23 Mar 2011
ServiceMix with LDAP based authentication
It’s possible to configure LDAP based authentication in ServiceMix. We recently added a complete tutorial in the FUSE ESB Security Guide. It provides step-by-step instructions and screenshots based on the Open Source LDAP server ApacheDS.
Anyone having to configure LDAP in SMX, check out chapter 4 "LDAP Authentication Tutorial".
10 Mar 2011
How to SSL enable the ServiceMix web console?
ServiceMix 4 comes with a useful web console. It needs to be installed manually; it is not deployed out of the box:
karaf@root> features:install webconsole
... and thereafter the console can be accessed using URL:
http://localhost:8181/system/console/bundles
(applies to 4.3.1, URL might differ on other versions of SMX).
In order to secure the console to use HTTPS, it is necessary to create a file
$KARAF_HOME/etc/org.ops4j.pax.web.cfg
and configure it using any of the property keywords defined in this WebContainerConstants class.
Here is a possible example:
# configures the SMX Web Console to use SSL
#
# @SeeAlso: https://github.com/ops4j/org.ops4j.pax.web/blob/master/pax-web-api/src/main/java/org/ops4j/pax/web/service/WebContainerConstants.java
# for possible configuration properties
org.osgi.service.http.enabled=false
org.osgi.service.http.port=8181
org.osgi.service.http.secure.enabled=true
org.osgi.service.http.port.secure=8183
org.ops4j.pax.web.ssl.keystore=/path/to/keystore.ks
org.ops4j.pax.web.ssl.keystore.type=JKS
org.ops4j.pax.web.ssl.password=blah
org.ops4j.pax.web.ssl.keypassword=bluh
org.ops4j.pax.web.ssl.clientauthwanted=false
org.ops4j.pax.web.ssl.clientauthneeded=false
Make sure to access the web console using https:// after applying this configuration.
;-)