You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by gn...@apache.org on 2014/05/28 13:48:41 UTC
[1/4] git commit: [KARAF-3006] Provide an EventAdmin based audit
trail for JAAS
Repository: karaf
Updated Branches:
refs/heads/master 2fefe3fa9 -> 49afe847f
[KARAF-3006] Provide an EventAdmin based audit trail for JAAS
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/f6d42087
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/f6d42087
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/f6d42087
Branch: refs/heads/master
Commit: f6d4208733ded8299ca2eb0630552e9b1e943d9f
Parents: 2fefe3f
Author: Guillaume Nodet <gn...@gmail.com>
Authored: Tue May 27 17:52:01 2014 +0200
Committer: Guillaume Nodet <gn...@gmail.com>
Committed: Tue May 27 17:52:01 2014 +0200
----------------------------------------------------------------------
jaas/modules/pom.xml | 1 +
.../eventadmin/EventAdminLoginModule.java | 131 +++++++++++++++++++
.../karaf/jaas/modules/impl/KarafRealm.java | 12 ++
3 files changed, 144 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/karaf/blob/f6d42087/jaas/modules/pom.xml
----------------------------------------------------------------------
diff --git a/jaas/modules/pom.xml b/jaas/modules/pom.xml
index 2f70e1e..76205ac 100644
--- a/jaas/modules/pom.xml
+++ b/jaas/modules/pom.xml
@@ -127,6 +127,7 @@
<Import-Package>
javax.net,
org.apache.karaf.jaas.config,
+ org.osgi.service.event;resolution:=optional,
*
</Import-Package>
<Private-Package>
http://git-wip-us.apache.org/repos/asf/karaf/blob/f6d42087/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/eventadmin/EventAdminLoginModule.java
----------------------------------------------------------------------
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/eventadmin/EventAdminLoginModule.java b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/eventadmin/EventAdminLoginModule.java
new file mode 100644
index 0000000..e831fa6
--- /dev/null
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/eventadmin/EventAdminLoginModule.java
@@ -0,0 +1,131 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * under the License.
+ */
+package org.apache.karaf.jaas.modules.eventadmin;
+
+import java.util.Dictionary;
+import java.util.Hashtable;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.ServiceReference;
+import org.osgi.service.event.Event;
+import org.osgi.service.event.EventAdmin;
+
+public class EventAdminLoginModule implements LoginModule {
+
+ public static final String TOPIC_EVENTS = "org/apache/karaf/jaas";
+ public static final String TOPIC_LOGIN = TOPIC_EVENTS + "/LOGIN";
+ public static final String TOPIC_SUCCESS = TOPIC_EVENTS + "/SUCCESS";
+ public static final String TOPIC_FAILURE = TOPIC_EVENTS + "/FAILURE";
+ public static final String TOPIC_LOGOUT = TOPIC_EVENTS + "/LOGOUT";
+
+ private Subject subject;
+ private CallbackHandler handler;
+ private Map<String, ?> options;
+ private String username;
+ private BundleContext bundleContext;
+
+ @Override
+ public void initialize(Subject subject, CallbackHandler handler, Map<String, ?> sharedState, Map<String, ?> options) {
+ this.subject = subject;
+ this.handler = handler;
+ this.options = options;
+ this.bundleContext = (BundleContext) options.get(BundleContext.class.getName());
+ }
+
+ @Override
+ public boolean login() throws LoginException {
+ NameCallback user = new NameCallback("User name:");
+ Callback[] callbacks = new Callback[]{user};
+ try {
+ handler.handle(callbacks);
+ } catch (Exception e) {
+ throw (LoginException) new LoginException("Unable to process callback: " + e.getMessage()).initCause(e);
+ }
+ if (callbacks.length != 1) {
+ throw new IllegalStateException("Number of callbacks changed by server!");
+ }
+ user = (NameCallback) callbacks[0];
+ username = user.getName();
+ sendEvent(TOPIC_LOGIN);
+ return false;
+ }
+
+ @Override
+ public boolean commit() throws LoginException {
+ if (username != null) {
+ sendEvent(TOPIC_SUCCESS);
+ }
+ return false;
+ }
+
+ @Override
+ public boolean abort() throws LoginException {
+ if (username != null) { //work around initial "fake" login
