| <!DOCTYPE html> |
| <html lang="en"> |
| <head> |
| <meta charset="utf-8"> |
| <meta name="viewport" content="width=device-width,initial-scale=1"> |
| <title>Web Console Security Provider :: Apache Felix</title> |
| <link rel="canonical" href="https://felix.apache.org/documentation/subprojects/apache-felix-web-console/web-console-security-provider.html"> |
| <meta name="generator" content="Antora 2.3.4"> |
| <link rel="stylesheet" href="../../../_/css/site.css"> |
| <link rel="icon" href="../../../_/img/favicon.png" type="image/x-icon"> |
| </head> |
| <body class="article"> |
| <header class="header"> |
| <nav class="navbar"> |
| <div class="navbar-brand"> |
| <a class="navbar-item" href="https://felix.apache.org/index.html"> |
| <span> |
| <img src="../../../_/img/logo.png"> |
| </span> |
| </a> |
| <button class="navbar-burger" data-target="topbar-nav"> |
| <span></span> |
| <span></span> |
| <span></span> |
| </button> |
| </div> |
| <div id="topbar-nav" class="navbar-menu"> |
| <div class="navbar-end"> |
| <a class="navbar-item" href="https://felix.apache.org/index.html">Home</a> |
| <div class="navbar-item has-dropdown is-hoverable"> |
| <a class="navbar-link" href="#">Subprojects</a> |
| <div class="navbar-dropdown"> |
| <a class="navbar-item" href="../apache-felix-dependency-manager.html">Dependency Manager</a> |
| <a class="navbar-item" href="../apache-felix-event-admin.html">Event Admin</a> |
| <a class="navbar-item" href="../apache-felix-file-install.html">File Install</a> |
| <a class="navbar-item" href="../apache-felix-framework.html">Framework</a> |
| <a class="navbar-item" href="../apache-felix-gogo.html">Gogo Shell</a> |
| <a class="navbar-item" href="../apache-felix-healthchecks.html">Health Checks</a> |
| <a class="navbar-item" href="../apache-felix-inventory.html">Inventory</a> |
| <a class="navbar-item" href="../apache-felix-log.html">Log</a> |
| <a class="navbar-item" href="../apache-felix-logback.html">Logback</a> |
| <a class="navbar-item" href="../apache-felix-maven-bundle-plugin.html">Maven bundle plugin</a> |
| <a class="navbar-item" href="../apache-felix-maven-scr-plugin.html">Maven SCR plugin</a> |
| <a class="navbar-item" href="../apache-felix-metatype-service.html">Metatype Service</a> |
| <a class="navbar-item" href="../apache-felix-preferences-service.html">Preferences Service</a> |
| <a class="navbar-item" href="../apache-felix-remote-shell.html">Remote Shell</a> |
| <a class="navbar-item" href="../apache-felix-script-console-plugin.html">Script console plugin</a> |
| <a class="navbar-item" href="../apache-felix-shell.html">Lightweight shell</a> |
| <a class="navbar-item" href="../apache-felix-shell-tui.html">Shell TUI</a> |
| <a class="navbar-item" href="../apache-felix-web-console.html">Web Console</a> |
| </div> |
| </div> |
| <div class="navbar-item"> |
| <span class="control"> |
| <a class="button is-primary" href="../../downloads.html">Downloads</a> |
| </span> |
| </div> |
| </div> |
| </div> |
| </nav> |
| </header> |
| <div class="body"> |
| <div class="nav-container" data-component="documentation" data-version="master"> |
| <aside class="nav"> |
| <div class="panels"> |
| <div class="nav-panel-menu is-active" data-panel="menu"> |
| <nav class="nav-menu"> |
| <h3 class="title"><a href="../../index.html">Documentation</a></h3> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="0"> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="1"> |
| <a class="nav-link" href="../../documentation.html">Documentation</a> |
| </li> |
| <li class="nav-item" data-depth="1"> |
| <a class="nav-link" href="../../downloads.html">Downloads</a> |
| </li> |
| <li class="nav-item" data-depth="1"> |
| <a class="nav-link" href="../../getting-started.html">Getting Started</a> |
| </li> |
| <li class="nav-item" data-depth="1"> |
| <a class="nav-link" href="../../news.html">News</a> |
| </li> |
| <li class="nav-item" data-depth="1"> |
| <button class="nav-item-toggle"></button> |
| <span class="nav-text">Community</span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../../community/project-info.html">Apache Felix Project Info</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../../community/contributing.html">Contributing</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../../community/projects-using-felix.html">Projects Using Felix</a> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="1"> |
| <button class="nav-item-toggle"></button> |
