Details
Description
According to the OSGI spec the JNDI should be:
service ::= ’osgi:service/’ query
This is correctly documented in the Karaf doc:
http://karaf.apache.org/manual/latest/developers-guide/security-framework.html
However, JDBCLoginModule
https://git-wip-us.apache.org/repos/asf?p=karaf.git;a=blob_plain;f=jaas/modules/src/main/java/org/apache/karaf/jaas/modules/jdbc/JDBCLoginModule.java;hb=master
contains:
JDBCLoginModule.java
if (!datasourceURL.startsWith(JDBCUtils.JNDI) && !datasourceURL.startsWith(JDBCUtils.OSGI)) { LOGGER.error("Invalid datasource lookup protocol");
where JDBCUtils.OSGI contains "bundles:"
https://git-wip-us.apache.org/repos/asf?p=karaf.git;a=blob_plain;f=jaas/modules/src/main/java/org/apache/karaf/jaas/modules/jdbc/JDBCUtils.java;hb=master
JDBCUtils.java
public static final String DATASOURCE = "datasource"; public static final String JNDI = "jndi:"; public static final String OSGI = "bundles:";
This causes that the authentication using JDBCLoginModule fails.
A workaround is to define datasource starting with bundles: in place of osgi: in blueprint
<jaas:config name="karaf"> <jaas:module className="org.apache.karaf.jaas.modules.jdbc.JDBCLoginModule" flags="required"> datasource = bundles:javax.sql.DataSource/(osgi.jndi.service.name=jdbc/karafdb) query.password = SELECT PASSWORD FROM USERS WHERE USERNAME=? query.role = SELECT ROLE FROM ROLES WHERE USERNAME=? </jaas:module> </jaas:config>