Hi Paul, thanks for the input. What I reverse engineer from blueprint and docs is that I indeed need to publish a JaasRealm on the service registry that wraps (?) the Karaf login module in some way. Props are indeed per config admin and a Designate for binding the config, which I am testing just now:
import org.apache.karaf.jaas.config.JaasRealm; import org.osgi.service.component.ComponentContext; import org.osgi.service.component.annotations.Activate; import org.osgi.service.component.annotations.Component; import org.osgi.service.component.annotations.ConfigurationPolicy; import org.osgi.service.metatype.annotations.*; import javax.security.auth.login.AppConfigurationEntry; import java.util.Dictionary; import java.util.Enumeration; @Component(name = "eu.abeel.platform.security.jaas", service = JaasRealm.class, configurationPolicy = ConfigurationPolicy.REQUIRE, configurationPid = "eu.abeel.platform.security.jaas.ldap", immediate = true) @Designate(ocd = JaasModuleConfig.class) public class PlatformJaasRealm implements JaasRealm { @Activate public void activate(ComponentContext context, JaasModuleConfig jaasModuleConfig) { Dictionary<String, Object> properties = context.getProperties(); Enumeration<String> keys = properties.keys(); while (keys.hasMoreElements()) { String key = keys.nextElement(); System.out.println(key + " = " + properties.get(key)); } } From: Paul McCulloch <pkmccull...@gmail.com> Sent: dinsdag 21 februari 2023 11:43 To: user@karaf.apache.org Subject: Re: Karaf LDAP without blueprint CAUTION: This email originated from outside of Gaston Schul. Do not click links or open attachments unless you recognize the sender and know the content is safe. I use a DS component which instantiates an org.apache.karaf.jaas.config.JaasRealm and registers it via org.osgi.framework.BundleContext.registerService(Class<JaasRealm>, JaasRealm, Dictionary<String, ?>). My DS component uses Config Admnin to configure the realm. I wrap the standard Karaf LDAP module in my own caching proxy (as I found concurrency issues with org.apache.karaf.jaas.modules.ldap.LDAPCache.getCache(LDAPOptions)). I can't share the code, but I can answer any questions you have. Paul On Tue, 21 Feb 2023 at 08:09, Maurice Betzel <m.bet...@gaston-schul.com<mailto:m.bet...@gaston-schul.com>> wrote: Dear community, I am building a new custom Karaf assembly and would like to avoid installing aries blueprint just for creating an LDAP login module. Does anybody have any experience with alternatives like declarative services or low-level activator setup willing to share the knowledge? Met vriendelijke groet / Mit freundlichen Grüßen / Kind regards, Maurice Betzel Principal Software Engineer Al onze verrichtingen geschieden op basis van de Algemene voorwaarden der Expediteurs van België, gepubliceerd in de bijlage tot het Belgisch Staatsblad dd. 24 juni 2005 onder nr. 0090237. De tekst van deze voorwaarden wordt op uw verzoek gratis toegezonden. All our transactions are subject to the General Conditions of the Belgian Forwarders Association which have been published under nr. 0090237 in the "Bijlage tot het Belgisch Staatsblad" dated June 24th, 2005, and is available free of charge upon request. Toutes nos opérations se font sur base des Conditions Générales des Expéditeurs de Belgique. Le texte en a été publié dans l' Annexe au Moniteur Belge du 24 juin 2005 sous le n° 0090237. Ce texte sera vous envoyé gratuitment sur demande. Email confidentiality notice: This email and any files transmitted with it are confidential and intended only for the use of the recipient. If you have received this email in error please notify its sender. Al onze verrichtingen geschieden op basis van de Algemene voorwaarden der Expediteurs van België, gepubliceerd in de bijlage tot het Belgisch Staatsblad dd. 24 juni 2005 onder nr. 0090237. De tekst van deze voorwaarden wordt op uw verzoek gratis toegezonden. All our transactions are subject to the General Conditions of the Belgian Forwarders Association which have been published under nr. 0090237 in the "Bijlage tot het Belgisch Staatsblad" dated June 24th, 2005, and is available free of charge upon request. Toutes nos opérations se font sur base des Conditions Générales des Expéditeurs de Belgique. Le texte en a été publié dans l' Annexe au Moniteur Belge du 24 juin 2005 sous le n° 0090237. Ce texte sera vous envoyé gratuitment sur demande. Email confidentiality notice: This email and any files transmitted with it are confidential and intended only for the use of the recipient. If you have received this email in error please notify its sender.