karaf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Guillaume Nodet <gno...@gmail.com>
Subject Re: Jetty + security + camel servlet
Date Mon, 20 Dec 2010 14:15:55 GMT
I'd use JAAS as there's no need to tie to jetty in that case.
You can find an implementation of HttpContext in the webconsole:

On Mon, Dec 20, 2010 at 15:08, Charles Moulliard <cmoulliard@gmail.com> wrote:
> As I configure the camelServlet using a Servlet Activator, I will follow the
> way of OSGI and
> org.osgi.service.http.HttpContext
> Do you suggest to call JAAS or to register the handlers required by Jetty in
> the osgi servlet?
> On 20/12/10 14:59, Guillaume Nodet wrote:
>> On Mon, Dec 20, 2010 at 14:42, Charles Moulliard<cmoulliard@gmail.com>
>>  wrote:
>>> Hi,
>>> I would like to start a discussion around the following point as it does
>>> not
>>> seem obvious to find an answer. To authenticate a HTTP user with camel on
>>> Karaf we can use the component camel-jetty and camel-servlet. Jetty +
>>> JAAS +
>>> camel can be easily configured using Spring beans + securityHandler with
>>> camel but this does not seem the case with camel-servlet.
>>> The component camel-servlet does not accept as parameter a handler(s) for
>>> Jetty. This is normal as camel can be deployed in different Application
>>> Servers which are not build with Jetty. So what alternative(s) exist to
>>> configure camel-servlet with Jetty + JAAS on Karaf ? Using jetty.xml (in
>>> etc
>>> folder) but how to link camel servlet with jetty security handler ?
>> Unless I'm wrong, when you use camel-servlet, you're responsible for
>> setting up the CamelHttpTransportServlet servlet.
>> In OSGi, it could be done either using a standard web application
>> (deployed using the war support), or directly using the OSGi HTTP
>> service.  In the former case, you'd have to configure the web.xml for
>> security.  In the latter case, you need to use the OSGi HTTP service
>> api to properly configure the security bits (by implementing
>> org.osgi.service.http.HttpContext interface).
>> I agree we could have an example of showing the last way in camel .
>> Configuring the war for security isn't specific to OSGi or Camel fwiw.
>>> Regards,
>>> Charles

Guillaume Nodet
Blog: http://gnodet.blogspot.com/
Open Source SOA

View raw message