|
|
|
|
|
The RemoteServiceInvoker extends the mechanism of invoking remote services. Typically the remote service dispatcher has build-in capabilities of invoking the remote service. That mechanism, however, does not implement custom security mechanism or context switching for resource management. This service can be used to customize that process, and provide product/application-specific logic that is more secure and tightly coupled with the current environment and setup. It is an optional service. If it is available in the system all invocations of remote service go through that service. Otherwise, the JSON-RPC distribution provider will invoke the remote services by itself.
The default implementation of the RemoteServiceInvoker relies on the presence of the org.osgi.service.http.authentication.remote.user attribute in the HTTP requests context in order to identify the remote user and associate it with a valid entity in the OSGi UserAdmin service which correlates to an identity of type useradmin in the PolicyAdmin service. If the attribute org.osgi.service.http.authentication.remote.user is not present in the HTTP session or its value does not correlate to a valid useradmin identity, then the default implementation will not work and a custom implementation must be provided instead.
More details can be found in the Extended JSON-RPC Java API.
Registering Bundle
The service is registered by the JSON-RPC Policy Invoker bundle.