Details
-
New Feature
-
Status: Closed
-
Major
-
Resolution: Won't Fix
-
None
-
None
-
None
-
Patch Available
Description
Hi
the attached patch includes a PassThroughJAASLoginComponent which forwards a
Message through the NMR and performs a JAAS login. The JAAS Subject is added to
the message properties ("javax.jbi.security.subject").
This component can be used if you have a batch process which should call an JAAS
secured component (for example a EJB service called with JSR-181). The
attached StaticValueCallbackHandler for example enables you to configure static
login information.
Sample Config:
— 8< (start) —
...
<sm:activationSpec componentName="login" service="foo:login">
<sm:component>
<bean class="org.apache.servicemix.components.security.PassThroughJAASLoginComponent">
<property name="loginContext" ref="loginContext" />
</bean>
</sm:component>
</sm:activationSpec>
...
<bean id="loginContext"
class="javax.security.auth.login.LoginContext">
<constructor-arg>
<value>servicemix-domain</value>
</constructor-arg>
<constructor-arg>
<ref local="callbackHandler" />
</constructor-arg>
</bean>
<bean id="callbackHandler"
class="org.apache.servicemix.components.security.StaticValueCallbackHandler">
<property name="name" value="first" />
<property name="password" value="secret" />
</bean>
...
— 8< (end) —
After the PassThroughJAASLoginComponent is invoked and the login could be
performed you can call JAAS secured endpoints.
The patch includes test cases for the component.
Kristian