Upgrade jolokia-osgi to enable use of "authMode=service-all". This
was added by:
https://github.com/rhuss/jolokia/commit/ \
1441b0df476e7bb5728d32210e13d18aaaa783cb
A corresponding patch is added in AAA to add an Authenticator to the
OSGi service registry which is backed by ODL AAA.
This closes the vulnerability of using plaintext credentials for
odl-jolokia, and also centralizes credential management.
Change-Id: I5d3a63e47adefbcae96f3794b51da69a3f4980c5
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
<dependency>
<groupId>org.jolokia</groupId>
<artifactId>jolokia-osgi</artifactId>
<dependency>
<groupId>org.jolokia</groupId>
<artifactId>jolokia-osgi</artifactId>
+ <!-- TODO: remove once the version upgrade makes it to odlparent -->
+ <version>1.5.0</version>
</dependency>
<dependency>
<!-- finalname="/etc/org.jolokia.osgi.cfg" -->
</dependency>
<dependency>
<!-- finalname="/etc/org.jolokia.osgi.cfg" -->
#ODL Default Jolokia Configuration File
#ODL Default Jolokia Configuration File
-org.jolokia.authMode=basic
-org.jolokia.user=admin
-org.jolokia.password=admin
+
+# The default strategy is to use "service-all", which requires AAA to be installed to access
+# Jolokia REST endpoints at runtime. AAA is responsible for creating and registering the
+# Authenticator service with the OSGi service registry.
+org.jolokia.authMode=service-all
+
+# The below may be uncommented by the operator to enable basic authentication for Jolokia. Prior
+# to the Oxygen release, only basic authentication was available. This is provided to show how
+# backwards compatibility can be achieved.
+#org.jolokia.authMode=basic
+#org.jolokia.user=admin
+#org.jolokia.password=admin
Code Review / controller.git / commitdiff