FELIX-2352: The web console should delegate to JAAS when deployed in Karaf
git-svn-id: https://svn.apache.org/repos/asf/felix/trunk@953048 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/karaf/pom.xml b/karaf/pom.xml
index b7192b7..7576804 100644
--- a/karaf/pom.xml
+++ b/karaf/pom.xml
@@ -84,7 +84,7 @@
<felix.osgi.version>1.4.0</felix.osgi.version>
<felix.plugin.version>2.1.0</felix.plugin.version>
<felix.prefs.version>1.0.4</felix.prefs.version>
- <felix.webconsole.version>3.0.0</felix.webconsole.version>
+ <felix.webconsole.version>3.0.1-SNAPSHOT</felix.webconsole.version>
<felix.metatype.version>1.0.2</felix.metatype.version>
<aries.blueprint.version>0.1-incubating</aries.blueprint.version>
<aries.jmx.version>0.1-incubating</aries.jmx.version>
diff --git a/karaf/webconsole/branding/pom.xml b/karaf/webconsole/branding/pom.xml
index 00e5104..cb3b650 100644
--- a/karaf/webconsole/branding/pom.xml
+++ b/karaf/webconsole/branding/pom.xml
@@ -41,6 +41,14 @@
<appendedResourcesDirectory>${basedir}/../../etc/appended-resources</appendedResourcesDirectory>
</properties>
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>org.apache.felix.webconsole</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ </dependencies>
+
<build>
<plugins>
<plugin>
diff --git a/karaf/webconsole/branding/src/main/java/org/apache/felix/karaf/webconsole/JaasSecurityProvider.java b/karaf/webconsole/branding/src/main/java/org/apache/felix/karaf/webconsole/JaasSecurityProvider.java
new file mode 100644
index 0000000..a32f31d
--- /dev/null
+++ b/karaf/webconsole/branding/src/main/java/org/apache/felix/karaf/webconsole/JaasSecurityProvider.java
@@ -0,0 +1,65 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.felix.karaf.webconsole;
+
+import java.io.IOException;
+import java.security.GeneralSecurityException;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginContext;
+
+import org.apache.felix.webconsole.WebConsoleSecurityProvider;
+
+public class JaasSecurityProvider implements WebConsoleSecurityProvider {
+
+ private String realm;
+
+ public String getRealm() {
+ return realm;
+ }
+
+ public void setRealm(String realm) {
+ this.realm = realm;
+ }
+
+ public Object authenticate(final String username, final String password) throws GeneralSecurityException {
+ Subject subject = new Subject();
+ LoginContext loginContext = new LoginContext(realm, subject, new CallbackHandler() {
+ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+ for (int i = 0; i < callbacks.length; i++) {
+ if (callbacks[i] instanceof NameCallback) {
+ ((NameCallback) callbacks[i]).setName(username);
+ } else if (callbacks[i] instanceof PasswordCallback) {
+ ((PasswordCallback) callbacks[i]).setPassword(password.toCharArray());
+ } else {
+ throw new UnsupportedCallbackException(callbacks[i]);
+ }
+ }
+ }
+ });
+ loginContext.login();
+ return subject;
+ }
+
+ public void authorize(Object o, String s) throws GeneralSecurityException {
+ throw new UnsupportedOperationException();
+ }
+}
diff --git a/karaf/webconsole/branding/src/main/resources/OSGI-INF/blueprint/webconsole.xml b/karaf/webconsole/branding/src/main/resources/OSGI-INF/blueprint/webconsole.xml
new file mode 100644
index 0000000..5a8cb0b
--- /dev/null
+++ b/karaf/webconsole/branding/src/main/resources/OSGI-INF/blueprint/webconsole.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+-->
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+ xmlns:bp="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+ xmlns:cm="http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.0.0"
+ xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0"
+ default-activation="lazy">
+
+ <ext:property-placeholder placeholder-prefix="$[" placeholder-suffix="]"/>
+
+ <cm:property-placeholder persistent-id="org.apache.felix.karaf.webconsole">
+ <cm:default-properties>
+ <cm:property name="webconsoleRealm" value="karaf"/>
+ </cm:default-properties>
+ </cm:property-placeholder>
+
+ <bean id="securityProvider" class="org.apache.felix.karaf.webconsole.JaasSecurityProvider">
+ <property name="realm" value="${webconsoleRealm}"/>
+ </bean>
+
+ <service auto-export="interfaces" ref="securityProvider" />
+
+</blueprint>