You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@karaf.apache.org by Charles Moulliard <ch...@gmail.com> on 2016/02/05 12:45:48 UTC
Pax Web - Example of security conbstraint mapping
Hi,
Do we have an example where we map Security Constraint (web.xml)
<security-constraint>
<web-resource-collection>
<web-resource-name>apiman-gateway-api</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>apipublisher</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>apiman</realm-name>
</login-config>
<security-role>
<role-name>apipublisher</role-name>
</security-role>
to the Pax Web
WebContainer.registerConstraintMapping()
Regards,
--
Charles Moulliard
Apache Committer & PMC / Architect @RedHat
Twitter : @cmoulliard | Blog : http://cmoulliard.github.io
Re: Pax Web - Example of security conbstraint mapping
Posted by Achim Nierbeck <bc...@googlemail.com>.
ahh you're talking of non war security.
In that case you need to make sure you have your own httpContext which
handles the security for you.
It's in the OSGi spec how this is supposed to work.
We also have some samples for this.
regards, Achim
2016-02-05 14:08 GMT+01:00 Jean-Baptiste Onofré <jb...@nanthrax.net>:
> Can't you use:
>
> Web-Connectors
> Web-VirtualHosts
>
> headers ?
>
> Regards
> JB
>
> On 02/05/2016 02:07 PM, Charles Moulliard wrote:
>
>> If I use WebContainer, is it possible to define within the start method
>> of the class implementing the BundleActivator, the Web context Path of
>> the module/bundle that we will register within the HTTP Jetty Server ?
>>
>> On Fri, Feb 5, 2016 at 1:40 PM, Achim Nierbeck <bcanhome@googlemail.com
>> <ma...@googlemail.com>> wrote:
>>
>> Yes of course the samples do contain such a sample and
>> of course there is an Integration test available for it :-)
>>
>>
>> 2016-02-05 12:47 GMT+01:00 Jean-Baptiste Onofré <jb@nanthrax.net
>> <ma...@nanthrax.net>>:
>>
>>
>> Yes, I have something that I did for ActiveMQ WebConsole,
>> leveraging etc/jetty.xml.
>>
>> Regards
>> JB
>>
>>
>> On 02/05/2016 12:45 PM, Charles Moulliard wrote:
>>
>> Hi,
>>
>> Do we have an example where we map Security Constraint
>> (web.xml)
>>
>>
>> <security-constraint>
>> <web-resource-collection>
>>
>> <web-resource-name>apiman-gateway-api</web-resource-name>
>> <url-pattern>/*</url-pattern>
>> </web-resource-collection>
>> <auth-constraint>
>> <role-name>apipublisher</role-name>
>> </auth-constraint>
>> </security-constraint>
>> <login-config>
>> <auth-method>BASIC</auth-method>
>> <realm-name>apiman</realm-name>
>> </login-config>
>> <security-role>
>> <role-name>apipublisher</role-name>
>> </security-role>
>>
>> to the Pax Web
>>
>> WebContainer.registerConstraintMapping()
>>
>> Regards,
>>
>> --
>> Charles Moulliard
>> Apache Committer & PMC / Architect @RedHat
>> Twitter : @cmoulliard | Blog : http://cmoulliard.github.io
>> <http://cmoulliard.github.io>
>>
>>
>> --
>> Jean-Baptiste Onofré
>> jbonofre@apache.org <ma...@apache.org>
>> http://blog.nanthrax.net
>> Talend - http://www.talend.com
>>
>>
>>
>>
>> --
>>
>> Apache Member
>> Apache Karaf <http://karaf.apache.org/> Committer & PMC
>> OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/>
>> Committer & Project Lead
>> blog <http://notizblog.nierbeck.de/>
>> Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS>
>>
>> Software Architect / Project Manager / Scrum Master
>>
>>
>>
>>
>> --
>> Charles Moulliard
>> Apache Committer & PMC / Architect @RedHat
>> Twitter : @cmoulliard | Blog : http://cmoulliard.github.io
>> <http://cmoulliard.github.io>
>>
>>
> --
> Jean-Baptiste Onofré
> jbonofre@apache.org
> http://blog.nanthrax.net
> Talend - http://www.talend.com
>
--
Apache Member
Apache Karaf <http://karaf.apache.org/> Committer & PMC
OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/> Committer &
Project Lead
blog <http://notizblog.nierbeck.de/>
Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS>
Software Architect / Project Manager / Scrum Master
Re: Pax Web - Example of security conbstraint mapping
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
Can't you use:
Web-Connectors
Web-VirtualHosts
headers ?
