You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@karaf.apache.org by Caspar MacRae <ea...@gmail.com> on 2012/02/27 14:51:11 UTC
JAAS realms and Equinox
Hello,
I've got a problem that appears to be the same as one discussed on Karaf
IRC here:
http://irclogs.dankulp.com/logs/irclogger_log/karaf?date=2012-02-12,Sun&sel=9#l5
My custom JAAS realm (org.apache.karaf.jaas.modules.ldap.LDAPLoginModule)
doesn't show up when using Equinox but does when using Felix (in Karaf
2.2.4). I couldn't find anything in Jira, does anyone know of a fix or
workaround for this?
2nd question; Equinox seems to be doing something like
org.osgi.framework.bootdelegation=* as some bundles may work fine on
Equinox but fail under Felix with ClassNotFound (those implicitly using
packages from the JRE like org.xml.sax without Import-Package). Is there a
setting to get Equinox to honour strict package import/bootdelegation?
thanks,
Caspar
Re: JAAS realms and Equinox
Posted by Caspar MacRae <ea...@gmail.com>.
Hi JB,
Apologies for the delay. I've tried on a vanilla Karaf 2.2.4 and am
getting the same issue. It's probably something stupid I'm doing but
can't see anything obvious.
I've changed the sensitive details below but it still compiles and deploys
(is visible with realms command in Felix).
If the bits below don't give you the same issue, I can attach the whole
project (is tarball ok? should i send that direct to you?).
thanks,
Caspar
loginmodule blueprint:
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:jaas="http://karaf.apache.org/xmlns/jaas/v1.1.0"
xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0
">
<!-- Bean to allow the $[karaf.base] property to be correctly resolved
<ext:property-placeholder placeholder-prefix="$["
placeholder-suffix="]" />
-->
<jaas:config name="mim" rank="1">
<jaas:module
className="org.apache.karaf.jaas.modules.ldap.LDAPLoginModule"
flags="required">
connection.url = ldap://127.0.0.1:389
connection.username = xxx
connection.password = yyy
user.base.dn = OU=London,DC=acme,DC=int
user.filter =
(distinguishedName=CN=%u,OU=Users,OU=London,DC=acme,DC=int)
user.search.subtree = true
role.base.dn = OU=Security Groups,OU=London,DC=acme,DC=int
role.filter = (member:=CN=%u,OU=Users,OU=London,DC=acme,DC=int)
role.name.attribute = CN
role.search.subtree = true
authentication = simple
</jaas:module>
</jaas:config>
</blueprint>
POM snippet:
<build>
<plugins>
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven-bundle-plugin</artifactId>
<version>${version.plugin.maven.bundle}</version>
<extensions>true</extensions>
<configuration>
<instructions>
<Created-By>Acme Ltd</Created-By>
<Bundle-Category>mim-karaf</Bundle-Category>
<Bundle-SymbolicName>${project.artifactId}</Bundle-SymbolicName>
<Import-Package>org.osgi.service.blueprint;resolution:=optional,
org.apache.karaf.jaas.modules.ldap</Import-Package>
<Private-Package>!*</Private-Package>
</instructions>
</configuration>
<executions>
<execution>
<id>bundle</id>
<goals>
<goal>manifest</goal>
</goals>
<phase>process-classes</phase>
<inherited>true</inherited>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
<version>2.3.1</version>
<configuration>
<archive>
<manifestFile>${project.build.outputDirectory}/META-INF/MANIFEST.MF</manifestFile>
</archive>
</configuration>
</plugin>
</plugins>
</build>
On 27 February 2012 17:25, Jean-Baptiste Onofré <jb...@nanthrax.net> wrote:
> Hi Caspar,
>
> I made a test using Equinox (changing in the config.properties). The
> jaas:realms command works fine for me (I can see my two realms).
>
> Could you provide your JAAS module and configuration to try to reproduce
> it ?
>
> Regards
> JB
>
>
> On 02/27/2012 04:41 PM, Caspar MacRae wrote:
>
>>
>> Great, thanks JB.
>>
>>
>>
>> On 27 February 2012 13:56, Jean-Baptiste Onofré <jb@nanthrax.net
>> <ma...@nanthrax.net>> wrote:
>>
>> Hi Caspar,
>>
>> We had a similar issue on Cellar with Equinox (depending of the OSGi
>> statements).
