You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by jb...@apache.org on 2019/10/28 18:02:02 UTC
[karaf] branch master updated: [KARAF-6333] Create JAAS
authentication example
This is an automated email from the ASF dual-hosted git repository.
jbonofre pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/karaf.git
The following commit(s) were added to refs/heads/master by this push:
new 22999b9 [KARAF-6333] Create JAAS authentication example
new 0851cf3 Merge pull request #890 from jbonofre/KARAF-6333
22999b9 is described below
commit 22999b9343ca47092bd40c4dbf782d5e4212bb41
Author: Jean-Baptiste Onofré <jb...@apache.org>
AuthorDate: Tue Jun 25 07:33:12 2019 +0200
[KARAF-6333] Create JAAS authentication example
---
examples/karaf-jaas-example/README.md | 92 ++++++++++++++++++++++
.../karaf-jaas-example-app/pom.xml | 74 +++++++++++++++++
.../examples/jaas/app/JaasExampleCommand.java | 49 ++++++++++++
.../karaf/examples/jaas/app/SecuredService.java | 23 ++++++
.../examples/jaas/app/SecuredServiceImpl.java | 47 +++++++++++
.../karaf-jaas-example-features/pom.xml | 79 +++++++++++++++++++
.../src/main/feature/feature.xml | 36 +++++++++
.../karaf-jaas-example-wab/pom.xml | 63 +++++++++++++++
.../karaf/examples/jaas/wab/ExampleServlet.java | 54 +++++++++++++
.../src/main/webapp/WEB-INF/web.xml | 42 ++++++++++
.../karaf-jaas-example-war/pom.xml | 35 ++++++++
.../src/main/webapp/WEB-INF/web.xml | 46 +++++++++++
.../src/main/webapp/index.jsp | 30 +++++++
examples/karaf-jaas-example/pom.xml | 42 ++++++++++
examples/pom.xml | 1 +
.../karaf/itests/examples/JaasExampleTest.java | 44 +++++++++++
16 files changed, 757 insertions(+)
diff --git a/examples/karaf-jaas-example/README.md b/examples/karaf-jaas-example/README.md
new file mode 100644
index 0000000..afdfa76
--- /dev/null
+++ b/examples/karaf-jaas-example/README.md
@@ -0,0 +1,92 @@
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+# Apache Karaf JAAS security example
+
+## Abstract
+
+This example shows different usage of the Karaf Security service.
+
+It uses the `karaf` security realm to secure actions, services, or web application URLs.
+
+## Secure service & shell command
+
+The `karaf-jaas-example-app` shows a very simple application that use Karaf `security` implicitly to authenticate and
+authorize an user.
+
+You can install the `karaf-jaas-example-app` using the corresponding feature:
+
+```
+karaf@root()> feature:repo-add mvn:org.apache.karaf.examples/karaf-jaas-example-features/LATEST/xml
+karaf@root()> feature:install karaf-jaas-example-app
+```
+
+The application provides the `example:jaas` shell command. This command takes an username and password at argument, which are passed to the `SecuredService`.
+Then, the `SecuredService` authenticates and authorizes the username/password using the `karaf` realm.
+
+If you use `karaf`/`karaf` (default user in Karaf), you will see:
+
+```
+karaf@root()> example:jaas karaf karaf
+Authentication successful
+```
+
+If you use any invalid username/password, you will see:
+
+```
+karaf@root()> example:jaas foo bar
+Error executing command: login failed
+```
+
+## Secure web bundle & servlet
+
+You can install a simple web application bundle using the `karaf-jaas-example-wab` feature:
+
+```
+karaf@root()> feature:repo-add mvn:org.apache.karaf.examples/karaf-jaas-example-features/LATEST/xml
+karaf@root()> feature:install karaf-jaas-example-wab
+```
+
+The web application is registered on `/example` URL.
+
+The web application context is restricted (using HTTP basic authentication) to user with `admin` role.
+
+So, if you point your Internet browser to `http://localhost:8181/example`, you will have to enter username/password.
+
+`karaf`/`karaf` will work as this user has the `admin` role (see in `etc/users.properties`).
+
+If you enter `foo`/`bar` for instance, you won't be able to see the page.
+
+## Secure war
+
+You can install a simple war containing a `index.jsp` and a secure configuration in `WEB-INF/web.xml`.
+
+To install the war, you can use the `karaf-jaas-example-war` feature:
+
+```
+karaf@root()> feature:repo-add mvn:org.apache.karaf.examples/karaf-jaas-example-features/LATEST/xml
+karaf@root()> feature:install karaf-jaas-example-war
+```
+
+The WAR is deployed on `/example` and secured.
