Return-Path: 
 <user-return-314-apmail-karaf-user-archive=karaf.apache.org@karaf.apache.org>
Delivered-To: apmail-karaf-user-archive@minotaur.apache.org
Received: (qmail 48283 invoked from network); 6 Dec 2010 18:06:48 -0000
Received: from unknown (HELO mail.apache.org) (140.211.11.3)
  by 140.211.11.9 with SMTP; 6 Dec 2010 18:06:48 -0000
Received: (qmail 70134 invoked by uid 500); 6 Dec 2010 18:06:48 -0000
Delivered-To: apmail-karaf-user-archive@karaf.apache.org
Received: (qmail 70106 invoked by uid 500); 6 Dec 2010 18:06:48 -0000
Mailing-List: contact user-help@karaf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:user-help@karaf.apache.org>
List-Unsubscribe: <mailto:user-unsubscribe@karaf.apache.org>
List-Post: <mailto:user@karaf.apache.org>
List-Id: <user.karaf.apache.org>
Reply-To: user@karaf.apache.org
Delivered-To: mailing list user@karaf.apache.org
Received: (qmail 70098 invoked by uid 99); 6 Dec 2010 18:06:48 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 06 Dec 2010 18:06:48 +0000
X-ASF-Spam-Status: No, hits=-0.7 required=10.0
	tests=FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,RFC_ABUSE_POST,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of bcanhome@googlemail.com
 designates 209.85.214.48 as permitted sender)
Received: from [209.85.214.48] (HELO mail-bw0-f48.google.com) (209.85.214.48)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 06 Dec 2010 18:06:40 +0000
Received: by bwz9 with SMTP id 9so11435607bwz.21
        for <user@karaf.apache.org>; Mon, 06 Dec 2010 10:06:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=googlemail.com; s=gamma;
        h=domainkey-signature:received:received:message-id:date:from
         :user-agent:mime-version:to:subject:references:in-reply-to
         :x-enigmail-version:content-type:content-transfer-encoding;
        bh=A/jr7tLAIcMScgnUW9O8ohPivllRwl8fciDHNqsKxxA=;
        b=POgw4vr1yp5yqt8AqnN0NJ/DH9hbEnAv6Q3Oy/xU2Ho7IqeC7szac/V0VYByT/HlNS
         rwTtnZBGUO4rwZReiPYASv+6zydq8viSWrjZXUxU/SY3FOsptnvmoNQfVtQbGTevBc0y
         UjZ2bNFCr23ebtvpVzxkoz0grHe4nPdw4W2gM=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=googlemail.com; s=gamma;
        h=message-id:date:from:user-agent:mime-version:to:subject:references
         :in-reply-to:x-enigmail-version:content-type
         :content-transfer-encoding;
        b=uGQkzxtOrQgRjWNkKYV6suLj4zwQ2qPXYmcqL5haVGtaoEXTnTP30v82UX1ftxLsSY
         b9v5dM/6ntVdljwzkkWX7tHHsf9YNZEy4ZwqU8tBwKmqDwi/YhqmvUflFhc3a8acOGvk
         W3FPkR3pgIv/YdbOKTmFyxaF9iGksz/N6hR5k=
Received: by 10.204.122.65 with SMTP id k1mr68bkr.80.1291658779150;
        Mon, 06 Dec 2010 10:06:19 -0800 (PST)
Received: from [192.168.1.50] (dslb-088-066-140-092.pools.arcor-ip.net
 [88.66.140.92])
        by mx.google.com with ESMTPS id s16sm1214349bkk.0.2010.12.06.10.06.14
        (version=SSLv3 cipher=RC4-MD5);
        Mon, 06 Dec 2010 10:06:17 -0800 (PST)
Message-ID: <4CFD2614.9000105@googlemail.com>
Date: Mon, 06 Dec 2010 19:06:12 +0100
From: Achim Nierbeck <bcanhome@googlemail.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; de;
 rv:1.9.2.12) Gecko/20101027 Lightning/1.0b2 Thunderbird/3.1.6
MIME-Version: 1.0
To: user@karaf.apache.org
Subject: Re: camel-jetty + authentication JAAS
References: <4CFCBF01.2010803@gmail.com>
In-Reply-To: <4CFCBF01.2010803@gmail.com>
X-Enigmail-Version: 1.1.1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Virus-Checked: Checked by ClamAV on apache.org

