cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Glen Mazza <glen.ma...@gmail.com>
Subject Re: Basic authentication works only for the first deployed application
Date Mon, 08 Oct 2012 10:54:19 GMT
I may be wrong here, but I think basic auth is for the server itself, 
not the individual web service endpoints, so whenever you validate the 
first time (whether to your first or second endpoint), the subsequent 
call to the other web service endpoint should work fine.

Glen

On 10/08/2012 04:04 AM, gasius wrote:
> Hi,
>
> I use CXF (2.4.6) over Jetty (7.4.5.v20110725) on ServiceMix 4.4.2. I need
> to expose some web services secured with basic authentication. So I created
> such bus configuration (only engine-factory part posted):
>
> /    <httpj:engine-factory bus="cxf">
>          <httpj:engine port="9081">
>              <httpj:handlers>
>                  <beans:bean
> class="org.eclipse.jetty.security.ConstraintSecurityHandler">
>                      <beans:property name="loginService"
> ref="securityLoginService" />
>                      <beans:property name="constraintMappings">
>                          <beans:list>
>                              <beans:ref bean="securityConstraintMapping" />
>                          </beans:list>
>                      </beans:property>
>                  </beans:bean>
>              </httpj:handlers>
>          </httpj:engine>
>      </httpj:engine-factory>
>      <beans:bean id="securityLoginService"
> class="org.eclipse.jetty.security.HashLoginService">
>          <beans:property name="name" value="WSRealm" />
>          <beans:property name="config" value="etc/jetty-realm.properties" />
>      </beans:bean>
>
>      <beans:bean id="securityConstraint"
> class="org.eclipse.jetty.http.security.Constraint">
>          <beans:property name="name" value="BASIC" />
>          <beans:property name="roles" value="admin" />
>          <beans:property name="authenticate" value="true" />
>      </beans:bean>
>   
>      <beans:bean id="securityConstraintMapping"
> class="org.eclipse.jetty.security.ConstraintMapping">
>          <beans:property name="constraint" ref="securityConstraint" />
>          <beans:property name="pathSpec" value="/*" />
>      </beans:bean>/
>
> And register it in OSGi service registry using name cxf-bus. Later in my
> Camel routes I set bus on endpoints like this:
>
> in first bundle:
> /cxf:bean:myFirstEndpoint?bus=#cxf-bus/
>
> in second bundle:
> /cxf:bean:mySecondEndpoint?bus=#cxf-bus/
>
> When I deploy first bundle and try to access endpoint basic authentication
> credentials are requested. But when I deploy second bundle I can access
> mySecondEndpoint without any authentication. If I uninstall both bundles and
> switch order of deployment then basic authentication works for the second
> bundle but do not for the first. What am I doing wrong? Is there some way to
> refresh security handler after I do subsequent deployments?
>
>
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/Basic-authentication-works-only-for-the-first-deployed-application-tp5715963.html
> Sent from the cxf-user mailing list archive at Nabble.com.


Mime
View raw message