+
+It means that if you use `http://localhost:8181/example` in a browser, you will have to enter an username and password.
+
+It's again the `karaf` realm used. So if you enter `karaf`/`karaf`, you will be able to see the home page.
+
+On the other hand, if you enter `foo`/`bar` for instance, you won't be able to access the home page.
\ No newline at end of file
diff --git a/examples/karaf-jaas-example/karaf-jaas-example-app/pom.xml b/examples/karaf-jaas-example/karaf-jaas-example-app/pom.xml
new file mode 100644
index 0000000..3f99d5a
--- /dev/null
+++ b/examples/karaf-jaas-example/karaf-jaas-example-app/pom.xml
@@ -0,0 +1,74 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+ <!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ -->
+
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.karaf.examples</groupId>
+ <artifactId>karaf-jaas-example</artifactId>
+ <version>4.3.0-SNAPSHOT</version>
+ <relativePath>../pom.xml</relativePath>
+ </parent>
+
+ <artifactId>karaf-jaas-example-app</artifactId>
+ <name>Apache Karaf :: Examples :: JAAS :: App</name>
+ <packaging>bundle</packaging>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.karaf.shell</groupId>
+ <artifactId>org.apache.karaf.shell.core</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>osgi.core</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>osgi.cmpn</artifactId>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.karaf.tooling</groupId>
+ <artifactId>karaf-services-maven-plugin</artifactId>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>maven-bundle-plugin</artifactId>
+ <configuration>
+ <instructions>
+ <Export-Package>
+ org.apache.karaf.examples.jaas.app
+ </Export-Package>
+ <Import-Package>
+ org.apache.karaf.shell*;version="[4,5)",
+ *
+ </Import-Package>
+ </instructions>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+
+</project>
\ No newline at end of file
diff --git a/examples/karaf-jaas-example/karaf-jaas-example-app/src/main/java/org/apache/karaf/examples/jaas/app/JaasExampleCommand.java b/examples/karaf-jaas-example/karaf-jaas-example-app/src/main/java/org/apache/karaf/examples/jaas/app/JaasExampleCommand.java
new file mode 100644
index 0000000..82b2110
--- /dev/null
+++ b/examples/karaf-jaas-example/karaf-jaas-example-app/src/main/java/org/apache/karaf/examples/jaas/app/JaasExampleCommand.java
@@ -0,0 +1,49 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.karaf.examples.jaas.app;
+
+import org.apache.karaf.shell.api.action.Action;
+import org.apache.karaf.shell.api.action.Argument;
+import org.apache.karaf.shell.api.action.Command;
+import org.apache.karaf.shell.api.action.lifecycle.Reference;
+import org.apache.karaf.shell.api.action.lifecycle.Service;
+
+@Service
+@Command(scope = "example", name = "jaas", description = "Simple command calling a secured service")
+public class JaasExampleCommand implements Action {
+
+ @Reference
+ private SecuredService securedService;
+
+ @Argument(index = 0, name = "username", description = "Username", multiValued = false, required = true)
+ String username;
+
+ @Argument(index = 1, name = "password", description = "Password", multiValued = false, required = true)
+ String password;
+
+ @Override
+ public Object execute() throws Exception {
+ boolean ok = securedService.action(username, password);
+ if (ok) {
+ System.out.println("Authentication successful");
+ } else {
+ System.err.println("Authentication failed");
+ }
+ return null;
+ }
+
+}
diff --git a/examples/karaf-jaas-example/karaf-jaas-example-app/src/main/java/org/apache/karaf/examples/jaas/app/SecuredService.java b/examples/karaf-jaas-example/karaf-jaas-example-app/src/main/java/org/apache/karaf/examples/jaas/app/SecuredService.java
new file mode 100644
index 0000000..8103274
--- /dev/null
+++ b/examples/karaf-jaas-example/karaf-jaas-example-app/src/main/java/org/apache/karaf/examples/jaas/app/SecuredService.java
@@ -0,0 +1,23 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.karaf.examples.jaas.app;
+
+public interface SecuredService {
+
+ boolean action(String username, String password) throws Exception;
+
+}
diff --git a/examples/karaf-jaas-example/karaf-jaas-example-app/src/main/java/org/apache/karaf/examples/jaas/app/SecuredServiceImpl.java b/examples/karaf-jaas-example/karaf-jaas-example-app/src/main/java/org/apache/karaf/examples/jaas/app/SecuredServiceImpl.java