+ sendEvent(TOPIC_FAILURE);
+ username = null;
+ }
+ return false;
+ }
+
+ @Override
+ public boolean logout() throws LoginException {
+ if (username != null) {
+ sendEvent(TOPIC_LOGOUT);
+ username = null;
+ }
+ return false;
+ }
+
+ private void sendEvent(String topic) {
+ if (Boolean.parseBoolean((String) options.get("eventadmin.enabled"))) {
+ Dictionary<String, Object> props = new Hashtable<>();
+ props.put("type", topic.substring(topic.lastIndexOf("/") + 1).toLowerCase());
+ props.put("timestamp", System.currentTimeMillis());
+ props.put("username", username);
+ props.put("subject", subject);
+
+ try {
+ Inner.send(bundleContext, topic, props);
+ } catch (Throwable t) {
+ // Ignore
+ }
+ }
+ }
+
+ static class Inner {
+
+ public static void send(BundleContext bundleContext, String topic, Dictionary<String, Object> props) {
+ ServiceReference<EventAdmin> ref = bundleContext.getServiceReference(EventAdmin.class);
+ if (ref != null) {
+ EventAdmin admin = bundleContext.getService(ref);
+ try {
+ admin.sendEvent(new Event(topic, props));
+ } finally {
+ bundleContext.ungetService(ref);
+ }
+ }
+ }
+ }
+
+
+}
http://git-wip-us.apache.org/repos/asf/karaf/blob/f6d42087/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/impl/KarafRealm.java
----------------------------------------------------------------------
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/impl/KarafRealm.java b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/impl/KarafRealm.java
index a04d5ac..33d9c44 100644
--- a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/impl/KarafRealm.java
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/impl/KarafRealm.java
@@ -33,6 +33,7 @@ public class KarafRealm implements JaasRealm, ManagedService {
private static final String KARAF_ETC = System.getProperty("karaf.etc");
private static final String REALM = "karaf";
+ private static final String EVENTADMIN_MODULE = "org.apache.karaf.jaas.modules.eventadmin.EventAdminLoginModule";
private static final String PROPERTIES_MODULE = "org.apache.karaf.jaas.modules.properties.PropertiesLoginModule";
private static final String PUBLIC_KEY_MODULE = "org.apache.karaf.jaas.modules.publickey.PublickeyLoginModule";
@@ -42,6 +43,9 @@ public class KarafRealm implements JaasRealm, ManagedService {
private static final String ENCRYPTION_SUFFIX = "encryption.suffix";
private static final String ENCRYPTION_ALGORITHM = "encryption.algorithm";
private static final String ENCRYPTION_ENCODING = "encryption.encoding";
+
+ private static final String EVENTADMIN_ENABLED = "eventadmin.enabled";
+
private static final String MODULE = "org.apache.karaf.jaas.module";
private final BundleContext bundleContext;
@@ -61,6 +65,7 @@ public class KarafRealm implements JaasRealm, ManagedService {
props.put(ENCRYPTION_SUFFIX, "{CRYPT}");
props.put(ENCRYPTION_ALGORITHM, "MD5");
props.put(ENCRYPTION_ENCODING, "hexadecimal");
+ props.put(EVENTADMIN_ENABLED, "true");
}
@Override
@@ -102,7 +107,14 @@ public class KarafRealm implements JaasRealm, ManagedService {
publicKeyOptions.put(ProxyLoginModule.PROPERTY_BUNDLE, Long.toString(bundleContext.getBundle().getBundleId()));
publicKeyOptions.put("users", KARAF_ETC + File.separatorChar + "keys.properties");
+ Map<String, Object> eventadminOptions = new HashMap<>();
+ eventadminOptions.putAll(properties);
+ eventadminOptions.put(BundleContext.class.getName(), bundleContext);
+ eventadminOptions.put(ProxyLoginModule.PROPERTY_MODULE, EVENTADMIN_MODULE);
+ eventadminOptions.put(ProxyLoginModule.PROPERTY_BUNDLE, Long.toString(bundleContext.getBundle().getBundleId()));
+
return new AppConfigurationEntry[] {
+ new AppConfigurationEntry(ProxyLoginModule.class.getName(), AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL, eventadminOptions),
new AppConfigurationEntry(ProxyLoginModule.class.getName(), AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT, propertiesOptions),
new AppConfigurationEntry(ProxyLoginModule.class.getName(), AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT, publicKeyOptions)
};
[3/4] git commit: Add missing header
Posted by gn...@apache.org.