| <span class="nav-text">Development</span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../../development/coding-standards.html">Coding Standards</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../../development/dependencies-file-template.html">DEPENDENCIES file template</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../../development/provisional-osgi-api-policy.html">Provisional OSGi API Policy</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../../development/release-management-nexus.html">Release Management</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../../development/site-how-to.html">Site How To</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../../development/using-the-osgi-compliance-tests.html">Using the OSGi Compliance Tests</a> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="1"> |
| <button class="nav-item-toggle"></button> |
| <a class="nav-link" href="../../faqs.html">FAQS</a> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../../faqs/apache-felix-bundle-plugin-faq.html">Apache Felix Bundle Plugin Frequently Asked Questions</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../../faqs/apache-felix-scr-plugin-faq.html">Apache Felix SCR Plugin Frequently Asked Questions</a> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="1"> |
| <button class="nav-item-toggle"></button> |
| <a class="nav-link" href="../../subprojects.html">Subprojects</a> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="2"> |
| <button class="nav-item-toggle"></button> |
| <a class="nav-link" href="../apache-felix-dependency-manager.html">Apache Felix Dependency Manager</a> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <button class="nav-item-toggle"></button> |
| <span class="nav-text">Guides</span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/guides/migrating-from-earlier-versions.html">Apache Felix Dependency Manager - Migrating from earlier versions</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/guides/annotations.html">Dependency Manager - Annotations</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/guides/background.html">Dependency Manager - Background</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/guides/bundles-and-dependencies.html">Dependency Manager - Bundles and Dependencies</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/guides/design-patterns.html">Dependency Manager - Design Patterns</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/guides/development.html">Dependency Manager - Development</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/guides/history.html">Dependency Manager - History</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/guides/javadocs.html">Dependency Manager - JavaDocs</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/guides/migrating-from-other-solutions.html">Dependency Manager - Migrating from other solutions.</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/guides/performance-tuning.html">Dependency Manager - Performance Tuning</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/guides/resources.html">Dependency Manager - Resource adapters</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/guides/whatsnew.html">Dependency Manager - What’s new in version 4?</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/guides/dm-lambda.html">Dependency Manager Lambda</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/guides/whatsnew-r15.html">What’s New in R15</a> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <button class="nav-item-toggle"></button> |
| <span class="nav-text">Reference</span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/reference/component-adapter.html">Dependency Manager - Adapter</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/reference/component-aspect.html">Dependency Manager - Aspect</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/reference/component-bundle-adapter.html">Dependency Manager - Bundle Adapter</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/reference/dependency-bundle.html">Dependency Manager - Bundle Dependency</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/reference/components.html">Dependency Manager - Components</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/reference/dependency-configuration.html">Dependency Manager - Configuration Dependency</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/reference/dependencies.html">Dependency Manager - Dependencies</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/reference/external-links.html">Dependency Manager - External Links</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/reference/component-factory-configuration-adapter.html">Dependency Manager - Factory Configuration Adapter Service</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/reference/component-resource-adapter.html">Dependency Manager - Resource Adapter</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/reference/dependency-resource.html">Dependency Manager - Resource Dependency</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/reference/dependency-service.html">Dependency Manager - Service Dependency</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/reference/service-scopes.html">Dependency Manager - Service Scopes</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/reference/component-singleton.html">Dependency Manager - Singleton Component</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/reference/thread-model.html">Dependency Manager - Thread Model</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/reference/dm-annotations.html">Dependency Manager Annotations</a> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <button class="nav-item-toggle"></button> |