new file mode 100644
index 0000000..45d2bfd
--- /dev/null
+++ b/examples/karaf-jaas-example/karaf-jaas-example-app/src/main/java/org/apache/karaf/examples/jaas/app/SecuredServiceImpl.java
@@ -0,0 +1,47 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.karaf.examples.jaas.app;
+
+import org.osgi.service.component.annotations.Component;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginContext;
+
+@Component(service = SecuredService.class)
+public class SecuredServiceImpl implements SecuredService {
+
+ @Override
+ public boolean action(String username, String password) throws Exception {
+ LoginContext loginContext = new LoginContext("karaf", callbacks -> {
+ for (Callback callback : callbacks) {
+ if (callback instanceof NameCallback) {
+ ((NameCallback) callback).setName(username);
+ } else if (callback instanceof PasswordCallback) {
+ ((PasswordCallback) callback).setPassword(password.toCharArray());
+ } else {
+ throw new UnsupportedCallbackException(callback);
+ }
+ }
+ });
+ loginContext.login();
+ return (loginContext.getSubject() != null);
+ }
+
+}
diff --git a/examples/karaf-jaas-example/karaf-jaas-example-features/pom.xml b/examples/karaf-jaas-example/karaf-jaas-example-features/pom.xml
new file mode 100644
index 0000000..765666f
--- /dev/null
+++ b/examples/karaf-jaas-example/karaf-jaas-example-features/pom.xml
@@ -0,0 +1,79 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+ <!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ -->
+
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.karaf.examples</groupId>
+ <artifactId>karaf-jaas-example</artifactId>
+ <version>4.3.0-SNAPSHOT</version>
+ <relativePath>../pom.xml</relativePath>
+ </parent>
+
+ <artifactId>karaf-jaas-example-features</artifactId>
+ <name>Apache Karaf :: Examples :: JAAS :: Features</name>
+ <packaging>pom</packaging>
+
+ <build>
+ <resources>
+ <resource>
+ <directory>src/main/feature</directory>
+ <filtering>true</filtering>
+ <targetPath>${project.build.directory}/feature</targetPath>
+ </resource>
+ </resources>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-resources-plugin</artifactId>
+ <executions>
+ <execution>
+ <goals>
+ <goal>resources</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>build-helper-maven-plugin</artifactId>
+ <executions>
+ <execution>
+ <id>attach-artifact</id>
+ <phase>package</phase>
+ <goals>
+ <goal>attach-artifact</goal>
+ </goals>
+ <configuration>
+ <artifacts>
+ <artifact>
+ <file>target/feature/feature.xml</file>
+ <type>xml</type>
+ </artifact>
+ </artifacts>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+
+</project>
\ No newline at end of file
diff --git a/examples/karaf-jaas-example/karaf-jaas-example-features/src/main/feature/feature.xml b/examples/karaf-jaas-example/karaf-jaas-example-features/src/main/feature/feature.xml
new file mode 100644
index 0000000..d5ef905
--- /dev/null
+++ b/examples/karaf-jaas-example/karaf-jaas-example-features/src/main/feature/feature.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<features name="karaf-jaas-example-${project.version}" xmlns="http://karaf.apache.org/xmlns/features/v1.4.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://karaf.apache.org/xmlns/features/v1.4.0 http://karaf.apache.org/xmlns/features/v1.4.0">
+
+ <feature name="karaf-jaas-example-app" version="${project.version}">
+ <feature>scr</feature>
+ <bundle>mvn:org.apache.karaf.examples/karaf-jaas-example-app/${project.version}</bundle>
+ </feature>
+
+ <feature name="karaf-jaas-example-wab" version="${project.version}">
+ <feature prerequisite="true">war</feature>
+ <bundle>mvn:org.apache.karaf.examples/karaf-jaas-example-wab/${project.version}</bundle>
+ </feature>
+
+ <feature name="karaf-jaas-example-war" version="${project.version}">
+ <feature prerequisite="true">war</feature>
+ <bundle>webbundle:mvn:org.apache.karaf.examples/karaf-jaas-example-war/${project.version}/war?Web-ContextPath=example</bundle>
+ </feature>
+
+</features>
\ No newline at end of file
diff --git a/examples/karaf-jaas-example/karaf-jaas-example-wab/pom.xml b/examples/karaf-jaas-example/karaf-jaas-example-wab/pom.xml
new file mode 100644
index 0000000..03f5508
