FAQ
Hi,

I try to use JAAS authentication within a camel route using
SecurityHandler of Jetty

<bean id="loginService"
class="org.eclipse.jetty.plus.jaas.JAASLoginService">
<property name="name" value="karaf" />
<property name="loginModuleName" value="karaf" />
</bean>

<bean id="constraint" class="org.eclipse.jetty.http.security.Constraint">
<property name="name" value="BASIC"/>
<property name="roles" value="admin"/>
<property name="authenticate" value="true"/>
</bean>

<bean id="constraintMapping"
class="org.eclipse.jetty.security.ConstraintMapping">
<property name="constraint" ref="constraint"/>
<property name="pathSpec" value="/*"/>
</bean>

<bean id="securityHandler"
class="org.eclipse.jetty.security.ConstraintSecurityHandler">
<property name="authenticator">
<bean class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
</property>
<property name="constraintMappings">
<list>
<ref bean="constraintMapping"/>
</list>
</property>
<property name="loginService" ref="loginService" />
<property name="strict" value="false" />
</bean>

<camelContext trace="true" xmlns="http://camel.apache.org/schema/spring">
<route>
<from uri="jetty:http://localhost:8080/services?handlers=securityHandler"/>
<bean ref="responseBean"/>
<to
uri="log:org.apache.camel.ldap?level=INFO&amp;showAll=true&amp;multiline=true"/>
</route>
</camelContext>

The authentication works fine (I can provide the username + passord in
the prompt) except that after I get a NPE exception and camel-jetty
endpoint is not able to get any exchange
11:34:17,243 | WARN | -55 - /services/ |
log | .eclipse.jetty.util.log.Slf4jLog 40
61 - org.eclipse.jetty.util - 7.1.6.v20100715 | /services/:
java.lang.NullPointerException
11:34:17,243 | DEBUG | -55 - /services/ |
log | .eclipse.jetty.util.log.Slf4jLog 80
61 - org.eclipse.jetty.util - 7.1.6.v20100715 | EXCEPTION
java.lang.NullPointerException
      at
org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:489)[68:org.eclipse.jetty.security:7.1.6.v20100715]
      at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:113)[67:org.eclipse.jetty.server:7.1.6.v20100715]
      at
org.eclipse.jetty.server.Server.handle(Server.java:347)[67:org.eclipse.jetty.server:7.1.6.v20100715]
      at
org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:594)[67:org.eclipse.jetty.server:7.1.6.v20100715]
      at
org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:1042)[67:org.eclipse.jetty.server:7.1.6.v20100715]
      at
org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:549)[63:org.eclipse.jetty.http:7.1.6.v20100715]
      at
org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:211)[63:org.eclipse.jetty.http:7.1.6.v20100715]
      at
org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:424)[67:org.eclipse.jetty.server:7.1.6.v20100715]
      at
org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:506)[62:org.eclipse.jetty.io:7.1.6.v20100715]
      at
org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:436)[61:org.eclipse.jetty.util:7.1.6.v20100715]
      at java.lang.Thread.run(Thread.java:680)[:1.6.0_22]

Any idea is welcome ?

Regards,

Charles

Search Discussions

  • Willem Jiang at Dec 8, 2010 at 6:11 am
    Hi Charles,

    I just dug the code of SecurityHandler for a while, and found you didn't
    set the identiyService property on the loginService.
    SecurityHandler will not create a DefaultIdentiyService for you if the
    ScurityHandler's realmName is null.

    Maybe you can set the property of loginService with the
    DefaultIdentiyService.
    On 12/6/10 6:51 PM, Charles Moulliard wrote:
    Hi,

    I try to use JAAS authentication within a camel route using
    SecurityHandler of Jetty

    <bean id="loginService"
    class="org.eclipse.jetty.plus.jaas.JAASLoginService">
    <property name="name" value="karaf" />
    <property name="loginModuleName" value="karaf" />
    </bean>

    <bean id="constraint" class="org.eclipse.jetty.http.security.Constraint">
    <property name="name" value="BASIC"/>
    <property name="roles" value="admin"/>
    <property name="authenticate" value="true"/>
    </bean>

    <bean id="constraintMapping"
    class="org.eclipse.jetty.security.ConstraintMapping">
    <property name="constraint" ref="constraint"/>
    <property name="pathSpec" value="/*"/>
    </bean>

    <bean id="securityHandler"
    class="org.eclipse.jetty.security.ConstraintSecurityHandler">
    <property name="authenticator">
    <bean
    class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
    </property>
    <property name="constraintMappings">
    <list>
    <ref bean="constraintMapping"/>
    </list>
    </property>
    <property name="loginService" ref="loginService" />
    <property name="strict" value="false" />
    </bean>

    <camelContext trace="true" xmlns="http://camel.apache.org/schema/spring">
    <route>
    <from uri="jetty:http://localhost:8080/services?handlers=securityHandler"/>
    <bean ref="responseBean"/>
    <to
    uri="log:org.apache.camel.ldap?level=INFO&amp;showAll=true&amp;multiline=true"/>

    </route>
    </camelContext>

    The authentication works fine (I can provide the username + passord in
    the prompt) except that after I get a NPE exception and camel-jetty
    endpoint is not able to get any exchange
    11:34:17,243 | WARN | -55 - /services/ |
    log | .eclipse.jetty.util.log.Slf4jLog 40
    61 - org.eclipse.jetty.util - 7.1.6.v20100715 | /services/:
    java.lang.NullPointerException
    11:34:17,243 | DEBUG | -55 - /services/ |
    log | .eclipse.jetty.util.log.Slf4jLog 80
    61 - org.eclipse.jetty.util - 7.1.6.v20100715 | EXCEPTION
    java.lang.NullPointerException
    at
    org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:489)[68:org.eclipse.jetty.security:7.1.6.v20100715]

    at
    org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:113)[67:org.eclipse.jetty.server:7.1.6.v20100715]

    at
    org.eclipse.jetty.server.Server.handle(Server.java:347)[67:org.eclipse.jetty.server:7.1.6.v20100715]

    at
    org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:594)[67:org.eclipse.jetty.server:7.1.6.v20100715]

    at
    org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:1042)[67:org.eclipse.jetty.server:7.1.6.v20100715]

    at
    org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:549)[63:org.eclipse.jetty.http:7.1.6.v20100715]

    at
    org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:211)[63:org.eclipse.jetty.http:7.1.6.v20100715]

    at
    org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:424)[67:org.eclipse.jetty.server:7.1.6.v20100715]

    at
    org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:506)[62:org.eclipse.jetty.io:7.1.6.v20100715]

    at
    org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:436)[61:org.eclipse.jetty.util:7.1.6.v20100715]

    at java.lang.Thread.run(Thread.java:680)[:1.6.0_22]

    Any idea is welcome ?

    Regards,

    Charles

    --
    Willem
    ----------------------------------
    FuseSource
    Web: http://www.fusesource.com
    Blog: http://willemjiang.blogspot.com (English)
               http://jnn.javaeye.com (Chinese)
    Twitter: willemjiang
  • Charles Moulliard at Dec 8, 2010 at 8:22 am
    Hi Willem,

    Thx. Your idea is brillant. I have added a DefaultIdentityService to the
    SecurityHandler and the error does not longer appear.
    I get a HTTP 403 error code when a HttpClient (launched from IntelliJ)
    tries to connect the camel-jetty route deployed in karaf.
    Do you have an idea ?

    Regards,

    Charles
    On 08/12/10 07:10, Willem Jiang wrote:
    Hi Charles,

    I just dug the code of SecurityHandler for a while, and found you
    didn't set the identiyService property on the loginService.
    SecurityHandler will not create a DefaultIdentiyService for you if the
    ScurityHandler's realmName is null.

    Maybe you can set the property of loginService with the
    DefaultIdentiyService.
    On 12/6/10 6:51 PM, Charles Moulliard wrote:
    Hi,

    I try to use JAAS authentication within a camel route using
    SecurityHandler of Jetty

    <bean id="loginService"
    class="org.eclipse.jetty.plus.jaas.JAASLoginService">
    <property name="name" value="karaf" />
    <property name="loginModuleName" value="karaf" />
    </bean>

    <bean id="constraint"
    class="org.eclipse.jetty.http.security.Constraint">
    <property name="name" value="BASIC"/>
    <property name="roles" value="admin"/>
    <property name="authenticate" value="true"/>
    </bean>

    <bean id="constraintMapping"
    class="org.eclipse.jetty.security.ConstraintMapping">
    <property name="constraint" ref="constraint"/>
    <property name="pathSpec" value="/*"/>
    </bean>

    <bean id="securityHandler"
    class="org.eclipse.jetty.security.ConstraintSecurityHandler">
    <property name="authenticator">
    <bean
    class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
    </property>
    <property name="constraintMappings">
    <list>
    <ref bean="constraintMapping"/>
    </list>
    </property>
    <property name="loginService" ref="loginService" />
    <property name="strict" value="false" />
    </bean>

    <camelContext trace="true"
    xmlns="http://camel.apache.org/schema/spring">
    <route>
    <from
    uri="jetty:http://localhost:8080/services?handlers=securityHandler"/>
    <bean ref="responseBean"/>
    <to
    uri="log:org.apache.camel.ldap?level=INFO&amp;showAll=true&amp;multiline=true"/>


    </route>
    </camelContext>

    The authentication works fine (I can provide the username + passord in
    the prompt) except that after I get a NPE exception and camel-jetty
    endpoint is not able to get any exchange
    11:34:17,243 | WARN | -55 - /services/ |
    log | .eclipse.jetty.util.log.Slf4jLog 40
    61 - org.eclipse.jetty.util - 7.1.6.v20100715 | /services/:
    java.lang.NullPointerException
    11:34:17,243 | DEBUG | -55 - /services/ |
    log | .eclipse.jetty.util.log.Slf4jLog 80
    61 - org.eclipse.jetty.util - 7.1.6.v20100715 | EXCEPTION
    java.lang.NullPointerException
    at
    org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:489)[68:org.eclipse.jetty.security:7.1.6.v20100715]


    at
    org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:113)[67:org.eclipse.jetty.server:7.1.6.v20100715]


    at
    org.eclipse.jetty.server.Server.handle(Server.java:347)[67:org.eclipse.jetty.server:7.1.6.v20100715]


    at
    org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:594)[67:org.eclipse.jetty.server:7.1.6.v20100715]


    at
    org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:1042)[67:org.eclipse.jetty.server:7.1.6.v20100715]


    at
    org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:549)[63:org.eclipse.jetty.http:7.1.6.v20100715]


    at
    org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:211)[63:org.eclipse.jetty.http:7.1.6.v20100715]


    at
    org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:424)[67:org.eclipse.jetty.server:7.1.6.v20100715]


    at
    org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:506)[62:org.eclipse.jetty.io:7.1.6.v20100715]


    at
    org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:436)[61:org.eclipse.jetty.util:7.1.6.v20100715]


    at java.lang.Thread.run(Thread.java:680)[:1.6.0_22]

    Any idea is welcome ?

    Regards,

    Charles
  • Willem Jiang at Dec 8, 2010 at 8:50 am
    Hi Charles,

    Is there any minor code if of the 403 error?
    Not sure if the authentication is OK, Can you check the security log for
    it ?
    On 12/8/10 4:21 PM, Charles Moulliard wrote:
    Hi Willem,

    Thx. Your idea is brillant. I have added a DefaultIdentityService to the
    SecurityHandler and the error does not longer appear.
    I get a HTTP 403 error code when a HttpClient (launched from IntelliJ)
    tries to connect the camel-jetty route deployed in karaf.
    Do you have an idea ?

    Regards,

    Charles
    On 08/12/10 07:10, Willem Jiang wrote:
    Hi Charles,

    I just dug the code of SecurityHandler for a while, and found you
    didn't set the identiyService property on the loginService.
    SecurityHandler will not create a DefaultIdentiyService for you if the
    ScurityHandler's realmName is null.