>>
>> I gonna raise a Jira and work on it.
>>
>> Thanks
>> Regards
>> JB
>>
>>
>> On 02/27/2012 02:51 PM, Caspar MacRae wrote:
>>
>>
>> Hello,
>>
>> I've got a problem that appears to be the same as one discussed
>> on Karaf
>> IRC here:
>> http://irclogs.dankulp.com/__**logs/irclogger_log/karaf?date=**
>> __2012-02-12,Sun&sel=9#l5<http://irclogs.dankulp.com/__logs/irclogger_log/karaf?date=__2012-02-12,Sun&sel=9#l5>
>> <http://irclogs.dankulp.com/**logs/irclogger_log/karaf?date=**
>> 2012-02-12,Sun&sel=9#l5<http://irclogs.dankulp.com/logs/irclogger_log/karaf?date=2012-02-12,Sun&sel=9#l5>
>> >
>> <http://irclogs.dankulp.com/__**logs/irclogger_log/karaf?date=**
>> __2012-02-12,Sun&sel=9#l5<http://irclogs.dankulp.com/__logs/irclogger_log/karaf?date=__2012-02-12,Sun&sel=9#l5>
>>
>> <http://irclogs.dankulp.com/**logs/irclogger_log/karaf?date=**
>> 2012-02-12,Sun&sel=9#l5<http://irclogs.dankulp.com/logs/irclogger_log/karaf?date=2012-02-12,Sun&sel=9#l5>
>> >>
>>
>> My custom JAAS realm
>> (org.apache.karaf.jaas.__**modules.ldap.LDAPLoginModule) doesn't
>>
>> show up
>> when using Equinox but does when using Felix (in Karaf 2.2.4). I
>> couldn't find anything in Jira, does anyone know of a fix or
>> workaround
>> for this?
>>
>> 2nd question; Equinox seems to be doing something like
>> org.osgi.framework.__**bootdelegation=* as some bundles may work
>>
>> fine on
>> Equinox but fail under Felix with ClassNotFound (those
>> implicitly using
>> packages from the JRE like org.xml.sax without Import-Package). Is
>> there a setting to get Equinox to honour strict package
>> import/bootdelegation?
>>
>>
>> thanks,
>> Caspar
>>
>>
>> --
>> Jean-Baptiste Onofré
>> jbonofre@apache.org <ma...@apache.org>
>>
>> http://blog.nanthrax.net
>> Talend - http://www.talend.com
>>
>>
>>
> --
> Jean-Baptiste Onofré
> jbonofre@apache.org
> http://blog.nanthrax.net
> Talend - http://www.talend.com
>
Re: JAAS realms and Equinox
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
Hi Caspar,
I made a test using Equinox (changing in the config.properties). The
jaas:realms command works fine for me (I can see my two realms).
Could you provide your JAAS module and configuration to try to reproduce
it ?
Regards
JB
On 02/27/2012 04:41 PM, Caspar MacRae wrote:
>
> Great, thanks JB.
>
>
>
> On 27 February 2012 13:56, Jean-Baptiste Onofré <jb@nanthrax.net
> <ma...@nanthrax.net>> wrote:
>
> Hi Caspar,
>
> We had a similar issue on Cellar with Equinox (depending of the OSGi
> statements).
>
> I gonna raise a Jira and work on it.
>
> Thanks
> Regards
> JB
>
>
> On 02/27/2012 02:51 PM, Caspar MacRae wrote:
>
>
> Hello,
>
> I've got a problem that appears to be the same as one discussed
> on Karaf
> IRC here:
> http://irclogs.dankulp.com/__logs/irclogger_log/karaf?date=__2012-02-12,Sun&sel=9#l5
> <http://irclogs.dankulp.com/logs/irclogger_log/karaf?date=2012-02-12,Sun&sel=9#l5>
> <http://irclogs.dankulp.com/__logs/irclogger_log/karaf?date=__2012-02-12,Sun&sel=9#l5
> <http://irclogs.dankulp.com/logs/irclogger_log/karaf?date=2012-02-12,Sun&sel=9#l5>>
>
> My custom JAAS realm
> (org.apache.karaf.jaas.__modules.ldap.LDAPLoginModule) doesn't
> show up
> when using Equinox but does when using Felix (in Karaf 2.2.4). I
> couldn't find anything in Jira, does anyone know of a fix or
> workaround
> for this?