Regards
JB
On 02/05/2016 02:07 PM, Charles Moulliard wrote:
> If I use WebContainer, is it possible to define within the start method
> of the class implementing the BundleActivator, the Web context Path of
> the module/bundle that we will register within the HTTP Jetty Server ?
>
> On Fri, Feb 5, 2016 at 1:40 PM, Achim Nierbeck <bcanhome@googlemail.com
> <ma...@googlemail.com>> wrote:
>
> Yes of course the samples do contain such a sample and
> of course there is an Integration test available for it :-)
>
>
> 2016-02-05 12:47 GMT+01:00 Jean-Baptiste Onofré <jb@nanthrax.net
> <ma...@nanthrax.net>>:
>
> Yes, I have something that I did for ActiveMQ WebConsole,
> leveraging etc/jetty.xml.
>
> Regards
> JB
>
>
> On 02/05/2016 12:45 PM, Charles Moulliard wrote:
>
> Hi,
>
> Do we have an example where we map Security Constraint (web.xml)
>
>
> <security-constraint>
> <web-resource-collection>
>
> <web-resource-name>apiman-gateway-api</web-resource-name>
> <url-pattern>/*</url-pattern>
> </web-resource-collection>
> <auth-constraint>
> <role-name>apipublisher</role-name>
> </auth-constraint>
> </security-constraint>
> <login-config>
> <auth-method>BASIC</auth-method>
> <realm-name>apiman</realm-name>
> </login-config>
> <security-role>
> <role-name>apipublisher</role-name>
> </security-role>
>
> to the Pax Web
>
> WebContainer.registerConstraintMapping()
>
> Regards,
>
> --
> Charles Moulliard
> Apache Committer & PMC / Architect @RedHat
> Twitter : @cmoulliard | Blog : http://cmoulliard.github.io
> <http://cmoulliard.github.io>
>
>
> --
> Jean-Baptiste Onofré
> jbonofre@apache.org <ma...@apache.org>
> http://blog.nanthrax.net
> Talend - http://www.talend.com
>
>
>
>
> --
>
> Apache Member
> Apache Karaf <http://karaf.apache.org/> Committer & PMC
> OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/>
> Committer & Project Lead
> blog <http://notizblog.nierbeck.de/>
> Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS>
>
> Software Architect / Project Manager / Scrum Master
>
>
>
>
> --
> Charles Moulliard
> Apache Committer & PMC / Architect @RedHat
> Twitter : @cmoulliard | Blog : http://cmoulliard.github.io
> <http://cmoulliard.github.io>
>
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com
Re: Pax Web - Example of security conbstraint mapping
Posted by Charles Moulliard <ch...@gmail.com>.
If I use WebContainer, is it possible to define within the start method of
the class implementing the BundleActivator, the Web context Path of the
module/bundle that we will register within the HTTP Jetty Server ?
On Fri, Feb 5, 2016 at 1:40 PM, Achim Nierbeck <bc...@googlemail.com>
wrote:
> Yes of course the samples do contain such a sample and
> of course there is an Integration test available for it :-)
>
>
> 2016-02-05 12:47 GMT+01:00 Jean-Baptiste Onofré <jb...@nanthrax.net>:
>
>> Yes, I have something that I did for ActiveMQ WebConsole, leveraging
>> etc/jetty.xml.
