new custom Karaf assembly and would like to avoid installing
aries blueprint just for creating an LDAP login module.
Does anybody have any experience with alternatives like declarative services or
low-level activator setup willing to share the knowledge?
Met vriendelijke groet / Mit freundlichen Grüßen / Kind regards,
Maurice Betzel
Principal Software Engineer
Al onze verrichtingen geschieden op basis van de Algemene voorwaarden der
Expediteurs van België, gepubliceerd in de bijlage tot het Belgisch Staatsblad
dd. 24 juni 2005 onder nr. 0090237. De tekst van deze voorwaarden wordt op uw
verzoek gratis toegezonden.
All our transactions are subject to the General Conditions of the Belgian
Forwarders Association which have been published under nr. 0090237 in the
"Bijlage tot het Belgisch Staatsblad" dated June 24th, 2005, and is available
free of charge upon request.
Toutes nos opérations se font sur base des Conditions Générales des Expéditeurs
de Belgique. Le texte en a été publié dans l' Annexe au Moniteur Belge du 24
juin 2005 sous le n° 0090237. Ce texte sera vous envoyé gratuitment sur demande.
Email confidentiality notice:
This email and any files transmitted with it are confidential and intended only
for the use of the recipient. If you have received this email in error please
notify its sender.
Al onze verrichtingen geschieden op basis van de Algemene voorwaarden der
Expediteurs van België, gepubliceerd in de bijlage tot het Belgisch Staatsblad
dd. 24 juni 2005 onder nr. 0090237. De tekst van deze voorwaarden wordt op uw
verzoek gratis toegezonden.
All our transactions are subject to the General Conditions of the Belgian
Forwarders Association which have been published under nr. 0090237 in the
"Bijlage tot het Belgisch Staatsblad" dated June 24th, 2005, and is available
free of charge upon request.
Toutes nos opérations se font sur base des Conditions Générales des Expéditeurs
de Belgique. Le texte en a été publié dans l' Annexe au Moniteur Belge du 24
juin 2005 sous le n° 0090237. Ce texte sera vous envoyé gratuitment sur demande.
Email confidentiality notice:
This email and any files transmitted with it are confidential and intended only
for the use of the recipient. If you have received this email in error please
notify its sender.