| <span class="nav-text">Tutorials</span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/tutorials/working-with-annotations.html">Dependency Manager - Annotations</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/tutorials/getting-started.html">Dependency Manager - Getting Started</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/tutorials/leveraging-the-shell.html">Dependency Manager - Leveraging the shell</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="../apache-felix-dependency-manager/tutorials/sample-code.html">Dependency Manager sample projects</a> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../apache-felix-event-admin.html">Apache Felix Event Admin</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../apache-felix-file-install.html">Apache Felix File Install</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <button class="nav-item-toggle"></button> |
| <a class="nav-link" href="../apache-felix-framework.html">Apache Felix Framework</a> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../apache-felix-framework/apache-felix-framework-bundle-cache.html">Apache Felix Framework Bundle Cache</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../apache-felix-framework/apache-felix-framework-configuration-properties.html">Apache Felix Framework Configuration Properties</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../apache-felix-framework/apache-felix-framework-faq.html">Apache Felix Framework Frequently Asked Questions</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../apache-felix-framework/apache-felix-framework-launching-and-embedding.html">Apache Felix Framework Launching and Embedding</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../apache-felix-framework/apache-felix-framework-usage-documentation.html">Apache Felix Framework Usage Documentation</a> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../apache-felix-framework-security.html">Apache Felix Framework Security</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <button class="nav-item-toggle"></button> |
| <a class="nav-link" href="../apache-felix-gogo.html">Apache Felix Gogo</a> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../apache-felix-gogo/rfc-147-overview.html">RFC 147 Overview</a> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../apache-felix-healthchecks.html">Apache Felix Health Checks</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../apache-felix-inventory.html">Apache Felix Inventory Printer</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../apache-felix-log.html">Apache Felix Log</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../apache-felix-logback.html">Apache Felix Logback</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../apache-felix-maven-bundle-plugin-bnd.html">Apache Felix Maven Bundle Plugin (BND)</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../apache-felix-metatype-service.html">Apache Felix Metatype Service</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../apache-felix-osgi-bundle-repository.html">Apache Felix OSGi Bundle Repository (OBR)</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../apache-felix-preferences-service.html">Apache Felix Preferences Service</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../apache-felix-remote-shell.html">Apache Felix Remote Shell</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../apache-felix-shell.html">Apache Felix Shell</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../apache-felix-shell-tui.html">Apache Felix Shell TUI</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <button class="nav-item-toggle"></button> |
| <a class="nav-link" href="../apache-felix-web-console.html">Apache Felix Web Console</a> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="extending-the-apache-felix-web-console.html">Extending the Apache Felix Web Console</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="web-console-restful-api.html">Web Console RESTful API</a> |
| </li> |
| <li class="nav-item is-current-page" data-depth="3"> |
