You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@felix.apache.org by derekv <de...@yahoo.com> on 2009/05/11 17:42:30 UTC
osgi and jaas
I am trying to use jaas in my osgi proxy server application. I would like the
proxy authorization to be done with jaas. I would like to keep track of what
LoginModules are available, so, the user would be able to pick from a list
of classes that implement the LoginModule interface. Here is my problem
though.
a) User picks a LoginModule to use.
b) App sets up the Configuration so that the LoginModule class choosen
matches to the AppName. (This is the way that jaas does it.)
c) Then when its time to validate a proxy request, I use the new
LoginContext(appName, callbackhandler).login() as jaas specifies.
d) It fails, because it looks like LoginContext.login() does a
Class.forName(loginModuleClassName) and the class of the LoginModule is not
imported/known to the calling bundle.
So, how can i make it work with an existing class that loads up classes by
name, and is not going to know what there name is ahead of time, and the
bundle cant import them because it wont know ahead of time what they are
going to be.
I tried to create an interface something like this:
public interface Authenticator {
public void authenticate(String name, String pass);
}
This way, i was hoping, i could create a bundle that could call the
following code:
new LoginContext(appName, loginModuleClassName).login()
and this bundle would know about the loginModuleClassName. I could then
place the .jar file of the loginModuleClassName and place it in the bundle,
and reference it on the Bundle-ClassPath. Then the main bundle that calls
the Authenticator should be able to just call authenticate() without knowing
what underlying classes were doing the work. But, this didnt work either. It
gives me an error of unable to find LoginModule: blah.blah.blah.Blah. I put
the code "Class.forName(loginModuleClassName)" right inside the
authenticate() method and that worked fine with no errors. So the bundle can
access that class just fine.
I am kinda at a loss as to how to make this work. In summary, I would like
to have one "Main" bundle that uses jaas, and some "child" bundles that
implement the LoginModule interface and are called by the "Main" bundle.
But, the way that LoginContext is coded, it uses Class.forName() and that
breaks everything.
any ideas?
thanks.
--
View this message in context: http://www.nabble.com/osgi-and-jaas-tp23485885p23485885.html
Sent from the Apache Felix - Users mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
For additional commands, e-mail: users-help@felix.apache.org
Re: osgi and jaas
Posted by Guillaume Nodet <gn...@gmail.com>.
You may still run into issues, especially if you want to make you
login modules independant of the bundles using those.
Karaf allows that and also allow deployment of configurations through
the OSGi registry.
See http://felix.apache.org/site/45-security-framework.html
On Mon, May 11, 2009 at 19:15, derekv <de...@yahoo.com> wrote:
>
>
> gnodet wrote:
>>
>> Have you had a look at the jaas stuff in Karaf:
>> https://svn.apache.org/repos/asf/felix/trunk/karaf/jaas
>>
>> You can deploy JAAS configuration dynamically without any change on
>> the client side.
>>
>
> I found this bit of code that seems to get the trick done for me.
>
> ClassLoader ccl = Thread.currentThread().getContextClassLoader();
> try {
>
> Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
> LoginContext lc = new LoginContext("AppName", new
> MyCallbackHandler());
> lc.login();
> }
> finally {
> Thread.currentThread().setContextClassLoader(ccl);
> }
>
> This way, when the LoginContext.login() method is called and it does its
> Class.forName() it can get the loginModuleClass that i have setup for that
> appName, because the classloader has acess to the classes i have in that
> bundle. Not sure if this is the best/good way to do this or not.....
> --
> View this message in context: http://www.nabble.com/osgi-and-jaas-tp23485885p23487286.html
> Sent from the Apache Felix - Users mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
> For additional commands, e-mail: users-help@felix.apache.org
>
>
--
Cheers,
Guillaume Nodet
------------------------
Blog: http://gnodet.blogspot.com/
------------------------
Open Source SOA
http://fusesource.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
For additional commands, e-mail: users-help@felix.apache.org
Re: osgi and jaas
Posted by derekv <de...@yahoo.com>.
gnodet wrote:
>
> Have you had a look at the jaas stuff in Karaf:
> https://svn.apache.org/repos/asf/felix/trunk/karaf/jaas
>
> You can deploy JAAS configuration dynamically without any change on
> the client side.
>
I found this bit of code that seems to get the trick done for me.
ClassLoader ccl = Thread.currentThread().getContextClassLoader();
try {
Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
LoginContext lc = new LoginContext("AppName", new
MyCallbackHandler());
lc.login();
}
finally {
Thread.currentThread().setContextClassLoader(ccl);
}
This way, when the LoginContext.login() method is called and it does its
Class.forName() it can get the loginModuleClass that i have setup for that
appName, because the classloader has acess to the classes i have in that
bundle. Not sure if this is the best/good way to do this or not.....
--
View this message in context: http://www.nabble.com/osgi-and-jaas-tp23485885p23487286.html
Sent from the Apache Felix - Users mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
For additional commands, e-mail: users-help@felix.apache.org
Re: osgi and jaas
Posted by Guillaume Nodet <gn...@gmail.com>.
Have you had a look at the jaas stuff in Karaf:
https://svn.apache.org/repos/asf/felix/trunk/karaf/jaas
You can deploy JAAS configuration dynamically without any change on
the client side.
On Mon, May 11, 2009 at 17:42, derekv <de...@yahoo.com> wrote:
>
> I am trying to use jaas in my osgi proxy server application. I would like the
> proxy authorization to be done with jaas. I would like to keep track of what
> LoginModules are available, so, the user would be able to pick from a list
> of classes that implement the LoginModule interface. Here is my problem
> though.
>
> a) User picks a LoginModule to use.
> b) App sets up the Configuration so that the LoginModule class choosen
> matches to the AppName. (This is the way that jaas does it.)
> c) Then when its time to validate a proxy request, I use the new
> LoginContext(appName, callbackhandler).login() as jaas specifies.
> d) It fails, because it looks like LoginContext.login() does a
> Class.forName(loginModuleClassName) and the class of the LoginModule is not
> imported/known to the calling bundle.
>
> So, how can i make it work with an existing class that loads up classes by
> name, and is not going to know what there name is ahead of time, and the
> bundle cant import them because it wont know ahead of time what they are
> going to be.
>
>
>
> I tried to create an interface something like this:
>
> public interface Authenticator {
> public void authenticate(String name, String pass);
> }
>
> This way, i was hoping, i could create a bundle that could call the
> following code:
>
> new LoginContext(appName, loginModuleClassName).login()
>
> and this bundle would know about the loginModuleClassName. I could then
> place the .jar file of the loginModuleClassName and place it in the bundle,
> and reference it on the Bundle-ClassPath. Then the main bundle that calls
> the Authenticator should be able to just call authenticate() without knowing
> what underlying classes were doing the work. But, this didnt work either. It
> gives me an error of unable to find LoginModule: blah.blah.blah.Blah. I put
> the code "Class.forName(loginModuleClassName)" right inside the
> authenticate() method and that worked fine with no errors. So the bundle can
> access that class just fine.
>
> I am kinda at a loss as to how to make this work. In summary, I would like
> to have one "Main" bundle that uses jaas, and some "child" bundles that
> implement the LoginModule interface and are called by the "Main" bundle.
> But, the way that LoginContext is coded, it uses Class.forName() and that
> breaks everything.
>
> any ideas?
>
> thanks.
>
> --
> View this message in context: http://www.nabble.com/osgi-and-jaas-tp23485885p23485885.html
> Sent from the Apache Felix - Users mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
> For additional commands, e-mail: users-help@felix.apache.org
>
>
--
Cheers,
Guillaume Nodet
------------------------
Blog: http://gnodet.blogspot.com/
------------------------
Open Source SOA
http://fusesource.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
For additional commands, e-mail: users-help@felix.apache.org