[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [ecf-dev] RFC 119 Distributed OSGi authentication
|
Hi Wim,
FWIW, in ECF's existing impl of RFC119 we are using the service hooks
(RFC 126) support. For those curious, the event hook is in the
following bundle:
org.eclipse.ecf.osgi.services.distribution, class:
org.eclipse.ecf.internal.osgi.services.distribution.EventHookImpl
This and the other RFC119 bundles are here in ecf's cvs area:
org.eclipse.ecf/compendium/bundles
Also...FYI we already have listener interfaces that allow hooking into
the registration/unregistration process on both the service host and the
consumer. These listeners have the following interface names:
org.eclipse.ecf.osgi.services.distribution.IHostContainerFinder
org.eclipse.ecf.osgi.services.distribution.IHostDistributionListener
org.eclipse.ecf.osgi.services.distribution.IProxyContainerFinder
org.eclipse.ecf.osgi.services.distribution.IProxyDistributionListener
The intention here is to allow easy customization of the remote service
registration (host side...i.e. IHost*) as well as remote service
lookup/connect, and actual proxy creation (IProxy*).
All one has to do to hook into these notifications is to create an
implementer of any of the above interfaces and then register it as a
service (i.e. using whiteboard pattern). This would/does allow
customization of the connect/authentication process (including...e.g.
getting/exposing/using credentials).
For the container finder interfaces, there are default implementations
that are used if no other impls are present. These classes are:
org.eclipse.ecf.osgi.services.distribution.DefaultHostContainerFinder
org.eclipse.ecf.osgi.services.distribution.DefaultProxyContainerFinder
You will note, for example, that the DefaultProxyContainerFinder method
'getConnectContext' currently simply returns null (it could return
required/necessary credentials for the client to authenticate to
server). Subclasses of DefaultProxyContainerFinder can/could easily
change this behavior.
Scott
Wim Jongman wrote:
On Fri, Sep 18, 2009 at 6:15 PM, Scott Lewis <slewis@xxxxxxxxxxxxxxxxx
<mailto:slewis@xxxxxxxxxxxxxxxxx>> wrote:
Hi Saul,
Saul Goode wrote:
Is it possible to establish some kind of authentication
between the
provider of a DOSGi remote service (exposed via ECF) and its
client?
There's no specification of authentication or authorization as
part of RFC119 itself (which is moving to be 'remote services' in
the forthcoming OSGi spec).
Take a look at the service hooks API for this as well:
http://www.osgi.org/blog/2009/02/osgi-service-hooks.html for a quick
intro.
Met vriendelijke groet,
Wim Jongman
Remain Software (http://remainsoftware.com)
http://twitter.com/remainsoftware
http://twitter.com/wimjongman
------------------------------------------------------------------------
_______________________________________________
ecf-dev mailing list
ecf-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/ecf-dev