Hi Yong
Did you try to directly inject the AuthenticationService into your code?
An example using AuthenticationService is com.sun.enterprise.admin.util.GenericAdminAuthenticator.java, which directly injects the AuthenticationService at line 150.
Regards
Shaun
-----Original Message-----
From: Tang Yong [mailto:tangyong_at_cn.fujitsu.com]
Sent: Tuesday, July 17, 2012 1:02 PM
To: Sahoo; dev_at_glassfish.java.net
Subject: About GLASSFISH-12975
Dear Sahoo, Security Leader,
About GLASSFISH-12975(Use glassfish admin realm for authentication and authorisation of OSGi admin console),
I have made a basic prototype put on
https://github.com/tangyong/GLASSFISH-12975.
You can copy
tree/master/felix-webconsole-extension/target/felix-webconsole-extension.jar
into modules\autostart and start
"GlassFish OSGi Administration Console", then, input GF's admin account and check whether having glassfish admin realm for authentication or not.
The following is my design idea and a critical problem needed to discuss.
[Desgin]
1 Implement the felix web console's WebConsoleSecurityProvider interface.
Note:
The current karaf's JaasSecurityProvider class implements felix web console's WebConsoleSecurityProvider2, and the
WebConsoleSecurityProvider2 is not in org.apache.felix.webconsole-3.1.2.
2 On FelixWebConsoleExtensionActivator class, register GF's implementation of WebConsoleSecurityProvider.
3 On GF's implementation of WebConsoleSecurityProvider, integrate the glassfish admin realm called "admin-realm". On the current my prototype, I used LoginContextDriver.login(subject, PasswordCredential.class).
However, I indeed did not want to use the way, because I found that if using org.glassfish.security.services.impl.AuthenticationServiceFactory
to get authentication related to services which should be registered into HK2 components, I think that it will be very good because security-services module can get realm from domain.xml.
So, I tried to do it and however, I met a big problem on the whole night.
[Problem]
Firstly, Please allow me put the codes having the problem as following:
@Service
public class GlassFishSecurityProvider implements WebConsoleSecurityProvider{
@Inject
StateManager manager;
@Inject
BaseServiceLocator serviceLocator;
@Override
public Object authenticate(String username, String password) {
String currentState = manager.getCurrent();
// Get Service Instance
AuthenticationService atnService =
serviceLocator.getComponent(AuthenticationService.class);
// Get Service Configuration
org.glassfish.security.services.config.AuthenticationService
atnConfiguration =
serviceLocator.getComponent(org.glassfish.security.services.config.AuthenticationService.class,currentState);
// Initialize Service
atnService.initialize(atnConfiguration);
final Subject fs = null;
try {
atnService.login(username, password.toCharArray(), fs);
} catch (LoginException e) {
e.printStackTrace();
return null;
}
return fs;
}
When debugging the authenticate method, both manager and serviceLocator are null. I have tried many ways and have no effect. So, I want to ask whether from felix-webconsole-extension module, can not get HK2 components or not?
--Best Regard!
--Tang