Add missing header
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/3ac0b00f
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/3ac0b00f
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/3ac0b00f
Branch: refs/heads/master
Commit: 3ac0b00f0d1aaa6949cb3c9e14b33edcecdb4776
Parents: 400c479
Author: Guillaume Nodet <gn...@gmail.com>
Authored: Tue May 27 18:12:31 2014 +0200
Committer: Guillaume Nodet <gn...@gmail.com>
Committed: Tue May 27 18:12:31 2014 +0200
----------------------------------------------------------------------
...rg.apache.karaf.command.acl.scope_bundle.cfg | 25 ++++++++++++++++++++
1 file changed, 25 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/karaf/blob/3ac0b00f/assemblies/features/framework/src/main/resources/resources/etc/org.apache.karaf.command.acl.scope_bundle.cfg
----------------------------------------------------------------------
diff --git a/assemblies/features/framework/src/main/resources/resources/etc/org.apache.karaf.command.acl.scope_bundle.cfg b/assemblies/features/framework/src/main/resources/resources/etc/org.apache.karaf.command.acl.scope_bundle.cfg
index 62c8d57..5e2621f 100644
--- a/assemblies/features/framework/src/main/resources/resources/etc/org.apache.karaf.command.acl.scope_bundle.cfg
+++ b/assemblies/features/framework/src/main/resources/resources/etc/org.apache.karaf.command.acl.scope_bundle.cfg
@@ -1,3 +1,28 @@
+################################################################################
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+#
+# This configuration file defines the ACLs for scope bundles
+#
+# For an explanation of the syntax of this file, see the file:
+# org.apache.karaf.command.acl.system.cfg
+#
features=org.apache.karaf.features.command
jaas=org.apache.karaf.jaas.command
admin=org.apache.karaf.admin.command
[2/4] git commit: Avoid useless framework refreshes from bundle
watcher
Posted by gn...@apache.org.
Avoid useless framework refreshes from bundle watcher
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/400c4794
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/400c4794
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/400c4794
Branch: refs/heads/master
Commit: 400c47944ef98b2f89aaea855596dc6fb418e529
Parents: f6d4208
Author: Guillaume Nodet <gn...@gmail.com>
Authored: Tue May 27 17:52:36 2014 +0200
Committer: Guillaume Nodet <gn...@gmail.com>
Committed: Tue May 27 17:52:36 2014 +0200
----------------------------------------------------------------------
.../bundle/core/internal/BundleWatcherImpl.java | 34 +++++++++++---------
1 file changed, 18 insertions(+), 16 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/karaf/blob/400c4794/bundle/core/src/main/java/org/apache/karaf/bundle/core/internal/BundleWatcherImpl.java
----------------------------------------------------------------------
diff --git a/bundle/core/src/main/java/org/apache/karaf/bundle/core/internal/BundleWatcherImpl.java b/bundle/core/src/main/java/org/apache/karaf/bundle/core/internal/BundleWatcherImpl.java
index cb52567..5181bc3 100644
--- a/bundle/core/src/main/java/org/apache/karaf/bundle/core/internal/BundleWatcherImpl.java
+++ b/bundle/core/src/main/java/org/apache/karaf/bundle/core/internal/BundleWatcherImpl.java
@@ -115,22 +115,24 @@ public class BundleWatcherImpl implements Runnable, BundleListener, BundleWatche
logger.error("Error updating bundle.", ex);
}
}
- try {
- final CountDownLatch latch = new CountDownLatch(1);
- wiring.refreshBundles(updated, new FrameworkListener() {
- public void frameworkEvent(FrameworkEvent event) {
- latch.countDown();
- }
- });
- latch.await();
- } catch (InterruptedException e) {
- running.set(false);
- }
- for (Bundle bundle : updated) {
+ if (!updated.isEmpty()) {
try {
- bundle.start(Bundle.START_TRANSIENT);
- } catch (BundleException ex) {
- logger.warn("Error starting bundle", ex);
+ final CountDownLatch latch = new CountDownLatch(1);
+ wiring.refreshBundles(updated, new FrameworkListener() {
+ public void frameworkEvent(FrameworkEvent event) {
+ latch.countDown();
+ }
+ });
+ latch.await();
+ } catch (InterruptedException e) {
+ running.set(false);
+ }
+ for (Bundle bundle : updated) {
+ try {
+ bundle.start(Bundle.START_TRANSIENT);
+ } catch (BundleException ex) {
+ logger.warn("Error starting bundle", ex);
+ }
}
}
}
@@ -151,7 +153,7 @@ public class BundleWatcherImpl implements Runnable, BundleListener, BundleWatche
}
private void updateBundleIfNecessary(File localRepository, List<Bundle> updated, Bundle bundle)
- throws FileNotFoundException, BundleException, IOException {
+ throws BundleException, IOException {
File location = getBundleExternalLocation(localRepository, bundle);
if (location != null && location.exists() && location.lastModified() > bundle.getLastModified()) {
InputStream is = new FileInputStream(location);
[4/4] git commit: Fix failing unit tests due to KARAF-1169 and
KARAF-3006
Posted by gn...@apache.org.
