IBM InfoSphere Streams Version 4.1.0

Developing user-defined login modules for InfoSphere Streams

Use this procedure and the sample login module that is installed with InfoSphere® Streams to develop your own customized login module.

The InfoSphere Streams sample login module is located in the $STREAMS_INSTALL/samples/security/ directory.

Before you begin

The following software is required to create and package a customized login module:

Apache Ant 1.9 or the latest stable version, which is available on the Apache Ant Project website.
bnd 2.4.1 or the latest stable version, which is available on the aQute - Software Consultancy website.

Procedure

Implement a standard javax.security.auth.spi.LoginModule interface.
For instructions, see the following Java™ Authentication and Authorization Service (JAAS) documentation on the Oracle Java Platform Standard Edition 8 Documentation website:
- JAAS LoginModule Developer's Guide
- JAAS Reference Guide
InfoSphere Streams provides an SPI OSGi bundle (com.ibm.streams.security.authc.jar) for adding the following user and group principals that are specific to InfoSphere Streams into the authenticated subject when authentication is successful:
- com.ibm.streams.security.authc.UserPrincipal
- com.ibm.streams.security.authc.GroupPrincipal
For more information, see the sample login module in the $STREAMS_INSTALL/samples/security/ directory.
Compile and package the implementation class files into an OSGi bundle.
1. In the bnd build.properties file, update the bnd.path property and specify the absolute path where the bnd .jar file is located.
  Example:
```
  bnd.path=/filepath/biz.aQute.bnd-2.4.1.jar
```
2. Create a bnd.bnd file and add standard OSGi manifest headers and the Java manifest header Jaas-ModuleClass with the fully qualified implementation class name.
  Example:
```
Private-Package: com.ibm.streams.security.auth.module.xml.*
Export-Package: com.ibm.streams.security.auth.module.xml
Bundle-Activator: com.ibm.streams.security.auth.module.xml.Activator
Bundle-Version: ${version-build} 
Jaas-ModuleClass: com.ibm.streams.security.auth.module.xml.SimpleUserLoginModule
```
Run the InfoSphere Streams streamsprofile.sh script by entering the following command:
```
  source product-installation-root-directory/4.1.0.0/bin/streamsprofile.sh
```
Run the Ant build.xml script by entering the following command:
```
  ant
```
This command creates the OSGi .jar file for the customized login module in the build/bundles directory.
Configure InfoSphere Streams to use the login module.
1. To install the login module, copy the OSGi .jar file into the login module directory that is specified on the security.loginModulePath domain property. The default directory is %STREAMS_USER_HOME%/.streams/var/security/modules.
2. Update the JAAS login configuration file by using the streamtool setloginconfig command. For more information about this command, enter streamtool man setloginconfig.