Modularized OSGi Custom Realms in Glassfish v3
By nitkal on Jan 08, 2009
The Open Services Gateway Initiative (OSGi) defines an architecture for developing and deploying modular applications and
libraries. Since Glassfish v3 is a modular, embeddable and an OSGi compliant server, custom realms that are built based on the OSGi framework can be easily integrated and configured with GF v3.This facilitates the creation and configuration of a custom realm without any server restart.
To be recognized as a valid custom realm OSGi module, in addition to the OSGi mandated structure, the custom realm should include the following:
i)The Realm class should include the @Service annotation, with the name attribute referring to the name of the custom realm to be configured:
where @Service is a hk2-specific annotation.
ii) There should be a file named javax.security.auth.spi.LoginModule inside META-INF/services directory of the module archive file. The file should specify the fully qualified name of the Custom Login Module class as in:
A sample OSGi custom realm module can be downloaded from here. On dropping this file in <GF-HOME>/autodeploy-bundles directory, the module should be loaded. Do make sure that the <GF-HOME>/<DOMAIN-DIR>/login.conf
file has an entry for the jaas-context value, referring to the Module
implementation class. This entry can be dynamically added to login.conf(before creating the realm). (This post provides a detailed description on creating a custom realm for GF.)
The realm can now be created from the admin console (name matching the service name specified in the Realm class). This should initialize the realm. No server restart required. On deploying and accessing an application utilizing this realm, the Login module should be initialized as well.This feature works with the latest GF v3 trunk installation.