glassfish
  1. glassfish
  2. GLASSFISH-12975

Use glassfish admin realm for authentication and authorisation of OSGi admin console

    Details

    • Type: Improvement Improvement
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 3.1
    • Fix Version/s: 4.0_b58
    • Component/s: OSGi
    • Labels:
      None
    • Environment:

      Operating System: All
      Platform: All

    • Issuezilla Id:
      12,975

      Description

      See https://issues.apache.org/jira/browse/FELIX-1764. We should provide a custom
      security provider in felix-webconsole-extension.jar.

        Activity

        Hide
        TangYong added a comment -

        >Currently, the integration work is blocked because of GLASSFISH-19023 .

        Now, Alexey has fixed the problem. I will start to test the improvment.

        Show
        TangYong added a comment - >Currently, the integration work is blocked because of GLASSFISH-19023 . Now, Alexey has fixed the problem. I will start to test the improvment.
        Hide
        TangYong added a comment -

        Now, the work of integrating Felix Web Console 3.1.8(using WebConsolerSecurityProvider2 interface) has been finished and passed test.

        You can use glassfish admin realm and http basic authentication for Glassfish OSGi admin console.

        During the test, the following problems have been fixed, you can see[1].
        1. In order to use Felix Web Console 3.1.8, you must add the following felix related bundles.
        (1) org.apache.felix.dependencymanager-3.0.0.jar
        (2) org.apache.felix.deploymentadmin-0.9.0.jar
        (3) org.apache.felix.metatype-1.0.4.jar
        (4) org.osgi.compendium-4.2.0.jar

        The above bundles have been placed on [2].

        2. On GlassFishSecurityProvider.java, I have used Base64 class to resolve UserName and Password. I originally wish to use org.apache.felix.webconsole.internal.servlet.Base64 class and import the package, however, because org.apache.felix.webconsole.internal.servlet package is not exported by felix webconsole. So, I copyed the class and placed on the felix-webconsole-extension module. Maybe this is not a good solution, but as a temp solution, I think this is enough because Base64 class is independent on other class.

        [1] https://github.com/tangyong/GLASSFISH-12975/tree/master/felix-webconsole-extension
        [2] https://github.com/tangyong/GLASSFISH-12975/tree/master/felix-webconsole-extension/felixbundles

        In addition, on main\pom.xml, you need to change the version of org.apache.felix.webconsole liking the following:
        <dependency>
        <groupId>org.apache.felix</groupId>
        <artifactId>org.apache.felix.webconsole</artifactId>
        <version>3.1.8</version>
        </dependency>

        Show
        TangYong added a comment - Now, the work of integrating Felix Web Console 3.1.8(using WebConsolerSecurityProvider2 interface) has been finished and passed test. You can use glassfish admin realm and http basic authentication for Glassfish OSGi admin console. During the test, the following problems have been fixed, you can see [1] . 1. In order to use Felix Web Console 3.1.8, you must add the following felix related bundles. (1) org.apache.felix.dependencymanager-3.0.0.jar (2) org.apache.felix.deploymentadmin-0.9.0.jar (3) org.apache.felix.metatype-1.0.4.jar (4) org.osgi.compendium-4.2.0.jar The above bundles have been placed on [2] . 2. On GlassFishSecurityProvider.java, I have used Base64 class to resolve UserName and Password. I originally wish to use org.apache.felix.webconsole.internal.servlet.Base64 class and import the package, however, because org.apache.felix.webconsole.internal.servlet package is not exported by felix webconsole. So, I copyed the class and placed on the felix-webconsole-extension module. Maybe this is not a good solution, but as a temp solution, I think this is enough because Base64 class is independent on other class. [1] https://github.com/tangyong/GLASSFISH-12975/tree/master/felix-webconsole-extension [2] https://github.com/tangyong/GLASSFISH-12975/tree/master/felix-webconsole-extension/felixbundles In addition, on main\pom.xml, you need to change the version of org.apache.felix.webconsole liking the following: <dependency> <groupId>org.apache.felix</groupId> <artifactId>org.apache.felix.webconsole</artifactId> <version>3.1.8</version> </dependency>
        Hide
        TangYong added a comment -

        Today, I investigated and built the newest Karaf Implementation(which also integrated the Felix Web Console into karaf's web console), and about the following topics,

        >2 Based 1, we can select 3.1.6 or 3.1.8 or 4.0.0 , however, difference of the three versions is that After 4.0.0,
        >Felix Web Console removed included three inner lib(json-20070829.jar, commons-io-1.4.jar and commons-fileupload-
        >1.1.1.jar), and in order to access Felix Web Console, you must install and start the bundle form of the three inner
        >lib. However, json-20070829.jar has not released a bundle form formally, of course, you can use apache geronimo
        >published bundle[1] form of the json lib or make a bundle form of the json yourself.

