New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add "service" authMode to jolokia-osgi #358

Merged
merged 2 commits into from Feb 7, 2018

Conversation

Projects
None yet
2 participants
@ryandgoulding
Contributor

ryandgoulding commented Nov 14, 2017

Provides the capability to enable "authMode=service" in
org.jolokia.osgi.cfg. This authentication mode provides the ability
to monitor the OSGi service registry for custom implementations of
the Authenticator interface, resulting in delegation of authentication
to third party implementations. This is particularly useful for
integrating jolokia into an existing OSGi project.

If "authMode=service" is enabled, authentication only succeeds if
every implementation of Authenticator.authenticate(...) returns true.
If no implementations are provided, then authentication fails (i.e.,
the system defaults to fail-closed).

The initial idea was presented here:
#225

Signed-off-by: Ryan Goulding ryandgoulding@gmail.com

@ryandgoulding

This comment has been minimized.

Contributor

ryandgoulding commented Feb 1, 2018

Hi rhuss, any chance you can take a look at this PR? Thanks!

@rhuss

This comment has been minimized.

Owner

rhuss commented Feb 5, 2018

@ryandgoulding hey, sorry for this very long delay ;-(

I will have a look tomorrow and will integrate the PR tomorrow, with a release 1.5.0 hopefully towards the end of the week.

Add "service" authMode to jolokia-osgi
Provides the capability to enable "authMode=service" in
org.jolokia.osgi.cfg.  This authentication mode provides the ability
to monitor the OSGi service registry for custom implementations of
the Authenticator interface, resulting in delegation of authentication
to third party implementations.  This is particularly useful for
integrating jolokia into an existing OSGi project.

If "authMode=service" is enabled, authentication only succeeds if
every implementation of Authenticator.authenticate(...) returns true.
If no implementations are provided, then authentication fails (i.e.,
the system defaults to fail-closed).

The initial idea was presented here:
#225

Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>

@rhuss rhuss force-pushed the ryandgoulding:osgi branch from 3258f91 to 06f69d9 Feb 7, 2018

feature(osgi-agent): Update authMode to support "service-any" and "se…
…rvice-all"

service-any: A single Authenticator is enough to succeed
service-all: All Authenticator services need to be positive

Also, switched "Authenticator" from an abstract base class to an
interface. So existing code might need a recompile, not sure.
But since the security package was not exposed previously, I don't think
this is an issue.

@rhuss rhuss force-pushed the ryandgoulding:osgi branch from 06f69d9 to 24328f6 Feb 7, 2018

@rhuss

This comment has been minimized.

Owner

rhuss commented Feb 7, 2018

@ryandgoulding I updated the PR a bit to support the authmodes "service-all" and "service-any" and switched to Authenticator to be an interface. I hope that's ok and doesnt imply to many changes on your side.

Thanks again for all your patience and sorry for the so long delay. I'm going to make a release today or tomorrow, so stay tuned ;-)

thanks ....

@rhuss rhuss merged commit e480036 into rhuss:master Feb 7, 2018

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
@rhuss

This comment has been minimized.

Owner

rhuss commented Feb 8, 2018

@ryandgoulding fyi, I just released 1.5.0 with these changes.

@ryandgoulding

This comment has been minimized.

Contributor

ryandgoulding commented Feb 8, 2018

Thanks! No worries, glad to see it finally made it in!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment