A method to (re)configure existing contexts (for other bundles) using Configuration Admin


The background of this issue is:

  • cxf-rt-transports-http bundle registers /cxf servlet using plain org.osgi.service.http.HttpService#registerServlet() call

  • there's no easy way to, for example, configure BASIC authentication for /cxf

Keycloak project provides a tricky way to change this situation - by re-registering CXF servlet in http Service scoped for different (Keycloak's) bundle after registering login configuration (org.ops4j.pax.web.service.WebContainer#registerLoginConfig()) and adding security constraints (org.ops4j.pax.web.service.WebContainer#registerConstraintMapping). However, when org.apache.cxf.osgi PID changes, the Keycloak's re-registration is broken, because CXF registers another /cxf servlet in its own http service (risking duplicate alias mapping).

My idea is:

  • pax-web-runtime bundle registers ManagedServiceFactory that tracks org.ops4j.pax.web.context factory PIDs

  • each such PID from the above factory contains a declarative configuration (properties) that are used to register additional items (login config, context params, security constraints and e.g., filters - but that'd require classloading of filters' classes) inside any other bundle's WebContainer

  • source bundle, that called registerServlet() in its own bundle-scoped HttpService/WebContainer doesn't have to be aware of our additional configuration

Here's example of PID:

Having such facility inside pax-web-runtime gives me access to ServerController instance, so I can for example stop the context before adding context params / login configuration. Also some of the methods of should stop throwing IllegalStateException if the context has some already registered servlets. Instead the context should simply be restarted (just like its done currently if one simply registers two servlets in a row using HttpService).





Grzegorz Grzybek


Grzegorz Grzybek




Fix versions