    Maybe you can set the property of loginService with the
    DefaultIdentiyService.
    On 12/6/10 6:51 PM, Charles Moulliard wrote:
    Hi,

    I try to use JAAS authentication within a camel route using
    SecurityHandler of Jetty

    <bean id="loginService"
    class="org.eclipse.jetty.plus.jaas.JAASLoginService">
    <property name="name" value="karaf" />
    <property name="loginModuleName" value="karaf" />
    </bean>

    <bean id="constraint"
    class="org.eclipse.jetty.http.security.Constraint">
    <property name="name" value="BASIC"/>
    <property name="roles" value="admin"/>
    <property name="authenticate" value="true"/>
    </bean>

    <bean id="constraintMapping"
    class="org.eclipse.jetty.security.ConstraintMapping">
    <property name="constraint" ref="constraint"/>
    <property name="pathSpec" value="/*"/>
    </bean>

    <bean id="securityHandler"
    class="org.eclipse.jetty.security.ConstraintSecurityHandler">
    <property name="authenticator">
    <bean
    class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
    </property>
    <property name="constraintMappings">
    <list>
    <ref bean="constraintMapping"/>
    </list>
    </property>
    <property name="loginService" ref="loginService" />
    <property name="strict" value="false" />
    </bean>

    <camelContext trace="true"
    xmlns="http://camel.apache.org/schema/spring">
    <route>
    <from
    uri="jetty:http://localhost:8080/services?handlers=securityHandler"/>
    <bean ref="responseBean"/>
    <to
    uri="log:org.apache.camel.ldap?level=INFO&amp;showAll=true&amp;multiline=true"/>


    </route>
    </camelContext>

    The authentication works fine (I can provide the username + passord in
    the prompt) except that after I get a NPE exception and camel-jetty
    endpoint is not able to get any exchange
    11:34:17,243 | WARN | -55 - /services/ |
    log | .eclipse.jetty.util.log.Slf4jLog 40
    61 - org.eclipse.jetty.util - 7.1.6.v20100715 | /services/:
    java.lang.NullPointerException
    11:34:17,243 | DEBUG | -55 - /services/ |
    log | .eclipse.jetty.util.log.Slf4jLog 80
    61 - org.eclipse.jetty.util - 7.1.6.v20100715 | EXCEPTION
    java.lang.NullPointerException
    at
    org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:489)[68:org.eclipse.jetty.security:7.1.6.v20100715]


    at
    org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:113)[67:org.eclipse.jetty.server:7.1.6.v20100715]


    at
    org.eclipse.jetty.server.Server.handle(Server.java:347)[67:org.eclipse.jetty.server:7.1.6.v20100715]


    at
    org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:594)[67:org.eclipse.jetty.server:7.1.6.v20100715]


    at
    org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:1042)[67:org.eclipse.jetty.server:7.1.6.v20100715]


    at
    org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:549)[63:org.eclipse.jetty.http:7.1.6.v20100715]


    at
    org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:211)[63:org.eclipse.jetty.http:7.1.6.v20100715]


    at
    org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:424)[67:org.eclipse.jetty.server:7.1.6.v20100715]


    at
    org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:506)[62:org.eclipse.jetty.io:7.1.6.v20100715]


    at
    org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:436)[61:org.eclipse.jetty.util:7.1.6.v20100715]


    at java.lang.Thread.run(Thread.java:680)[:1.6.0_22]

    Any idea is welcome ?

    Regards,

    Charles

    --
    Willem
    ----------------------------------
    FuseSource
    Web: http://www.fusesource.com
    Blog: http://willemjiang.blogspot.com (English)
               http://jnn.javaeye.com (Chinese)
    Twitter: willemjiang
  • Contactreji at Sep 3, 2013 at 3:52 am
    Hi Charles

    I am also in the task of achieving the JAAS auth. I need your help.
    Would you mind posting the dependencies you have used. Would be really nice
    if you let me know how did you configure the JAAS. Have you pasted the above
    code in a separate XML file?

    I am getting issues with resolving dependency. Could you post a copy of your
    POM file and the Jetty/Conduit configuration which you have used.

    Cheers
    Reji



    --
    View this message in context: http://camel.465427.n5.nabble.com/camel-jetty-authentication-JAAS-tp3293819p5738549.html
    Sent from the Camel - Users mailing list archive at Nabble.com.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupusers @
categoriescamel
postedDec 6, '10 at 10:51a
activeSep 3, '13 at 3:52a
posts5
users3
websitecamel.apache.org

People

Translate

site design / logo © 2022 Grokbase