camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sergey Beryozkin <sberyoz...@gmail.com>
Subject Re: Securing jaxrs REST interface with HTTP Basic auth
Date Mon, 20 May 2013 11:26:12 GMT
Hi
On 20/05/13 12:19, Martin Stiborský wrote:
> So far it seems for me that I have a big problem with architecture of
> the application.
> It was working well so far, the approach we used.
>
> I mean, these "camel-cxf:rsServer" elements, with classes describing
> REST interface following jax-rs.
> The REST classes were looking a little bit weird, as they "returning
> null" (http://www.javacodegeeks.com/2012/05/rest-endpoint-for-integration-using.html)
> but it was possible then to use the rest class directly in the start
> of a camel routes with "from("cxfrs:bean:something")".
>
> Is something like this possible with this way of registering jax-rs?
>
> <jaxrs:server id="customerService" address="/">
>          <jaxrs:serviceBeans>
>              <ref component-id="myServiceBean" />
>          </jaxrs:serviceBeans>
>          <jaxrs:providers>
>              <bean id="authorizationFilter" class="com.foo.HttpAuth"/>
>          </jaxrs:providers>
>      </jaxrs:server>
>

Yes, simply do

  <jaxrs:server id="customerService" 
address="camel:/myCamelTransportAddress">
           <jaxrs:serviceBeans>
               <ref component-id="myServiceBean" />
           </jaxrs:serviceBeans>
           <jaxrs:providers>
               <bean id="authorizationFilter" class="com.foo.HttpAuth"/>
           </jaxrs:providers>
       </jaxrs:server>

And use that in combination with Camel Servlet transport.
Also, have a look at the new Simple binding for cxfrs, available from 
Camel 2.11

Sergey



> The provider definitelly works like that, that's good. But everything
> else doesn't work :P
>
> On Mon, May 20, 2013 at 12:01 PM, Martin Stiborský
> <martin.stiborsky@gmail.com> wrote:
>> Ok, so it seems that implementing
>> org.apache.cxf.jaxrs.ext.RequestHandler could help me.
>> How to register such a provider then?
>>
>> We have REST interfaces created like this:
>>
>> <camel-cxf:rsServer id="restFoo" address="/rest/foo"
>>                          serviceClass="com.rest.FooRest"/>
>>
>> We have few of these. I'm not sure, it it's possible to register
>> jax-rs provider with this.
>>
>>
>> On Mon, May 20, 2013 at 10:02 AM, Ioan Eugen Stan <stan.ieugen@gmail.com> wrote:
>>> Hello Martin,
>>>
>>> I think you could try addding a Filter or Interceptor that does Basic
>>> Auth. If you're using CXF you could try something like [1]
>>>
>>> Hope it helps,
>>>
>>> [1] http://cxf.apache.org/docs/secure-jax-rs-services.html
>>>
>>> On Mon, May 20, 2013 at 10:48 AM, Martin Stiborský
>>> <martin.stiborsky@gmail.com> wrote:
>>>> Hello guys,
>>>> a joke is saying that a number of tabs opened in web browser related
>>>> to some problem could help you to estimate the time needed for
>>>> implementation.
>>>> I have now about 33 tabs opened :) I need to secure my REST interface,
>>>> with HTTP Basic auth.
>>>>
>>>> In the project, we are currently still with Camel 2.10.1 (not yet
>>>> resolved some troubles with upgrade to 2.11 :( ), we are using OSGi
>>>> and Aries blueprint. All deployed into Apache Karaf.
>>>>
>>>> Just a simple hint which way to go is goood enough for me.
>>>> Right now, I'm checking JAAS, but I'm really lost in this topic.
>>>>
>>>> --
>>>> S pozdravem / Best regards
>>>> Martin Stiborský
>>>>
>>>> Jabber: stibi@njs.netlab.cz
>>>> Twitter: http://www.twitter.com/stibi
>>>
>>>
>>>
>>> --
>>> Ioan Eugen Stan
>>> 0720 898 747
>>
>>
>>
>> --
>> S pozdravem / Best regards
>> Martin Stiborský
>>
>> Jabber: stibi@njs.netlab.cz
>> Twitter: http://www.twitter.com/stibi
>
>
>



Mime
View raw message