Hi Sahoo, Shaun,
Now, I have resolved the problem which I met.
After investigating again, I found that using
org.glassfish.embeddable.GlassFish(simple-glassfish-api module)
can get AuthenticationService and integrate felix-webconsole's
authentication with Glassfish JAAS successfully.
My souce has updated into github and please review it.
Then, I will start to investigate cdi-related rfp/bug, firstly, I
will investigate
http://java.net/jira/browse/GLASSFISH-18370.
[A Request]
If having time, I wish sahoo can explain why from
felix-webconsole-extension module, can not get HK2 services and
components using Injection way?
--Best Regard!
--Tang
Tang Yong wrote:
> Hi Shaun,
>
> Thanks your suggestion very much.
> I have tried and AuthenticationService has still been not injected
> successfully.
>
> I have confirmed that my working enviroment is ok because I found that
> some class on other modules liking deployment-admin can get injected
> objects liking BaseServiceLocator.
>
> So, whether from felix-webconsole-extension module, can not get HK2
> components or not?
>
> --Tang
>
> Shaun Pei wrote:
>> Hi Yong
>>
>> Did you try to directly inject the AuthenticationService into your code?
>> An example using AuthenticationService is
>> com.sun.enterprise.admin.util.GenericAdminAuthenticator.java, which
>> directly injects the AuthenticationService at line 150.
>>
>>
>>
>> Regards
>>
>> Shaun
>>
>>
>> -----Original Message-----
>> From: Tang Yong [mailto:tangyong_at_cn.fujitsu.com] Sent: Tuesday, July
>> 17, 2012 1:02 PM
>> To: Sahoo; dev_at_glassfish.java.net
>> Subject: About GLASSFISH-12975
>>
>> Dear Sahoo, Security Leader,
>>
>> About GLASSFISH-12975(Use glassfish admin realm for authentication and
>> authorisation of OSGi admin console),
>>
>> I have made a basic prototype put on
>> https://github.com/tangyong/GLASSFISH-12975.
>>
>> You can copy
>> tree/master/felix-webconsole-extension/target/felix-webconsole-extension.jar
>>
>> into modules\autostart and start
>> "GlassFish OSGi Administration Console", then, input GF's admin
>> account and check whether having glassfish admin realm for
>> authentication or not.
>>
>> The following is my design idea and a critical problem needed to discuss.
>>
>> [Desgin]
>> 1 Implement the felix web console's WebConsoleSecurityProvider interface.
>>
>> Note:
>> The current karaf's JaasSecurityProvider class implements felix web
>> console's WebConsoleSecurityProvider2, and the
>> WebConsoleSecurityProvider2 is not in org.apache.felix.webconsole-3.1.2.
>>
>> 2 On FelixWebConsoleExtensionActivator class, register GF's
>> implementation of WebConsoleSecurityProvider.
>>
>> 3 On GF's implementation of WebConsoleSecurityProvider, integrate the
>> glassfish admin realm called "admin-realm". On the current my
>> prototype, I used LoginContextDriver.login(subject,
>> PasswordCredential.class).
>>
>> However, I indeed did not want to use the way, because I found that if
>> using org.glassfish.security.services.impl.AuthenticationServiceFactory
>> to get authentication related to services which should be registered
>> into HK2 components, I think that it will be very good because
>> security-services module can get realm from domain.xml.
>>
>> So, I tried to do it and however, I met a big problem on the whole night.
>>
>> [Problem]
>> Firstly, Please allow me put the codes having the problem as following:
>>
>> @Service
>> public class GlassFishSecurityProvider implements
>> WebConsoleSecurityProvider{
>>
>> @Inject
>> StateManager manager;
>>
>> @Inject
>> BaseServiceLocator serviceLocator;
>>
>> @Override
>> public Object authenticate(String username, String password) {
>>
>> String currentState = manager.getCurrent();
>>
>> // Get Service Instance
>> AuthenticationService atnService =
>> serviceLocator.getComponent(AuthenticationService.class);
>>
>> // Get Service Configuration
>> org.glassfish.security.services.config.AuthenticationService
>> atnConfiguration =
>> serviceLocator.getComponent(org.glassfish.security.services.config.AuthenticationService.class,currentState);
>>
>>
>> // Initialize Service
>> atnService.initialize(atnConfiguration);
>>
>> final Subject fs = null;
>>
>> try {
>> atnService.login(username, password.toCharArray(), fs);
>> } catch (LoginException e) {
>> e.printStackTrace();
>> return null;
>> }
>>
>> return fs;
>> }
>>
>> When debugging the authenticate method, both manager and
>> serviceLocator are null. I have tried many ways and have no effect.
>> So, I want to ask whether from felix-webconsole-extension module, can
>> not get HK2 components or not?
>>
>> --Best Regard!
>> --Tang
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
>
>
>