Fix failing unit tests due to KARAF-1169 and KARAF-3006
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/49afe847
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/49afe847
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/49afe847
Branch: refs/heads/master
Commit: 49afe847f7f6833399c19151d98fe10a805374c4
Parents: 3ac0b00
Author: Guillaume Nodet <gn...@gmail.com>
Authored: Wed May 28 13:48:28 2014 +0200
Committer: Guillaume Nodet <gn...@gmail.com>
Committed: Wed May 28 13:48:28 2014 +0200
----------------------------------------------------------------------
.../karaf/features/internal/model/Feature.java | 6 ++--
.../karaf/jaas/command/ManageRealmCommand.java | 33 ++++++++++----------
2 files changed, 20 insertions(+), 19 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/karaf/blob/49afe847/features/core/src/main/java/org/apache/karaf/features/internal/model/Feature.java
----------------------------------------------------------------------
diff --git a/features/core/src/main/java/org/apache/karaf/features/internal/model/Feature.java b/features/core/src/main/java/org/apache/karaf/features/internal/model/Feature.java
index 924d68c..3c09ddc 100644
--- a/features/core/src/main/java/org/apache/karaf/features/internal/model/Feature.java
+++ b/features/core/src/main/java/org/apache/karaf/features/internal/model/Feature.java
@@ -95,7 +95,7 @@ public class Feature extends Content implements org.apache.karaf.features.Featur
@XmlAttribute(name = "start-level")
protected Integer startLevel;
@XmlAttribute
- protected boolean hidden;
+ protected Boolean hidden;
protected List<Conditional> conditional;
protected List<Capability> capability;
protected List<Requirement> requirement;
@@ -265,13 +265,13 @@ public class Feature extends Content implements org.apache.karaf.features.Featur
* Gets the value of the hidden property.
*/
public boolean isHidden() {
- return hidden;
+ return hidden == null ? false : hidden;
}
/**
* Sets the value of the hidden property.
*/
- public void setHidden(boolean value) {
+ public void setHidden(Boolean value) {
this.hidden = value;
}
http://git-wip-us.apache.org/repos/asf/karaf/blob/49afe847/jaas/command/src/main/java/org/apache/karaf/jaas/command/ManageRealmCommand.java
----------------------------------------------------------------------
diff --git a/jaas/command/src/main/java/org/apache/karaf/jaas/command/ManageRealmCommand.java b/jaas/command/src/main/java/org/apache/karaf/jaas/command/ManageRealmCommand.java
index a9fa13b..58375c6 100644
--- a/jaas/command/src/main/java/org/apache/karaf/jaas/command/ManageRealmCommand.java
+++ b/jaas/command/src/main/java/org/apache/karaf/jaas/command/ManageRealmCommand.java
@@ -91,23 +91,24 @@ public class ManageRealmCommand extends JaasCommandSupport {
for (JaasRealm r : realms) {
if (r.getName().equals(realmName)) {
realm = r;
- break;
- }
- }
-
- }
- AppConfigurationEntry[] entries = realm.getEntries();
- if (entries != null) {
- for (AppConfigurationEntry e : entries) {
- String moduleClass = (String) e.getOptions().get(ProxyLoginModule.PROPERTY_MODULE);
- if (moduleName == null) {
- entry = e;
- break;
- } else {
- if (moduleName.equals(e.getLoginModuleName()) || moduleName.equals(moduleClass)) {
- entry = e;
- break;
+ AppConfigurationEntry[] entries = realm.getEntries();
+ if (entries != null) {
+ for (AppConfigurationEntry e : entries) {
+ String moduleClass = (String) e.getOptions().get(ProxyLoginModule.PROPERTY_MODULE);
+ if (moduleName == null) {
+ if (getBackingEngine(e) != null) {
+ entry = e;
+ break;
+ }
+ } else {
+ if (moduleName.equals(e.getLoginModuleName()) || moduleName.equals(moduleClass)) {
+ entry = e;
+ break;
+ }
+ }
+ }
}
+ break;
}
}
}