Add "service" authMode to jolokia-osgi #358
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Hi rhuss, any chance you can take a look at this PR? Thanks! |
|
@ryandgoulding hey, sorry for this very long delay ;-( I will have a look tomorrow and will integrate the PR tomorrow, with a release 1.5.0 hopefully towards the end of the week. |
Provides the capability to enable "authMode=service" in org.jolokia.osgi.cfg. This authentication mode provides the ability to monitor the OSGi service registry for custom implementations of the Authenticator interface, resulting in delegation of authentication to third party implementations. This is particularly useful for integrating jolokia into an existing OSGi project. If "authMode=service" is enabled, authentication only succeeds if every implementation of Authenticator.authenticate(...) returns true. If no implementations are provided, then authentication fails (i.e., the system defaults to fail-closed). The initial idea was presented here: jolokia#225 Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
…rvice-all" service-any: A single Authenticator is enough to succeed service-all: All Authenticator services need to be positive Also, switched "Authenticator" from an abstract base class to an interface. So existing code might need a recompile, not sure. But since the security package was not exposed previously, I don't think this is an issue.
|
@ryandgoulding I updated the PR a bit to support the authmodes "service-all" and "service-any" and switched to Authenticator to be an interface. I hope that's ok and doesnt imply to many changes on your side. Thanks again for all your patience and sorry for the so long delay. I'm going to make a release today or tomorrow, so stay tuned ;-) thanks .... |
|
@ryandgoulding fyi, I just released 1.5.0 with these changes. |
|
Thanks! No worries, glad to see it finally made it in! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Provides the capability to enable "authMode=service" in
org.jolokia.osgi.cfg. This authentication mode provides the ability
to monitor the OSGi service registry for custom implementations of
the Authenticator interface, resulting in delegation of authentication
to third party implementations. This is particularly useful for
integrating jolokia into an existing OSGi project.
If "authMode=service" is enabled, authentication only succeeds if
every implementation of Authenticator.authenticate(...) returns true.
If no implementations are provided, then authentication fails (i.e.,
the system defaults to fail-closed).
The initial idea was presented here:
#225
Signed-off-by: Ryan Goulding ryandgoulding@gmail.com