Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-6405

How to configure jaas realms / login modules in Fuse 7 ?

    Details

    • Type: Task
    • Status: Closed
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: fuse-7.0
    • Fix Version/s: fuse-7.0
    • Component/s: Karaf
    • Labels:
      None

      Description

      Hi, I'd like somebody co confirm, what will be supported way of configuring JAAS Realms in Fuse 7.

      Fuse 6.x (Karaf 2.x)

      User would create blueprint.xml with jaas:config section and deploy it as a bundle or xml into fuse.
      Red Hat Documentation: https://access.redhat.com/documentation/en/red-hat-jboss-fuse/6.3/single/security-guide#ESBSecureJAASRealmDef

      Upstream github sources for karaf / jaas / modules:
      https://github.com/apache/karaf/tree/karaf-2.3.x/jaas/modules/src/main/java/org/apache/karaf/jaas/modules

      Found login modules:

      • jdbc/JDBCLoginModule.java
      • ldap/LDAPLoginModule.java
      • osgi/OsgiConfigLoginModule.java
      • properties/PropertiesLoginModule.java
      • publickey/PublickeyLoginModule.java
      • syncope/SyncopeLoginModule.java

      Fuse 7 (Karaf 4.x)

      Upstream documentation: https://karaf.apache.org/manual/latest/#_security_framework

      Upstream github sources for karaf / jaas / modules:
      https://github.com/apache/karaf/tree/master/jaas/modules/src/main/java/org/apache/karaf/jaas/modules

      Found login modules:

      • audit/FileAuditLoginModule.java
      • audit/LogAuditLoginModule.java
      • audit/EventAdminAuditLoginModule.java
      • jdbc/JDBCLoginModule.java
      • krb5/Krb5LoginModule.java
      • ldap/LDAPLoginModule.java
      • ldap/GSSAPILdapLoginModule.java
      • osgi/OsgiConfigLoginModule.java
      • properties/PropertiesLoginModule.java
      • properties/DigestPasswordLoginModule.java
      • publickey/PublickeyLoginModule.java
      • syncope/SyncopeLoginModule.java

      Compared with Karaf 2.x there is new login module for Krb5 and GSSAPI.

      Questions:

      • Will configuration of JAAS Realms remain the same in Fuse 7 (declare blueprint.xml with jaas:config section) ?
      • Can we expect Keycloak login module (configurable by blueprint jaas:config section) ?
      • Karaf 2.x used karaf-jaas-modules.xml for "publishing" default jaas realms to container. Karaf 4.x doesn't blueprint for this. How does this change affect Fuse 7 ?

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  gnodet Guillaume Nodet
                  Reporter:
                  jludvice Josef Ludvicek
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  6 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: