You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@karaf.apache.org by "Guillaume Nodet (JIRA)" <ji...@apache.org> on 2012/06/13 13:51:42 UTC
[jira] [Created] (KARAF-1543) When deploying new realms the old
ones can still be active for a while
Guillaume Nodet created KARAF-1543:
--------------------------------------
Summary: When deploying new realms the old ones can still be active for a while
Key: KARAF-1543
URL: https://issues.apache.org/jira/browse/KARAF-1543
Project: Karaf
Issue Type: Bug
Affects Versions: 2.2.7, 2.3.0, 3.0.0
Reporter: Guillaume Nodet
When we deploy new realms for security, the way is to expose a service using the jaas namespace handler with a higher ranking.
However, this is not really secured, especially at boot time, where the bundles are not all loaded.
One problem is that the login modules provided reside in the same bundles as the realm configuration, so we need to externalize the configuration to a single file in the etc/ folder imho.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (KARAF-1543) When deploying new realms the old
ones can still be active for a while
Posted by "Guillaume Nodet (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/KARAF-1543?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Guillaume Nodet updated KARAF-1543:
-----------------------------------
Issue Type: Improvement (was: Bug)
> When deploying new realms the old ones can still be active for a while
> ----------------------------------------------------------------------
>
> Key: KARAF-1543
> URL: https://issues.apache.org/jira/browse/KARAF-1543
> Project: Karaf
> Issue Type: Improvement
> Affects Versions: 2.2.7, 2.3.0, 3.0.0
> Reporter: Guillaume Nodet
>
> When we deploy new realms for security, the way is to expose a service using the jaas namespace handler with a higher ranking.
> However, this is not really secured, especially at boot time, where the bundles are not all loaded.
> One problem is that the login modules provided reside in the same bundles as the realm configuration, so we need to externalize the configuration to a single file in the etc/ folder imho.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira