cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sergey Beryozkin <sberyoz...@gmail.com>
Subject Re: [DOSGI] How do i register an interceptor on an endpoint registered through Declarative Services?
Date Tue, 27 Sep 2016 15:05:05 GMT
Hi

There are two issues here.
First - why DOSGI JAX-RS code is not reacting to the in interceptor 
class name, can you put a breakpoint here please:

https://github.com/apache/cxf-dosgi/blob/cxf-dosgi-ri-1.8.0/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClassUtils.java#L97

It might be that some different way of registering them is needed.

Second: Christian removed this code in DOSGI 2.0 so the question is how 
they can be registered in 2.0.

Cheers, Sergey

On 27/09/16 14:45, Martin Nielsen wrote:
> Hello everyone.
>
> I am working with CXF DOSGi for the first time. The task at the moment is
> to build a declarative services component which registeres an endpoint and
> an interceptor. The endpoint will run on an 2way SSL enabled connection,
> and the interceptor should read the incomming client certificate. SO far I
> managed to get an endpoint working through a declarative services endpoint,
> and i got one way SSL working (Maybe 2way as well, we will get to that).
> Now i am trying to add an interceptor, which should read the incomming
> client certificate.
>
> And that is where i fail. The interceptor does not seem to be working. It
> does not log anything, neither in the constructor or in the handleMessage
> method.
>
> Can someone please take a look and tell my where my mistake is? The
> interceptor should be called before the end endpoint methods are invoked,
> whenever the REST service is called. But right now i can call the endpoint
> methods just fine though SSL, but the interceptor is never called, which
> makes it hard for me to know if 2way SSL is currently working or not.
>
> I don't expect 1 and 2way SSL to have anything at all to do with this, but
> i am mentioning it because i'm ignorant (Just in case) :)
>
> Versions:
> CXF 3.1.6
> CXF-DOSGI 1.8.0
>
>
> My interceptor:
> import java.security.cert.Certificate;
> import java.security.cert.X509Certificate;
> import org.apache.cxf.interceptor.Fault;
> import org.apache.cxf.message.Message;
> import org.apache.cxf.phase.AbstractPhaseInterceptor;
> import org.apache.cxf.phase.Phase;
> import org.apache.cxf.security.transport.TLSSessionInfo;
> import org.slf4j.Logger;
> import org.slf4j.LoggerFactory;
>
> public class CertificateInterceptor extends AbstractPhaseInterceptor {
>
>     private static final Logger LOGGER =
> LoggerFactory.getLogger(CertificateInterceptor.class);
>
>     public CertificateInterceptor() {
> super(Phase.RECEIVE);
> LOGGER.debug("Starting certificate interceptor");
>     }
>
>     public void handleMessage(Message message) throws Fault {
> LOGGER.debug("Handling message: "+message.getId());
> TLSSessionInfo tlsSessionInfo = (TLSSessionInfo) message
> .get(TLSSessionInfo.class);
> if (tlsSessionInfo != null) {
>    Certificate[] peerCerts = tlsSessionInfo.getPeerCertificates();
>    LOGGER.info("Discovered TLSSession: "+tlsSessionInfo);
>    if (peerCerts != null) {
> for (int i = 0; i < peerCerts.length; i++) {
>    X509Certificate x509certificate = (X509Certificate) peerCerts[i];
>    LOGGER.info("Retrieved certificate: " +
> x509certificate.getSubjectDN().getName() + " pubkey: " +
> x509certificate.getPublicKey());
> }
>    }
>
> } else {
>    LOGGER.info("NO x509certificate");
> }
>     }
>
> }
>
>
> My endpoint:
>
>
> @Component(property = {
> "service.exported.interfaces=*", "service.exported.configs=org.apache.cxf.rs
> ",
> "org.apache.cxf.rs.httpservice.context="+LicenseServiceEndpoint.endpoint,
> "org.apache.cxf.rs.in.interceptors=com.polis.licensing.server.rest.interceptor.CertificateInterceptor"})
> public class LicenseServiceEndpoint implements LicenseServiceRest{
>     public static final String endpoint = "/polis/licenseservice";
>     private List<ServiceRegistration<MessageBodyReader>> readerRefs = new
> ArrayList<>();
>     private List<ServiceRegistration<MessageBodyWriter>> writerRefs = new
> ArrayList<>();
>
>
> ...Various endpoint-methods...
>
>     @Activate
>     public void activate(BundleContext context) throws Exception{
> registerProvider(context, new CertificateRequestProvider()); //<--- This is
> a messagebodyreader/writer. It should be irrelevant for this question
>     }
>
>     @Deactivate
>     public void deactivate(BundleContext context) throws Exception{
> for(int i = readerRefs.size()-1 ; i>=0 ; i--){
>    readerRefs.get(i).unregister();
>    readerRefs.remove(i);
> }
> for(int i = writerRefs.size()-1 ; i>=0 ; i--){
>    writerRefs.get(i).unregister();
>    writerRefs.remove(i);
> }
>     }
>
>     private <E extends MessageBodyReader & MessageBodyWriter> void
> registerProvider(BundleContext context, E provider){
> readerRefs.add(context.registerService(MessageBodyReader.class, provider,
> null));
> writerRefs.add(context.registerService(MessageBodyWriter.class, provider,
> null));
>     }
>
> }
>
>
> Thank you in advance for your usual helpful demeanor:)
>
> -Martin
>


-- 
Sergey Beryozkin

Talend Community Coders
http://coders.talend.com/

Mime
View raw message