| <a class="nav-link" href="web-console-security-provider.html">Web Console Security Provider</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <button class="nav-item-toggle"></button> |
| <span class="nav-text">Extensions</span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="extending-the-apache-felix-web-console/branding-the-web-console.html">Branding the Web Console</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="extending-the-apache-felix-web-console/providing-resources.html">Providing Resources</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="extending-the-apache-felix-web-console/providing-web-console-plugins.html">Providing Web Console Plugins</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="extending-the-apache-felix-web-console/web-console-logging.html">Web Console Logging</a> |
| </li> |
| <li class="nav-item" data-depth="4"> |
| <a class="nav-link" href="extending-the-apache-felix-web-console/web-console-output-templating.html">Web Console Output Templating</a> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <button class="nav-item-toggle"></button> |
| <span class="nav-text">Maven SCR plugin</span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../apache-felix-maven-scr-plugin/apache-felix-maven-scr-plugin-use.html">Apache Felix Maven SCR Plugin Use</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../apache-felix-maven-scr-plugin/apache-felix-scr-bndtools-use.html">Apache Felix SCR Annotations BndTools Use</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../apache-felix-maven-scr-plugin/apache-felix-scr-ant-task-use.html">Apache Felix SCR Ant Task Use</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../apache-felix-maven-scr-plugin/extending-scr-annotations.html">Extending SCR Annotations Excerpt: How add new Annotations extending the base Annotations</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../apache-felix-maven-scr-plugin/scr-annotations.html">SCR Annotations Excerpt: Using Java 5 Annotations to describe the component or service.</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../apache-felix-maven-scr-plugin/scr-javadoc-tags.html">SCR JavaDoc Tags Excerpt: Using JavaDoc Tags to describe the component or service.</a> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="1"> |
| <button class="nav-item-toggle"></button> |
| <a class="nav-link" href="../../tutorials-examples-and-presentations.html">Tutorials</a> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../../tutorials-examples-and-presentations/apache-felix-application-demonstration.html">Apache Felix Application Demonstration</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../../tutorials-examples-and-presentations/apache-felix-osgi-tutorial.html">Apache Felix OSGi Tutorial</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <a class="nav-link" href="../../tutorials-examples-and-presentations/apache-felix-osgi-faq.html">OSGi Frequently Asked Questions</a> |
| </li> |
| <li class="nav-item" data-depth="2"> |
| <button class="nav-item-toggle"></button> |
| <span class="nav-text">OSGI Tutorial</span> |
| <ul class="nav-list"> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../../tutorials-examples-and-presentations/apache-felix-osgi-tutorial/apache-felix-tutorial-example-1.html">Apache Felix Tutorial Example 1 - Service Event Listener Bundle</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../../tutorials-examples-and-presentations/apache-felix-osgi-tutorial/apache-felix-tutorial-example-2.html">Apache Felix Tutorial Example 2</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../../tutorials-examples-and-presentations/apache-felix-osgi-tutorial/apache-felix-tutorial-example-2b.html">Apache Felix Tutorial Example 2b</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../../tutorials-examples-and-presentations/apache-felix-osgi-tutorial/apache-felix-tutorial-example-3.html">Apache Felix Tutorial Example 3</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../../tutorials-examples-and-presentations/apache-felix-osgi-tutorial/apache-felix-tutorial-example-4.html">Apache Felix Tutorial Example 4</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../../tutorials-examples-and-presentations/apache-felix-osgi-tutorial/apache-felix-tutorial-example-5.html">Apache Felix Tutorial Example 5</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../../tutorials-examples-and-presentations/apache-felix-osgi-tutorial/apache-felix-tutorial-example-6.html">Example 6 - Spell Checker Service Bundle</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../../tutorials-examples-and-presentations/apache-felix-osgi-tutorial/apache-felix-tutorial-example-7.html">Example 7 - Spell Checker Client Bundle</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../../tutorials-examples-and-presentations/apache-felix-osgi-tutorial/apache-felix-tutorial-example-8.html">Example 8 - Spell Checker Service using Service Binder</a> |
