FELIX-2352: The web console should delegate to JAAS when deployed in Karaf

git-svn-id: https://svn.apache.org/repos/asf/felix/trunk@953048 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/karaf/webconsole/branding/src/main/java/org/apache/felix/karaf/webconsole/JaasSecurityProvider.java b/karaf/webconsole/branding/src/main/java/org/apache/felix/karaf/webconsole/JaasSecurityProvider.java
new file mode 100644
index 0000000..a32f31d
--- /dev/null
+++ b/karaf/webconsole/branding/src/main/java/org/apache/felix/karaf/webconsole/JaasSecurityProvider.java
@@ -0,0 +1,65 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.felix.karaf.webconsole;
+
+import java.io.IOException;
+import java.security.GeneralSecurityException;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginContext;
+
+import org.apache.felix.webconsole.WebConsoleSecurityProvider;
+
+public class JaasSecurityProvider implements WebConsoleSecurityProvider {
+
+    private String realm;
+
+    public String getRealm() {
+        return realm;
+    }
+
+    public void setRealm(String realm) {
+        this.realm = realm;
+    }
+
+    public Object authenticate(final String username, final String password) throws GeneralSecurityException {
+        Subject subject = new Subject();
+        LoginContext loginContext = new LoginContext(realm, subject, new CallbackHandler() {
+            public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+                for (int i = 0; i < callbacks.length; i++) {
+                    if (callbacks[i] instanceof NameCallback) {
+                        ((NameCallback) callbacks[i]).setName(username);
+                    } else if (callbacks[i] instanceof PasswordCallback) {
+                        ((PasswordCallback) callbacks[i]).setPassword(password.toCharArray());
+                    } else {
+                        throw new UnsupportedCallbackException(callbacks[i]);
+                    }
+                }
+            }
+        });
+        loginContext.login();
+        return subject;
+    }
+
+    public void authorize(Object o, String s) throws GeneralSecurityException {
+        throw new UnsupportedOperationException();
+    }
+}
diff --git a/karaf/webconsole/branding/src/main/resources/OSGI-INF/blueprint/webconsole.xml b/karaf/webconsole/branding/src/main/resources/OSGI-INF/blueprint/webconsole.xml
new file mode 100644
index 0000000..5a8cb0b
--- /dev/null
+++ b/karaf/webconsole/branding/src/main/resources/OSGI-INF/blueprint/webconsole.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one or more
+    contributor license agreements.  See the NOTICE file distributed with
+    this work for additional information regarding copyright ownership.
+    The ASF licenses this file to You under the Apache License, Version 2.0
+    (the "License"); you may not use this file except in compliance with
+    the License.  You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+
+-->
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+           xmlns:bp="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+           xmlns:cm="http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.0.0"
+           xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0"
+           default-activation="lazy">
+
+    <ext:property-placeholder placeholder-prefix="$[" placeholder-suffix="]"/>
+
+    <cm:property-placeholder persistent-id="org.apache.felix.karaf.webconsole">
+        <cm:default-properties>
+            <cm:property name="webconsoleRealm" value="karaf"/>
+        </cm:default-properties>
+    </cm:property-placeholder>
+
+    <bean id="securityProvider" class="org.apache.felix.karaf.webconsole.JaasSecurityProvider">
+        <property name="realm" value="${webconsoleRealm}"/>
+    </bean>
+
+    <service auto-export="interfaces" ref="securityProvider" />
+
+</blueprint>