4.5. Security framework
ServiceMix Kernel supports JAAS with some enhancements to allow JAAS to work nicely in an OSGi environment.
To deploy a new realm, you can use the following XSD which is supported by a Spring namespace handler and can thus be defined in a spring xml configuration file.
JAAS XSD Schema
<xs:schema elementFormDefault='qualified' targetNamespace='http://servicemix.apache.org/jaas' xmlns:xs='http://www.w3.org/2001/XMLSchema' xmlns:beans="http://www.springframework.org/schema/beans" xmlns:tns='http://servicemix.apache.org/jaas'> <xs:import namespace="http://www.springframework.org/schema/beans"/> <xs:element name="config"> <xs:complexType> <xs:complexContent> <xs:extension base="beans:identifiedType"> <xs:sequence> <xs:element name="module" minOccurs="0" maxOccurs="unbounded"> <xs:complexType mixed="true"> <xs:attribute name="className" use="required" type="xs:string" /> <xs:attribute name="flags" default="required"> <xs:simpleType> <xs:restriction base="xs:NMTOKEN"> <xs:enumeration value="required"/> <xs:enumeration value="requisite"/> <xs:enumeration value="sufficient"/> <xs:enumeration value="optional"/> </xs:restriction> </xs:simpleType> </xs:attribute> </xs:complexType> </xs:element> </xs:sequence> <xs:attribute name="name" use="optional" type="xs:string" /> <xs:attribute name="rank" use="optional" default="0" type="xs:int" /> <xs:attribute name="publish" use="optional" default="true" type="xs:boolean" /> </xs:extension> </xs:complexContent> </xs:complexType> </xs:element> </xs:schema>
You can find the schema at the following location.
Here is an example of this schema:
Example
<jaas:config id="realm" xmlns:jaas="http://servicemix.apache.org/jaas"> <jaas:module className="org.apache.servicemix.kernel.jaas.config.SimpleLoginModule" flags="required"> key=value </jaas:module> </jaas:config>
Deploying such a code will lead to a JaasRealm object in the OSGi registry, which will then be used when using the JAAS login module.