From b7813d9df68faa91ceb68a2d591fe986401de6a6 Mon Sep 17 00:00:00 2001
From: Svetoslav Neykov <svetoslav.neykov@cloudsoftcorp.com>
Date: Thu, 17 Mar 2016 16:00:08 +0200
Subject: [PATCH] Generate random password if no securiyt provider

Replicate classical launcher behaviour. Note that when accessing from localhost username will still be requested, but will accept any provider.
---
 karaf/init/pom.xml                            |  5 +++++
 .../brooklyn/launcher/osgi/OsgiLauncher.java  | 19 +++++++++++++++++++
 2 files changed, 24 insertions(+)

diff --git a/karaf/init/pom.xml b/karaf/init/pom.xml
index 6f2ac868f1..710d2e4623 100644
--- a/karaf/init/pom.xml
+++ b/karaf/init/pom.xml
@@ -44,6 +44,11 @@
             <artifactId>brooklyn-launcher-common</artifactId>
             <version>${project.version}</version>
         </dependency>
+        <dependency>
+            <groupId>org.apache.brooklyn</groupId>
+            <artifactId>brooklyn-rest-resources</artifactId>
+            <version>${project.version}</version>
+        </dependency>
 
         <dependency>
             <groupId>org.testng</groupId>
diff --git a/karaf/init/src/main/java/org/apache/brooklyn/launcher/osgi/OsgiLauncher.java b/karaf/init/src/main/java/org/apache/brooklyn/launcher/osgi/OsgiLauncher.java
index d08504d547..15c19de490 100644
--- a/karaf/init/src/main/java/org/apache/brooklyn/launcher/osgi/OsgiLauncher.java
+++ b/karaf/init/src/main/java/org/apache/brooklyn/launcher/osgi/OsgiLauncher.java
@@ -17,12 +17,17 @@
 
 import javax.annotation.Nullable;
 
+import org.apache.brooklyn.api.mgmt.ManagementContext;
 import org.apache.brooklyn.api.mgmt.ha.HighAvailabilityMode;
 import org.apache.brooklyn.core.BrooklynVersionService;
 import org.apache.brooklyn.core.internal.BrooklynProperties;
 import org.apache.brooklyn.core.mgmt.persist.PersistMode;
 import org.apache.brooklyn.launcher.common.BasicLauncher;
+import org.apache.brooklyn.rest.BrooklynWebConfig;
+import org.apache.brooklyn.rest.security.provider.BrooklynUserWithRandomPasswordSecurityProvider;
 import org.apache.brooklyn.util.time.Duration;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * Initializer for brooklyn-core when running in an OSGi environment.
@@ -30,6 +35,7 @@
  * Temporarily here; should be totally contained in blueprint beans' init-methods.
  */
 public class OsgiLauncher extends BasicLauncher<OsgiLauncher> {
+    private static final Logger LOG = LoggerFactory.getLogger(OsgiLauncher.class);
 
     private BrooklynVersionService brooklynVersion;
 
@@ -103,4 +109,17 @@ public void setCopyPersistedState(String destinationDir) {
         copyPersistedState(destinationDir);
     }
 
+    @Override
+    protected void startingUp() {
+        super.startingUp();
+        ManagementContext managementContext = getManagementContext();
+        BrooklynProperties brooklynProperties = (BrooklynProperties) managementContext.getConfig();
+        if (BrooklynWebConfig.hasNoSecurityOptions(brooklynProperties)) {
+            LOG.info("No security provider options specified. Define a security provider or users to prevent a random password being created and logged.");
+            brooklynProperties.put(
+                    BrooklynWebConfig.SECURITY_PROVIDER_INSTANCE,
+                    new BrooklynUserWithRandomPasswordSecurityProvider(managementContext));
+        }
+    }
+
 }