--- /dev/null
+++ b/examples/karaf-jaas-example/karaf-jaas-example-wab/pom.xml
@@ -0,0 +1,63 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+ <!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ -->
+
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.karaf.examples</groupId>
+ <artifactId>karaf-jaas-example</artifactId>
+ <version>4.3.0-SNAPSHOT</version>
+ <relativePath>../pom.xml</relativePath>
+ </parent>
+
+ <artifactId>karaf-jaas-example-wab</artifactId>
+ <name>Apache Karaf :: Examples :: JAAS :: WAB</name>
+ <packaging>bundle</packaging>
+
+ <dependencies>
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>javax.servlet-api</artifactId>
+ <version>3.1.0</version>
+ <scope>provided</scope>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>maven-bundle-plugin</artifactId>
+ <configuration>
+ <instructions>
+ <_wab>src/main/webapp/</_wab>
+ <Web-ContextPath>example</Web-ContextPath>
+ <Export-Package>!*</Export-Package>
+ <Import-Package>
+ *
+ </Import-Package>
+ </instructions>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+
+</project>
\ No newline at end of file
diff --git a/examples/karaf-jaas-example/karaf-jaas-example-wab/src/main/java/org/apache/karaf/examples/jaas/wab/ExampleServlet.java b/examples/karaf-jaas-example/karaf-jaas-example-wab/src/main/java/org/apache/karaf/examples/jaas/wab/ExampleServlet.java
new file mode 100644
index 0000000..8e14358
--- /dev/null
+++ b/examples/karaf-jaas-example/karaf-jaas-example-wab/src/main/java/org/apache/karaf/examples/jaas/wab/ExampleServlet.java
@@ -0,0 +1,54 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.karaf.examples.jaas.wab;
+
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+@WebServlet(name = "ServletExample", urlPatterns = "/foo")
+public class ExampleServlet extends HttpServlet {
+
+ @Override
+ public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+ service(request, response);
+ }
+
+ @Override
+ public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+ service(request, response);
+ }
+
+ @Override
+ public void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+ try (PrintWriter writer = response.getWriter()) {
+ writer.println("<html>");
+ writer.println("<head>");
+ writer.println("<title>Example</title>");
+ writer.println("</head>");
+ writer.println("<body align='center'>");
+ writer.println("<h1>Example Servlet</h1>");
+ writer.println("</body>");
+ writer.println("</html>");
+ }
+ }
+
+}
diff --git a/examples/karaf-jaas-example/karaf-jaas-example-wab/src/main/webapp/WEB-INF/web.xml b/examples/karaf-jaas-example/karaf-jaas-example-wab/src/main/webapp/WEB-INF/web.xml
new file mode 100644
index 0000000..6923a31
--- /dev/null
+++ b/examples/karaf-jaas-example/karaf-jaas-example-wab/src/main/webapp/WEB-INF/web.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
+
+ <display-name>Secured Application</display-name>
+
+ <security-constraint>
+ <display-name>authenticated</display-name>
+ <web-resource-collection>
+ <web-resource-name>Security Zone</web-resource-name>
+ <url-pattern>/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>admin</role-name>
+ </auth-constraint>
+ </security-constraint>
+ <login-config>
+ <auth-method>BASIC</auth-method>
+ <realm-name>karaf</realm-name>
+ </login-config>
+ <security-role>
+ <role-name>admin</role-name>
+ </security-role>
+
+</web-app>
\ No newline at end of file
diff --git a/examples/karaf-jaas-example/karaf-jaas-example-war/pom.xml b/examples/karaf-jaas-example/karaf-jaas-example-war/pom.xml
new file mode 100644
index 0000000..ee5747a
--- /dev/null
+++ b/examples/karaf-jaas-example/karaf-jaas-example-war/pom.xml
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+ <!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ -->
+
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.karaf.examples</groupId>
+ <artifactId>karaf-jaas-example</artifactId>
+ <version>4.3.0-SNAPSHOT</version>
+ <relativePath>../pom.xml</relativePath>
+ </parent>
+
+ <artifactId>karaf-jaas-example-war</artifactId>
+ <name>Apache Karaf :: Examples :: JAAS :: WAR</name>
+ <packaging>war</packaging>
+
+</project>
\ No newline at end of file
diff --git a/examples/karaf-jaas-example/karaf-jaas-example-war/src/main/webapp/WEB-INF/web.xml b/examples/karaf-jaas-example/karaf-jaas-example-war/src/main/webapp/WEB-INF/web.xml