| </li> |
| <li class="nav-item" data-depth="3"> |
| <a class="nav-link" href="../../tutorials-examples-and-presentations/apache-felix-osgi-tutorial/apache-felix-tutorial-example-9.html">Example 9 - Spell Checker Service using Declarative Services</a> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| <li class="nav-item" data-depth="1"> |
| <a class="nav-link" href="../../license.html">Apache License 2.0</a> |
| </li> |
| <li class="nav-item" data-depth="1"> |
| <a class="nav-link" href="../../site-map.html">Site map</a> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </nav> |
| </div> |
| <div class="nav-panel-explore" data-panel="explore"> |
| <div class="context"> |
| <span class="title">Documentation</span> |
| <span class="version">master</span> |
| </div> |
| <ul class="components"> |
| <li class="component is-current"> |
| <span class="title">Documentation</span> |
| <ul class="versions"> |
| <li class="version is-current is-latest"> |
| <a href="../../index.html">master</a> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </div> |
| </div> |
| </aside> |
| </div> |
| <main class="article"> |
| <div class="toolbar" role="navigation"> |
| <button class="nav-toggle"></button> |
| <a href="../../index.html" class="home-link"></a> |
| <nav class="breadcrumbs" aria-label="breadcrumbs"> |
| <ul> |
| <li><a href="../../index.html">Documentation</a></li> |
| <li><a href="../../subprojects.html">Subprojects</a></li> |
| <li><a href="../apache-felix-web-console.html">Apache Felix Web Console</a></li> |
| <li><a href="web-console-security-provider.html">Web Console Security Provider</a></li> |
| </ul> |
| </nav> |
| <div class="edit-this-page"><a href="https://github.com/apache/felix-antora-site/edit/main/modules/ROOT/pages/subprojects/apache-felix-web-console/web-console-security-provider.adoc">Edit this Page</a></div> |
| </div> |
| <div class="content"> |
| <article class="doc"> |
| <h1 class="page">Web Console Security Provider</h1> |
| <div id="preamble"> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>As of Apache Felix Web Console 3.1.0 security of the Web Console can be extended by providing a <code>WebConsoleSecurityProvicer</code> service. |
| An extension to this service has been introduced with the <code>WebConsoleSecurityProvider2</code> service in Apache Felix Web Console 3.1.4.</p> |
| </div> |
| <div class="paragraph"> |
| <p>As of Web Console 4.3.16 it is now possible to <em>require</em> a WebConsoleSecurityProvider service to be present in order for the Web Console to become active. |
| This can be used to prevent bypassing the security provider if this is provided asynchronously. |
| To do this, the WebConsoleSecurityProvider service needs to be registered with a <em>Service Registration</em> property to identify itself:</p> |
| </div> |
| <div class="literalblock"> |
| <div class="content"> |
| <pre>"webconsole.security.provider.id" = "my.security.provider"</pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>Then the Web Console can be informed about the security providers it needs to operate by setting the following <em>OSGi Framework</em> property:</p> |
| </div> |
| <div class="literalblock"> |
| <div class="content"> |
| <pre>"felix.webconsole.security.providers" = "my.security.provider"</pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>With this property specified, the Web Console will not activate until the service with the specified property is present. |
| Local login as typically done with <code>admin/password</code> is disabled when this property is specified.</p> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="_webconsolesecurityprovider"><a class="anchor" href="#_webconsolesecurityprovider"></a>WebConsoleSecurityProvider</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>The <code>WebConsoleSecurityProvider</code> service provides two methods:</p> |
| </div> |
| <div class="paragraph"> |
| <p>{code:java} /**</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Authenticates the user with the given user name and password. |
| *</p> |
| </li> |
| <li> |
| <p>@param username The name of the user presented by the client</p> |
| </li> |
| <li> |
| <p>@param password The password presented by the client</p> |
| </li> |
| <li> |
| <p>@return Some object representing the authenticated user indicating general</p> |
| </li> |
| <li> |
| <p>access to be granted to the web console. |
| If the user cannot be</p> |
| </li> |
| <li> |
| <p>authenticated (e.g. |
| unknown user name or wrong password) or the</p> |
| </li> |
| <li> |
