karaf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Charles Moulliard <cmoulli...@gmail.com>
Subject Re: camel-jetty + authentication JAAS
Date Tue, 07 Dec 2010 08:53:03 GMT
Hi Achim,

Thanks for the trick. I can authenticate my user using LDAP realm 
deployed on Karaf. Nevertheless, the following error is still there


09:35:08,655 | DEBUG | 9 - /favicon.ico | 
log                              | .eclipse.jetty.util.log.Slf4jLog   70 
| 61 - org.eclipse.jetty.util - 7.1.6.v20100715 | REQUEST /favicon.ico 
on org.eclipse.jetty.server.nio.SelectChannelConnector$2@2ad7532
09:35:08,662 | WARN  | 9 - /favicon.ico | 
log                              | .eclipse.jetty.util.log.Slf4jLog   40 
| 61 - org.eclipse.jetty.util - 7.1.6.v20100715 | /favicon.ico: 
java.lang.NullPointerException
09:35:08,662 | DEBUG | 9 - /favicon.ico | 
log                              | .eclipse.jetty.util.log.Slf4jLog   80 
| 61 - org.eclipse.jetty.util - 7.1.6.v20100715 | EXCEPTION
java.lang.NullPointerException
     at 
org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:489)[68:org.eclipse.jetty.security:7.1.6.v20100715]
     at 
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:113)[67:org.eclipse.jetty.server:7.1.6.v20100715]
     at 
org.eclipse.jetty.server.Server.handle(Server.java:347)[67:org.eclipse.jetty.server:7.1.6.v20100715]
     at 
org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:594)[67:org.eclipse.jetty.server:7.1.6.v20100715]
     at 
org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:1042)[67:org.eclipse.jetty.server:7.1.6.v20100715]
     at 
org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:549)[63:org.eclipse.jetty.http:7.1.6.v20100715]
     at 
org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:211)[63:org.eclipse.jetty.http:7.1.6.v20100715]
     at 
org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:424)[67:org.eclipse.jetty.server:7.1.6.v20100715]
     at 
org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:506)[62:org.eclipse.jetty.io:7.1.6.v20100715]
     at 
org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:436)[61:org.eclipse.jetty.util:7.1.6.v20100715]
     at java.lang.Thread.run(Thread.java:680)[:1.6.0_22]


after the authentication and the camel route does not receive any exchange.

When looking to the SecurityHandler class of eclipse jetty, the NPE can 
come from the fact that the IdentityService cannot be removed because it 
has not been created (see error hereunder)

09:34:42,508 | DEBUG | ExtenderThread-2 | 
log                              | .eclipse.jetty.util.log.Slf4jLog   80 
| 61 - org.eclipse.jetty.util - 7.1.6.v20100715 | EXCEPTION
java.lang.IllegalStateException: No IdentityService for 
org.eclipse.jetty.security.authentication.BasicAuthenticator@25d3e3f3 in 
ConstraintSecurityHandler@32ecabac
     at 
org.eclipse.jetty.security.authentication.LoginAuthenticator.setConfiguration(LoginAuthenticator.java:37)[68:org.eclipse.jetty.security:7.1.6.v20100715]
     at 
org.eclipse.jetty.security.SecurityHandler.doStart(SecurityHandler.java:333)[68:org.eclipse.jetty.security:7.1.6.v20100715]