        In current Karaf trunk sources, Karaf has used felix.webconsole 4.0.0, however, Karaf used a solution on which Karaf wrapped the source of felix.webconsole and the three inner lib(not osgi bundle form) into karaf's web console using maven-bundle-plugin's <Embed-Dependency> tag. Maybe this is a better solution.

        <Embed-Dependency>
        <!-- Webconsole -->
        org.apache.felix.webconsole;inline=**,

        <!-- Import/Export-Package parsing -->
        org.apache.felix.utils;inline=org/apache/felix/utils/manifest/**,
        org.apache.felix.framework;inline=org/apache/felix/framework/util/VersionRange**,

        <!-- ServiceTracker -->
        org.osgi.compendium;
        inline=org/osgi/util/tracker/*,

        <!-- Required for JSON data transfer -->
        json,

        <!-- File Upload functionality -->
        commons-fileupload,

        <!-- Required by FileUpload and Util -->
        commons-io
        </Embed-Dependency>

        >Maybe this is not a good solution, but as a temp solution, I think this is enough because Base64 class is
        >independent on other class.
        Because Karaf wrapped the source of felix.webconsole into karaf's web console, it needs not copy the Base64 class.

        I plan to try to use the solution to improve the integration, however, currently, because improving other contributions, I think that using the current my solution should also have no problem.

        Show
        TangYong added a comment - Today, I investigated and built the newest Karaf Implementation(which also integrated the Felix Web Console into karaf's web console), and about the following topics, >2 Based 1, we can select 3.1.6 or 3.1.8 or 4.0.0 , however, difference of the three versions is that After 4.0.0, >Felix Web Console removed included three inner lib(json-20070829.jar, commons-io-1.4.jar and commons-fileupload- >1.1.1.jar), and in order to access Felix Web Console, you must install and start the bundle form of the three inner >lib. However, json-20070829.jar has not released a bundle form formally, of course, you can use apache geronimo >published bundle [1] form of the json lib or make a bundle form of the json yourself. In current Karaf trunk sources, Karaf has used felix.webconsole 4.0.0, however, Karaf used a solution on which Karaf wrapped the source of felix.webconsole and the three inner lib(not osgi bundle form) into karaf's web console using maven-bundle-plugin's <Embed-Dependency> tag. Maybe this is a better solution. <Embed-Dependency> <!-- Webconsole --> org.apache.felix.webconsole;inline=**, <!-- Import/Export-Package parsing --> org.apache.felix.utils;inline=org/apache/felix/utils/manifest/**, org.apache.felix.framework;inline=org/apache/felix/framework/util/VersionRange**, <!-- ServiceTracker --> org.osgi.compendium; inline=org/osgi/util/tracker/*, <!-- Required for JSON data transfer --> json, <!-- File Upload functionality --> commons-fileupload, <!-- Required by FileUpload and Util --> commons-io </Embed-Dependency> >Maybe this is not a good solution, but as a temp solution, I think this is enough because Base64 class is >independent on other class. Because Karaf wrapped the source of felix.webconsole into karaf's web console, it needs not copy the Base64 class. I plan to try to use the solution to improve the integration, however, currently, because improving other contributions, I think that using the current my solution should also have no problem.
        Hide
        TangYong added a comment -

        Hi Sahoo,

        The attachment is patch of the issue and on the patch,

        1 all files have been validated with license and copywriter.

        2 all files have formated based UNIX env.

        3 all files are based on gf trunk 09/25.

        4 integrated version of felix web console is 3.1.8.

        5 the bundles in dependencies directory are required in order to run the felix web console 3.1.8, and also need to copy them into gf autostart directory.

        Show
        TangYong added a comment - Hi Sahoo, The attachment is patch of the issue and on the patch, 1 all files have been validated with license and copywriter. 2 all files have formated based UNIX env. 3 all files are based on gf trunk 09/25. 4 integrated version of felix web console is 3.1.8. 5 the bundles in dependencies directory are required in order to run the felix web console 3.1.8, and also need to copy them into gf autostart directory.
        Hide
        Sanjeeb Sahoo added a comment -

        After going through both the sets of patches contributed by Tang Yong, I have decided to incorporate his initial patch which didn't require us to upgrade to Felix Web Console. I have now committed his patch after doing minor modifications.

        This is done in svn rev #56259.

        Thanks a lot to Tang for his contribution.

        Show
        Sanjeeb Sahoo added a comment - After going through both the sets of patches contributed by Tang Yong, I have decided to incorporate his initial patch which didn't require us to upgrade to Felix Web Console. I have now committed his patch after doing minor modifications. This is done in svn rev #56259. Thanks a lot to Tang for his contribution.

          People

          • Assignee:
            Sanjeeb Sahoo
            Reporter:
            Sanjeeb Sahoo
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: