trusted header authentication for felix web console?
|
View:
New views
4 Messages
—
Rating Filter:
Alert me
|
 |
trusted header authentication for felix web console?
by Stefan Seifert
::
Rate this Message:
according to current web console docs
http://felix.apache.org/site/apache-felix-web-console.html#ApacheFelixWebConsole-Security only basic authentication is supported. we need to use a trusted header authentication in our infrastructure with an SSO server. is this possible, anyone done this already? stefan --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@... |
|
|
RE: trusted header authentication for felix web console?
by justinedelson
::
Rate this Message:
Sort of.
What I've done is to remove the authentication from the Web Console (by clearing out the username property via ConfigAdmin) and used a Servlet Filter (initially via my own Filter proxy and now with the Felix HttpService's Filter whiteboard function). In my case, I am using Spring Security, but there's nothing Spring Security-specific to this mode. I didn't even look at replacing the authentication/security process within the Web Console because I was looking to provide authentication across an entire web application, of which the Web Console is but one secured path segment. One thing to watch out for - if you do this and the bundle containing the Filter isn't started for some reason, the web console is unsecured. As such, what I did was have a little bootstrap class which unsets the Web Console password when the Filter service is registered and resets it when the Filter service is unregistered. There are probably other ways to handle this scenario. Justin ________________________________ From: Stefan Seifert [mailto:sseifert@...] Sent: Thu 10/15/2009 1:03 PM To: 'users@...' Subject: trusted header authentication for felix web console? according to current web console docs http://felix.apache.org/site/apache-felix-web-console.html#ApacheFelixWebConsole-Security only basic authentication is supported. we need to use a trusted header authentication in our infrastructure with an SSO server. is this possible, anyone done this already? stefan --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@... |
|
|
RE: trusted header authentication for felix web console?
by Stefan Seifert
::
Rate this Message:
>What I've done is to remove the authentication from the Web Console (by >clearing out the username property via ConfigAdmin) and used a Servlet Filter >(initially via my own Filter proxy and now with the Felix HttpService's Filter >whiteboard function). In my case, I am using Spring Security, but there's >nothing Spring Security-specific to this mode. I didn't even look at replacing >the authentication/security process within the Web Console because I was >looking to provide authentication across an entire web application, of which >the Web Console is but one secured path segment. > >One thing to watch out for - if you do this and the bundle containing the >Filter isn't started for some reason, the web console is unsecured. As such, >what I did was have a little bootstrap class which unsets the Web Console >password when the Filter service is registered and resets it when the Filter >service is unregistered. There are probably other ways to handle this >scenario. > >Justin thanks, we'll have a look at this. stefan --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@... |
|
|
Re: trusted header authentication for felix web console?
by Felix Meschberger-2
::
Rate this Message:
Hi Stefan,
We have been discussing abstracting the authentication of the web console out of the core servlet to support other means. For the Sling case for example, we would like to integrate with the Sling authentication mechanism. Other people would like to integrate with JAAS. Guillaume Nodet proposed a simple security API in [1]. I have also created FELIX-1764 [2] to track this. So, if you would like to help, you are very welcome ... Regards Felix [1] http://markmail.org/message/5gwqlt7b3gfz7427 [2] https://issues.apache.org/jira/browse/FELIX-1764 Stefan Seifert schrieb: > according to current web console docs > http://felix.apache.org/site/apache-felix-web-console.html#ApacheFelixWebConsole-Security > only basic authentication is supported. > > we need to use a trusted header authentication in our infrastructure with an SSO server. > is this possible, anyone done this already? > > stefan > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@... > For additional commands, e-mail: users-help@... > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@... |
| Free embeddable forum powered by Nabble | Forum Help |