Regards,

Charles

On 06/12/10 19:06, Achim Nierbeck wrote:
> Hi, maybe it has something todo the way the JAAS Login of jetty works.
> to get the standard Jetty-Jaas configuration to work you have to make
> the following
> configuration in the jetty.xml
>
> <Call name="addBean">
>        <Arg>
>          <New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
>            <Set name="name">karaf</Set>
>            <Set name="loginModuleName">karaf</Set>
>            <Set name="roleClassNames">
>              <Array type="java.lang.String">
>                <Item>org.apache.karaf.jaas.modules.RolePrincipal</Item>
>              </Array>
>            </Set>
>          </New>
>        </Arg>
>      </Call>
>
> The important part is, that you have to configure the roleClass Name, if
> this
> one isn't provided you end up in strange Exceptions, because the classes
> are instantiated using reflection.
> When looking for this issue I was able to login also and did get an
> exception afterwards.
>
> Greetings, Achim
>
>> Hi,
>>
>> I try to use JAAS authentication within a camel route using
>> SecurityHandler of Jetty
>>
>> <bean id="loginService"
>> class="org.eclipse.jetty.plus.jaas.JAASLoginService">
>> <property name="name" value="karaf" />
>> <property name="loginModuleName" value="karaf" />
>> </bean>
>>
>> <bean id="constraint" class="org.eclipse.jetty.http.security.Constraint">
>> <property name="name" value="BASIC"/>
>> <property name="roles" value="admin"/>
>> <property name="authenticate" value="true"/>
>> </bean>
>>
>> <bean id="constraintMapping"
>> class="org.eclipse.jetty.security.ConstraintMapping">
>> <property name="constraint" ref="constraint"/>
>> <property name="pathSpec" value="/*"/>
>> </bean>
>>
>> <bean id="securityHandler"
>> class="org.eclipse.jetty.security.ConstraintSecurityHandler">
>> <property name="authenticator">
>> <bean
>> class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
>> </property>
>> <property name="constraintMappings">
>> <list>
>> <ref bean="constraintMapping"/>
>> </list>
>> </property>
>> <property name="loginService" ref="loginService" />
>> <property name="strict" value="false" />
>> </bean>
>>
>> <camelContext trace="true" xmlns="http://camel.apache.org/schema/spring">
>> <route>
>> <from
>> uri="jetty:http://localhost:8080/services?handlers=securityHandler"/>
>> <bean ref="responseBean"/>
>> <to
>> uri="log:org.apache.camel.ldap?level=INFO&amp;showAll=true&amp;multiline=true"/>
>> </route>
>> </camelContext>
>>
>> The authentication works fine (I can provide the username + passord in
>> the prompt) except that after I get a NPE exception and camel-jetty
>> endpoint is not able to get any exchange
>> 11:34:17,243 | WARN  | -55 - /services/ |
>> log                              | .eclipse.jetty.util.log.Slf4jLog
>> 40 | 61 - org.eclipse.jetty.util - 7.1.6.v20100715 | /services/:
>> java.lang.NullPointerException
>> 11:34:17,243 | DEBUG | -55 - /services/ |
>> log                              | .eclipse.jetty.util.log.Slf4jLog
>> 80 | 61 - org.eclipse.jetty.util - 7.1.6.v20100715 | EXCEPTION
>> java.lang.NullPointerException
>>      at
>> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:489)[68:org.eclipse.jetty.security:7.1.6.v20100715]
>>      at
>> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:113)[67:org.eclipse.jetty.server:7.1.6.v20100715]
>>      at
>> org.eclipse.jetty.server.Server.handle(Server.java:347)[67:org.eclipse.jetty.server:7.1.6.v20100715]
>>      at
>> org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:594)[67:org.eclipse.jetty.server:7.1.6.v20100715]
>>      at
>> org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:1042)[67:org.eclipse.jetty.server:7.1.6.v20100715]
>>      at
>> org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:549)[63:org.eclipse.jetty.http:7.1.6.v20100715]
>>      at
>> org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:211)[63:org.eclipse.jetty.http:7.1.6.v20100715]
>>      at
>> org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:424)[67:org.eclipse.jetty.server:7.1.6.v20100715]
>>      at
>> org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:506)[62:org.eclipse.jetty.io:7.1.6.v20100715]
>>      at
>> org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:436)[61:org.eclipse.jetty.util:7.1.6.v20100715]
>>      at java.lang.Thread.run(Thread.java:680)[:1.6.0_22]
>>
>> Any idea is welcome ?
>>
>> Regards,
>>
>> Charles

Mime
View raw message