Hi, maybe it has something todo the way the JAAS Login of jetty works.
to get the standard Jetty-Jaas configuration to work you have to make
the following
configuration in the jetty.xml

<Call name="addBean">
      <Arg>
        <New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
          <Set name="name">karaf</Set>
          <Set name="loginModuleName">karaf</Set>
          <Set name="roleClassNames">
            <Array type="java.lang.String">
              <Item>org.apache.karaf.jaas.modules.RolePrincipal</Item>
            </Array>
          </Set>
        </New>
      </Arg>
    </Call>
   
The important part is, that you have to configure the roleClass Name, if
this
one isn't provided you end up in strange Exceptions, because the classes
are instantiated using reflection.
When looking for this issue I was able to login also and did get an
exception afterwards.

Greetings, Achim

> Hi,
>
> I try to use JAAS authentication within a camel route using
> SecurityHandler of Jetty
>
> <bean id="loginService"
> class="org.eclipse.jetty.plus.jaas.JAASLoginService">
> <property name="name" value="karaf" />
> <property name="loginModuleName" value="karaf" />
> </bean>
>
> <bean id="constraint" class="org.eclipse.jetty.http.security.Constraint">
> <property name="name" value="BASIC"/>
> <property name="roles" value="admin"/>
> <property name="authenticate" value="true"/>
> </bean>
>
> <bean id="constraintMapping"
> class="org.eclipse.jetty.security.ConstraintMapping">
> <property name="constraint" ref="constraint"/>
> <property name="pathSpec" value="/*"/>
> </bean>
>
> <bean id="securityHandler"
> class="org.eclipse.jetty.security.ConstraintSecurityHandler">
> <property name="authenticator">
> <bean
> class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
> </property>
> <property name="constraintMappings">
> <list>
> <ref bean="constraintMapping"/>
> </list>
> </property>
> <property name="loginService" ref="loginService" />
> <property name="strict" value="false" />
> </bean>
>
> <camelContext trace="true" xmlns="http://camel.apache.org/schema/spring">
> <route>
> <from
> uri="jetty:http://localhost:8080/services?handlers=securityHandler"/>
> <bean ref="responseBean"/>
> <to
> uri="log:org.apache.camel.ldap?level=INFO&amp;showAll=true&amp;multiline=true"/>
> </route>
> </camelContext>
>
> The authentication works fine (I can provide the username + passord in
> the prompt) except that after I get a NPE exception and camel-jetty
> endpoint is not able to get any exchange
> 11:34:17,243 | WARN  | -55 - /services/ |
> log                              | .eclipse.jetty.util.log.Slf4jLog  
> 40 | 61 - org.eclipse.jetty.util - 7.1.6.v20100715 | /services/:
> java.lang.NullPointerException
> 11:34:17,243 | DEBUG | -55 - /services/ |
> log                              | .eclipse.jetty.util.log.Slf4jLog  
> 80 | 61 - org.eclipse.jetty.util - 7.1.6.v20100715 | EXCEPTION
> java.lang.NullPointerException
>     at
> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:489)[68:org.eclipse.jetty.security:7.1.6.v20100715]
>     at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:113)[67:org.eclipse.jetty.server:7.1.6.v20100715]
>     at
> org.eclipse.jetty.server.Server.handle(Server.java:347)[67:org.eclipse.jetty.server:7.1.6.v20100715]
>     at
> org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:594)[67:org.eclipse.jetty.server:7.1.6.v20100715]
>     at
> org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:1042)[67:org.eclipse.jetty.server:7.1.6.v20100715]
>     at
> org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:549)[63:org.eclipse.jetty.http:7.1.6.v20100715]
>     at
> org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:211)[63:org.eclipse.jetty.http:7.1.6.v20100715]
>     at
> org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:424)[67:org.eclipse.jetty.server:7.1.6.v20100715]
>     at
> org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:506)[62:org.eclipse.jetty.io:7.1.6.v20100715]
>     at
> org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:436)[61:org.eclipse.jetty.util:7.1.6.v20100715]
>     at java.lang.Thread.run(Thread.java:680)[:1.6.0_22]
>
> Any idea is welcome ?
>
> Regards,
>
> Charles