>>
>> Regards
>> JB
>>
>>
>> On 02/05/2016 12:45 PM, Charles Moulliard wrote:
>>
>>> Hi,
>>>
>>> Do we have an example where we map Security Constraint (web.xml)
>>>
>>>
>>> <security-constraint>
>>> <web-resource-collection>
>>> <web-resource-name>apiman-gateway-api</web-resource-name>
>>> <url-pattern>/*</url-pattern>
>>> </web-resource-collection>
>>> <auth-constraint>
>>> <role-name>apipublisher</role-name>
>>> </auth-constraint>
>>> </security-constraint>
>>> <login-config>
>>> <auth-method>BASIC</auth-method>
>>> <realm-name>apiman</realm-name>
>>> </login-config>
>>> <security-role>
>>> <role-name>apipublisher</role-name>
>>> </security-role>
>>>
>>> to the Pax Web
>>>
>>> WebContainer.registerConstraintMapping()
>>>
>>> Regards,
>>>
>>> --
>>> Charles Moulliard
>>> Apache Committer & PMC / Architect @RedHat
>>> Twitter : @cmoulliard | Blog : http://cmoulliard.github.io
>>> <http://cmoulliard.github.io>
>>>
>>>
>> --
>> Jean-Baptiste Onofré
>> jbonofre@apache.org
>> http://blog.nanthrax.net
>> Talend - http://www.talend.com
>>
>
>
>
> --
>
> Apache Member
> Apache Karaf <http://karaf.apache.org/> Committer & PMC
> OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/> Committer &
> Project Lead
> blog <http://notizblog.nierbeck.de/>
> Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS>
>
> Software Architect / Project Manager / Scrum Master
>
>
--
Charles Moulliard
Apache Committer & PMC / Architect @RedHat
Twitter : @cmoulliard | Blog : http://cmoulliard.github.io
Re: Pax Web - Example of security conbstraint mapping
Posted by Achim Nierbeck <bc...@googlemail.com>.
Yes of course the samples do contain such a sample and
of course there is an Integration test available for it :-)
2016-02-05 12:47 GMT+01:00 Jean-Baptiste Onofré <jb...@nanthrax.net>:
> Yes, I have something that I did for ActiveMQ WebConsole, leveraging
> etc/jetty.xml.
>
> Regards
> JB
>
>
> On 02/05/2016 12:45 PM, Charles Moulliard wrote:
>
>> Hi,
>>
>> Do we have an example where we map Security Constraint (web.xml)
>>
>>
>> <security-constraint>
>> <web-resource-collection>
>> <web-resource-name>apiman-gateway-api</web-resource-name>
>> <url-pattern>/*</url-pattern>
>> </web-resource-collection>
>> <auth-constraint>
>> <role-name>apipublisher</role-name>
>> </auth-constraint>
>> </security-constraint>
>> <login-config>
>> <auth-method>BASIC</auth-method>
>> <realm-name>apiman</realm-name>
>> </login-config>
>> <security-role>
>> <role-name>apipublisher</role-name>
>> </security-role>
>>
>> to the Pax Web
>>
>> WebContainer.registerConstraintMapping()
>>
>> Regards,
>>
>> --
>> Charles Moulliard
>> Apache Committer & PMC / Architect @RedHat
>> Twitter : @cmoulliard | Blog : http://cmoulliard.github.io
>> <http://cmoulliard.github.io>
>>
>>
> --
> Jean-Baptiste Onofré
> jbonofre@apache.org
> http://blog.nanthrax.net
> Talend - http://www.talend.com
>
--
Apache Member
Apache Karaf <http://karaf.apache.org/> Committer & PMC
OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/> Committer &
Project Lead
blog <http://notizblog.nierbeck.de/>
Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS>
Software Architect / Project Manager / Scrum Master
Re: Pax Web - Example of security conbstraint mapping
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
Yes, I have something that I did for ActiveMQ WebConsole, leveraging
etc/jetty.xml.
Regards
JB
On 02/05/2016 12:45 PM, Charles Moulliard wrote:
> Hi,
>
> Do we have an example where we map Security Constraint (web.xml)
>
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>apiman-gateway-api</web-resource-name>
> <url-pattern>/*</url-pattern>
> </web-resource-collection>
> <auth-constraint>
> <role-name>apipublisher</role-name>
> </auth-constraint>
> </security-constraint>
> <login-config>
> <auth-method>BASIC</auth-method>
> <realm-name>apiman</realm-name>
> </login-config>
> <security-role>
> <role-name>apipublisher</role-name>
> </security-role>
>
> to the Pax Web
>
> WebContainer.registerConstraintMapping()
>
> Regards,
>
> --
> Charles Moulliard
> Apache Committer & PMC / Architect @RedHat
> Twitter : @cmoulliard | Blog : http://cmoulliard.github.io
> <http://cmoulliard.github.io>
>
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com