Use this procedure and the sample
login module that is installed with InfoSphere® Streams to
develop your own customized login module.
The InfoSphere Streams sample
login module is located in the $STREAMS_INSTALL/samples/security/ directory.
Before you begin
The following software is required to create and package
a customized login module:
Procedure
- Implement a standard javax.security.auth.spi.LoginModule interface.
InfoSphere Streams provides
an SPI OSGi bundle (com.ibm.streams.security.authc.jar) for adding
the following user and group principals that are specific to
InfoSphere Streams into
the authenticated subject when authentication is successful:
- com.ibm.streams.security.authc.UserPrincipal
- com.ibm.streams.security.authc.GroupPrincipal
For more information, see the sample login module in the $STREAMS_INSTALL/samples/security/ directory.
- Compile and package the implementation class files into
an OSGi bundle.
- In the bnd build.properties file,
update the bnd.path property and specify the
absolute path where the bnd .jar file is located.
Example:
bnd.path=/filepath/biz.aQute.bnd-2.4.1.jar
- Create a bnd.bnd file and add standard
OSGi manifest headers and the Java manifest
header Jaas-ModuleClass with the fully qualified
implementation class name.
Example:
Private-Package: com.ibm.streams.security.auth.module.xml.*
Export-Package: com.ibm.streams.security.auth.module.xml
Bundle-Activator: com.ibm.streams.security.auth.module.xml.Activator
Bundle-Version: ${version-build}
Jaas-ModuleClass: com.ibm.streams.security.auth.module.xml.SimpleUserLoginModule
- Run the InfoSphere Streams streamsprofile.sh script
by entering the following command:
source product-installation-root-directory/4.1.0.0/bin/streamsprofile.sh
- Run the Ant build.xml script by entering
the following command:
ant
This command creates the OSGi .jar file
for the customized login module in the build/bundles directory.
- Configure InfoSphere Streams to
use the login module.
- To install the login module, copy the OSGi .jar file
into the login module directory that is specified on the security.loginModulePath domain
property. The default directory is %STREAMS_USER_HOME%/.streams/var/security/modules.
- Update the JAAS login configuration file by using the streamtool
setloginconfig command. For more information
about this command, enter streamtool man setloginconfig.