| <p>user must not be allowed access to the web console at all</p> |
| </li> |
| <li> |
| <p><code>null</code> must be returned from this method. |
| */ public Object authenticate( String username, String password );</p> |
| </li> |
| </ul> |
| </div> |
| <div class="paragraph"> |
| <p>/**</p> |
| </div> |
| <div class="ulist"> |
| <ul> |
| <li> |
| <p>Checks whether bthe authenticated user has the given role permission. |
| *</p> |
| </li> |
| <li> |
| <p>@param user The object referring to the authenticated user. |
| This is the</p> |
| </li> |
| <li> |
| <p>object returned from the {@link #authenticate(String, String)}</p> |
| </li> |
| <li> |
| <p>method and will never be <code>null</code>.</p> |
| </li> |
| <li> |
| <p>@param role The requested role</p> |
| </li> |
| <li> |
| <p>@return <code>true</code> if the user is given permission for the given</p> |
| </li> |
| <li> |
| <p>role. |
| */ public boolean authorize( Object user, String role );</p> |
| </li> |
| </ul> |
| </div> |
| <div class="listingblock"> |
| <div class="content"> |
| <pre>{note} |
| Use of the {{authorize}} method is not currently implemented, though. Mainly this is because it is not readily clear, what exactly the {{role}} means. One possible interpretation could be that this is the label of the plugin whose access is checked. Or it might be a combination of the plugin called and the request method used. |
| {note} |
| |
| The drawback of the {{WebConsoleSecurityProvider}} interface is that it just provides a mechanism to check for a user name and password using HTTP BASIC authentication. If other authenication mechanisms should be used the {{WebConsoleSecurityProvider2}} interface introduced in Apache Felix Web Console 3.1.4 can be used. |
| |
| |
| h2. WebConsoleSecurityProvider2 |
| |
| The {{WebConsoleSecurityProvider2}} interface extends the {{WebConsoleSecurityProvider}} by a single method: |
| |
| {code:java} |
| /** |
| * The name of the request attribute providing the object representing the |
| * authenticated user. This object is used to call the |
| * {@link WebConsoleSecurityProvider#authorize(Object, String)} to |
| * authorize access for certain roles. |
| */ |
| String USER_ATTRIBUTE = "org.apache.felix.webconsole.user"; |
| |
| |
| /** |
| * Authenticates the given request or asks the client for credentials. |
| * <p> |
| * Implementations of this method are expected to respect and implement |
| * the semantics of the <code>HttpContext.handleSecurity</code> method |
| * as specified in the OSGi HTTP Service specification. |
| * <p> |
| * If this method returns <code>true</code> it is assumed the request |
| * provided valid credentials identifying the user as accepted to access |
| * the web console. In addition, the {@link #USER_ATTRIBUTE} request |
| * attribute must be set to a non-<code>null</code> object reference |
| * identifying the authenticated user. |
| * <p> |
| * If this method returns <code>false</code> the request to the web console |
| * is terminated without any more response sent back to the client. That is |
| * the implementation is expected to have informed the client in case of |
| * non-granted access. |
| * |
| * @param request The request object |
| * @param response The response object |
| * @return <code>true</code> If the request provided valid credentials. |
| */ |
| public boolean authenticate( HttpServletRequest request, HttpServletResponse response );</pre> |
| </div> |
| </div> |
| <div class="paragraph"> |
| <p>This method is in full control of authentication and thus has to extract the user credentials from the request and can also fail the request.</p> |
| </div> |
| </div> |
| </div> |
| <div class="sect1"> |
| <h2 id="_sample"><a class="anchor" href="#_sample"></a>Sample</h2> |
| <div class="sectionbody"> |
| <div class="paragraph"> |
| <p>A sample of a <code>WebConsoleSecurityProvider</code> service is the Apache Sling implementation <a href="http://svn.apache.org/repos/asf/sling/trunk/bundles/extensions/webconsolesecurityprovider/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/SlingWebConsoleSecurityProvider.java"><code>SlingWebConsoleSecurityProvider</code></a>. |
| This implementation uses a JCR implementation to login to the repository and thus validate the credentials.</p> |
| </div> |
| </div> |
| </div> |
| </article> |
| <aside class="toc sidebar" data-title="Contents" data-levels="2"> |
| <div class="toc-menu"></div> |
| </aside> |
| </div> |
| </main> |
| </div> |
| <footer class="footer"> |
| <p>Content licensed under AL2. UI licensed under MPL-2.0 with extensions licensed under AL2</p> |
| </footer> |
| <script src="../../../_/js/site.js"></script> |
| <script async src="../../../_/js/vendor/highlight.js"></script> |
| </body> |
| </html> |