karaf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Honey Goyal <er.honey2...@gmail.com>
Subject Re: Securing Apache CXF & Apache Camel
Date Thu, 03 Apr 2014 09:46:46 GMT
Hi,

Now, i tried to login my application. I have set base64String encoding of
"username:password" request header. I got the warning in karaf logs i.e

2014-04-03 14:38:19,037 | WARN  | qtp1894778131-69 |
JAASLoginInterceptor             | 230 - org.apache.cxf.cxf-rt-core - 2.7.8
| No user name and/or password is available, name: null, password: null


This is my live header request log.

==========>>>>>>>>>>>
http://localhost:8181/cxf/security/api_auth/registerCustomer

GET /cxf/security/api_auth/registerCustomer HTTP/1.1
Host: localhost:8181
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:26.0) Gecko/20100101
Firefox/26.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Authorization: Basic RGVtb0N1c3RvbWVyOjEyMzQ1Ng==

HTTP/1.1 401 Unauthorized
Content-Length: 0
Date: Thu, 03 Apr 2014 09:17:46 GMT
WWW-Authenticate: Basic
Server: Jetty(8.1.14.v20131031)
<<<<<<<<======================



<?xml version="1.0" encoding="UTF-8"?>
<blueprint
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
    xmlns:camel="http://camel.apache.org/schema/blueprint"
    xmlns:cxf="http://camel.apache.org/schema/blueprint/cxf"
    xmlns:cm="http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.0.0"
    xsi:schemaLocation="
        http://www.osgi.org/xmlns/blueprint/v1.0.0
http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
        http://camel.apache.org/schema/blueprint/cxf
http://camel.apache.org/schema/blueprint/cxf/camel-cxf.xsd
        http://camel.apache.org/schema/blueprint
http://camel.apache.org/schema/blueprint/camel-blueprint.xsd" >

    <cm:property-placeholder persistent-id="com.xxxx.cp.securitytoken">
        <cm:default-properties>
            <cm:property name="kazoo.api.url" value="http://localhost:80/v1"
/>
        </cm:default-properties>
    </cm:property-placeholder>


   <cxf:rsServer id="rsServer" address="/security"
serviceClass="com.xxxx.cp.securitytoken.SecurityTokenServiceImpl">
        <cxf:providers>
               <ref component-id="authorizationFilter"/>
        </cxf:providers>
   </cxf:rsServer>


   <bean id="authorizationFilter"
class="org.apache.cxf.jaxrs.security.JAASAuthenticationFilter">
        <property name="contextName" value="myJaasRealm"/>
    </bean>

    <camelContext xmlns="http://camel.apache.org/schema/blueprint"
id="security">
        <route>
            <from uri="cxfrs://bean://rsServer"/>
            <to uri="{{kazoo.api.url}}?bridgeEndpoint=true" />
        </route>
    </camelContext>

</blueprint>

Please give me some suggestions.

Thanks,
Honey Goyal


On Wed, Apr 2, 2014 at 6:37 PM, Honey Goyal <er.honey2012@gmail.com> wrote:

> ok, so i can manage multiple realm as documentation said ldap, jdbc,
> properties. Well i was trying to make a client side restful call using
> browser's client add-on plugin. I don't know how and where to set username
> and password to make it working. Should i encode bytes of
> 'username:password' in base64?? My web application is written in angularJS.
> suggestions?
>
>
> On Wed, Apr 2, 2014 at 6:15 PM, jbonofre [via Karaf] <
> ml-node+s922171n4032537h72@n3.nabble.com> wrote:
>
>> Hi Honey,
>>
>> Karaf itself provide realm that CXF can leverages.
>>
>> You can take a look on the jaas:* commands and the documentation:
>> http://karaf.apache.org/manual/latest/users-guide/security.html
>>
>> Regards
>> JB
>>
>> On 04/02/2014 02:05 PM, [hidden email]<http://user/SendEmail.jtp?type=node&node=4032537&i=0>wrote:
>>
>> > Hi,
>> >
>> > Every thing is fine now, i was wondering where and how to set username
>> and
>> > password in restful service as i am using CXF filters
>> > JAASAuthenticationFilter. One thing more can i change JAAS realm
>> dynamically
>> > so i use like a multitenant system?
>> >
>> > Thanks,
>> > Honey Goyal
>> >
>> >
>> >
>> > --
>> > View this message in context:
>> http://karaf.922171.n3.nabble.com/Securing-Apache-CXF-Apache-Camel-tp4032525p4032536.html
>>
>> > Sent from the Karaf - Dev mailing list archive at Nabble.com.
>> >
>>
>> --
>> Jean-Baptiste Onofré
>> [hidden email] <http://user/SendEmail.jtp?type=node&node=4032537&i=1>
>> http://blog.nanthrax.net
>> Talend - http://www.talend.com
>>
>>
>> ------------------------------
>>  If you reply to this email, your message will be added to the
>> discussion below:
>>
>> http://karaf.922171.n3.nabble.com/Securing-Apache-CXF-Apache-Camel-tp4032525p4032537.html
>>  To unsubscribe from Securing Apache CXF & Apache Camel, click here<http://karaf.922171.n3.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=4032525&code=ZXIuaG9uZXkyMDEyQGdtYWlsLmNvbXw0MDMyNTI1fC0xOTIzNzA4OTQ=>
>> .
>> NAML<http://karaf.922171.n3.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
>>
>
>




--
View this message in context: http://karaf.922171.n3.nabble.com/Securing-Apache-CXF-Apache-Camel-tp4032525p4032556.html
Sent from the Karaf - Dev mailing list archive at Nabble.com.

Mime
View raw message