>
> 2nd question; Equinox seems to be doing something like
> org.osgi.framework.__bootdelegation=* as some bundles may work
> fine on
> Equinox but fail under Felix with ClassNotFound (those
> implicitly using
> packages from the JRE like org.xml.sax without Import-Package). Is
> there a setting to get Equinox to honour strict package
> import/bootdelegation?
>
>
> thanks,
> Caspar
>
>
> --
> Jean-Baptiste Onofré
> jbonofre@apache.org <ma...@apache.org>
> http://blog.nanthrax.net
> Talend - http://www.talend.com
>
>
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com
Re: JAAS realms and Equinox
Posted by Caspar MacRae <ea...@gmail.com>.
Great, thanks JB.
On 27 February 2012 13:56, Jean-Baptiste Onofré <jb...@nanthrax.net> wrote:
> Hi Caspar,
>
> We had a similar issue on Cellar with Equinox (depending of the OSGi
> statements).
>
> I gonna raise a Jira and work on it.
>
> Thanks
> Regards
> JB
>
>
> On 02/27/2012 02:51 PM, Caspar MacRae wrote:
>
>>
>> Hello,
>>
>> I've got a problem that appears to be the same as one discussed on Karaf
>> IRC here:
>> http://irclogs.dankulp.com/**logs/irclogger_log/karaf?date=**
>> 2012-02-12,Sun&sel=9#l5<http://irclogs.dankulp.com/logs/irclogger_log/karaf?date=2012-02-12,Sun&sel=9#l5>
>> <http://irclogs.dankulp.com/**logs/irclogger_log/karaf?date=**
>> 2012-02-12,Sun&sel=9#l5<http://irclogs.dankulp.com/logs/irclogger_log/karaf?date=2012-02-12,Sun&sel=9#l5>
>> >
>>
>> My custom JAAS realm
>> (org.apache.karaf.jaas.**modules.ldap.LDAPLoginModule) doesn't show up
>> when using Equinox but does when using Felix (in Karaf 2.2.4). I
>> couldn't find anything in Jira, does anyone know of a fix or workaround
>> for this?
>>
>> 2nd question; Equinox seems to be doing something like
>> org.osgi.framework.**bootdelegation=* as some bundles may work fine on
>> Equinox but fail under Felix with ClassNotFound (those implicitly using
>> packages from the JRE like org.xml.sax without Import-Package). Is
>> there a setting to get Equinox to honour strict package
>> import/bootdelegation?
>>
>>
>> thanks,
>> Caspar
>>
>
> --
> Jean-Baptiste Onofré
> jbonofre@apache.org
> http://blog.nanthrax.net
> Talend - http://www.talend.com
>
Re: JAAS realms and Equinox
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
Hi Caspar,
We had a similar issue on Cellar with Equinox (depending of the OSGi
statements).
I gonna raise a Jira and work on it.
Thanks
Regards
JB
On 02/27/2012 02:51 PM, Caspar MacRae wrote:
>
> Hello,
>
> I've got a problem that appears to be the same as one discussed on Karaf
> IRC here:
> http://irclogs.dankulp.com/logs/irclogger_log/karaf?date=2012-02-12,Sun&sel=9#l5
> <http://irclogs.dankulp.com/logs/irclogger_log/karaf?date=2012-02-12,Sun&sel=9#l5>
>
> My custom JAAS realm
> (org.apache.karaf.jaas.modules.ldap.LDAPLoginModule) doesn't show up
> when using Equinox but does when using Felix (in Karaf 2.2.4). I
> couldn't find anything in Jira, does anyone know of a fix or workaround
> for this?
>
> 2nd question; Equinox seems to be doing something like
> org.osgi.framework.bootdelegation=* as some bundles may work fine on
> Equinox but fail under Felix with ClassNotFound (those implicitly using
> packages from the JRE like org.xml.sax without Import-Package). Is
> there a setting to get Equinox to honour strict package
> import/bootdelegation?
>
>
> thanks,
> Caspar
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com