new file mode 100644
index 0000000..c62d4e8
--- /dev/null
+++ b/examples/karaf-jaas-example/karaf-jaas-example-war/src/main/webapp/WEB-INF/web.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
+
+ <display-name>Secured Application</display-name>
+
+ <welcome-file-list>
+ <welcome-file>index.jsp</welcome-file>
+ </welcome-file-list>
+
+ <security-constraint>
+ <display-name>authenticated</display-name>
+ <web-resource-collection>
+ <web-resource-name>Security Zone</web-resource-name>
+ <url-pattern>/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>admin</role-name>
+ </auth-constraint>
+ </security-constraint>
+ <login-config>
+ <auth-method>BASIC</auth-method>
+ <realm-name>karaf</realm-name>
+ </login-config>
+ <security-role>
+ <role-name>admin</role-name>
+ </security-role>
+
+</web-app>
\ No newline at end of file
diff --git a/examples/karaf-jaas-example/karaf-jaas-example-war/src/main/webapp/index.jsp b/examples/karaf-jaas-example/karaf-jaas-example-war/src/main/webapp/index.jsp
new file mode 100644
index 0000000..4baf062
--- /dev/null
+++ b/examples/karaf-jaas-example/karaf-jaas-example-war/src/main/webapp/index.jsp
@@ -0,0 +1,30 @@
+<html>
+ <!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ -->
+<head>
+<title>Hello World!</title>
+</head>
+<body>
+ <h1>Hello World!</h1>
+ <p>
+ It is now
+ <%= new java.util.Date() %></p>
+ <p>
+ You are coming from
+ <%= request.getRemoteAddr() %></p>
+</body>
\ No newline at end of file
diff --git a/examples/karaf-jaas-example/pom.xml b/examples/karaf-jaas-example/pom.xml
new file mode 100644
index 0000000..3cfa5e3
--- /dev/null
+++ b/examples/karaf-jaas-example/pom.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+ <!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ -->
+
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.karaf.examples</groupId>
+ <artifactId>apache-karaf-examples</artifactId>
+ <version>4.3.0-SNAPSHOT</version>
+ <relativePath>../pom.xml</relativePath>
+ </parent>
+
+ <artifactId>karaf-jaas-example</artifactId>
+ <name>Apache Karaf :: Examples :: JAAS</name>
+ <packaging>pom</packaging>
+
+ <modules>
+ <module>karaf-jaas-example-war</module>
+ <module>karaf-jaas-example-wab</module>
+ <module>karaf-jaas-example-app</module>
+ <module>karaf-jaas-example-features</module>
+ </modules>
+
+</project>
\ No newline at end of file
diff --git a/examples/pom.xml b/examples/pom.xml
index 32adf07..c20a547 100644
--- a/examples/pom.xml
+++ b/examples/pom.xml
@@ -47,6 +47,7 @@
<!-- <module>karaf-encryption-example</module> -->
<module>karaf-http-resource-example</module>
<module>karaf-log-appender-example</module>
+ <module>karaf-jaas-example</module>
<!-- <module>karaf-jaas-config-example</module> -->
<!-- <module>karaf-jaas-login-module-example</module> -->
<module>karaf-jdbc-example</module>
diff --git a/itests/test/src/test/java/org/apache/karaf/itests/examples/JaasExampleTest.java b/itests/test/src/test/java/org/apache/karaf/itests/examples/JaasExampleTest.java
new file mode 100644
index 0000000..da6a059
--- /dev/null
+++ b/itests/test/src/test/java/org/apache/karaf/itests/examples/JaasExampleTest.java
@@ -0,0 +1,44 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.karaf.itests.examples;
+
+import org.apache.karaf.itests.BaseTest;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.ops4j.pax.exam.junit.PaxExam;
+import org.ops4j.pax.exam.spi.reactors.ExamReactorStrategy;
+import org.ops4j.pax.exam.spi.reactors.PerMethod;
+
+import java.net.HttpURLConnection;
+import java.net.URL;
+
+@RunWith(PaxExam.class)
+@ExamReactorStrategy(PerMethod.class)
+public class JaasExampleTest extends BaseTest {
+
+ @Test(expected = RuntimeException.class)
+ public void testCommand() throws Exception {
+ // add jaas example repository
+ addFeaturesRepository("mvn:org.apache.karaf.examples/karaf-jaas-example-features/" + System.getProperty("karaf.version") + "/xml");
+
+ // install karaf-jaas-example-app feature
+ installAndAssertFeature("karaf-jaas-example-app");
+
+ // execute example:jaas command
+ String output = executeCommand("example:jaas karaf karaf");
+ assertContains("Authentication successful", output);
+ output = executeCommand("example:jaas foo bar");
+ }
+
+}