You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@karaf.apache.org by "Guillaume Nodet (JIRA)" <ji...@apache.org> on 2012/06/13 13:51:42 UTC

[jira] [Created] (KARAF-1543) When deploying new realms the old ones can still be active for a while

Guillaume Nodet created KARAF-1543:
--------------------------------------

             Summary: When deploying new realms the old ones can still be active for a while
                 Key: KARAF-1543
                 URL: https://issues.apache.org/jira/browse/KARAF-1543
             Project: Karaf
          Issue Type: Bug
    Affects Versions: 2.2.7, 2.3.0, 3.0.0
            Reporter: Guillaume Nodet


When we deploy new realms for security, the way is to expose a service using the jaas namespace handler with a higher ranking.
However, this is not really secured, especially at boot time, where the bundles are not all loaded.
One problem is that the login modules provided reside in the same bundles as the realm configuration, so we need to externalize the configuration to a single file in the etc/ folder imho.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Updated] (KARAF-1543) When deploying new realms the old ones can still be active for a while

Posted by "Guillaume Nodet (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/KARAF-1543?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Guillaume Nodet updated KARAF-1543:
-----------------------------------

    Issue Type: Improvement  (was: Bug)
    
> When deploying new realms the old ones can still be active for a while
> ----------------------------------------------------------------------
>
>                 Key: KARAF-1543
>                 URL: https://issues.apache.org/jira/browse/KARAF-1543
>             Project: Karaf
>          Issue Type: Improvement
>    Affects Versions: 2.2.7, 2.3.0, 3.0.0
>            Reporter: Guillaume Nodet
>
> When we deploy new realms for security, the way is to expose a service using the jaas namespace handler with a higher ranking.
> However, this is not really secured, especially at boot time, where the bundles are not all loaded.
> One problem is that the login modules provided reside in the same bundles as the realm configuration, so we need to externalize the configuration to a single file in the etc/ folder imho.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira