From user-return-22462-apmail-karaf-user-archive=karaf.apache.org@karaf.apache.org Mon Jun 29 07:26:35 2020 Return-Path: X-Original-To: apmail-karaf-user-archive@minotaur.apache.org Delivered-To: apmail-karaf-user-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [207.244.88.153]) by minotaur.apache.org (Postfix) with SMTP id 372FB1ADAA for ; Mon, 29 Jun 2020 07:26:35 +0000 (UTC) Received: (qmail 7049 invoked by uid 500); 29 Jun 2020 07:26:34 -0000 Delivered-To: apmail-karaf-user-archive@karaf.apache.org Received: (qmail 7019 invoked by uid 500); 29 Jun 2020 07:26:34 -0000 Mailing-List: contact user-help@karaf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@karaf.apache.org Delivered-To: mailing list user@karaf.apache.org Received: (qmail 7005 invoked by uid 99); 29 Jun 2020 07:26:33 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 29 Jun 2020 07:26:33 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 46D95180F01 for ; Mon, 29 Jun 2020 07:26:33 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -0.399 X-Spam-Level: X-Spam-Status: No, score=-0.399 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, KAM_NUMSUBJECT=0.5, KAM_SHORT=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=disabled Authentication-Results: spamd3-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=mailbox.org header.b=BqeWAzRm; dkim=pass (2048-bit key) header.d=mailbox.org header.b=LA9b1eum Received: from mx1-ec2-va.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id l49Q_q-cCvVi for ; Mon, 29 Jun 2020 07:26:30 +0000 (UTC) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=80.241.56.151; helo=mout-p-101.mailbox.org; envelope-from=catshout@mailbox.org; receiver= Received: from mout-p-101.mailbox.org (mout-p-101.mailbox.org [80.241.56.151]) by mx1-ec2-va.apache.org (ASF Mail Server at mx1-ec2-va.apache.org) with ESMTPS id 727AFBB8FC for ; Mon, 29 Jun 2020 07:26:29 +0000 (UTC) Received: from smtp1.mailbox.org (smtp1.mailbox.org [IPv6:2001:67c:2050:105:465:1:1:0]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by mout-p-101.mailbox.org (Postfix) with ESMTPS id 49wJvK6SMJzKmq3 for ; Mon, 29 Jun 2020 09:26:21 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mailbox.org; h= content-transfer-encoding:content-type:content-type:mime-version :subject:subject:references:in-reply-to:message-id:from:from :date:date:received; s=mail20150812; t=1593415577; bh=HAMpmh+DTt GIfJqiNqhOTXzGxe3+NYVtJ8wtfka3oHE=; b=BqeWAzRmoh6szwD/vbJn/g3pE6 tHU0cDCi6AcPjVCn6H0cZcTra16hZvRv8aYYpr9OXFn7JY3RjJXv21byugNt4Ya9 sy2BAwSkSUMb4HuGcQJLVoQSNWDg0oou1lBZWEPizQkWgovtedmTa2Grz051RtTt PQPUtFfISkoURvityVhQ5FaITQbamuxBR8QyGTZSsLDgZiwSrby1kPdTMoAB3jAY jAs9CJYQwf+hwxAyx0z/B6K5ttI3hy8kX4FwLnI/RwFlvF1ySh1N6E4fSENpXG/0 lDVbsq+ZhhdF5bH2F0DZnUPje9qVUXvc3JVOz8N5W3DHXSuebjNcag3KyFGg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mailbox.org; s=mail20150812; t=1593415579; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=RzL7IHU/2TDp2VEWZELz5VamRLzGIU8iMZxSx7RVDJg=; b=LA9b1eumaB9wfv2uLO24RNVA3CjXNB/SXrLeEjACbGrcEFR3FWJ9TvpsXMBigR4MqrytEc eWHcijD+5tunyADdJNSOk89bu5/o9imqnNt33fvTW768lo19taBeYxNndR5U/3VO+8zakY X9NL8QbjXYZ50CsEuB+48PbdEjMDbLsh9IWpvw92ENW8yPJrfNzNErxMtBQFeEzFpG7v86 xuV+zwYFSslNOacWDSt9cH+yZlFYnsuYswgLsjQD1j8NV0nJ14S9ucwZzevUk5654EdC58 o2IIFRamlnQXGtUx3uq7SSAzYHjN0NWYp85drM5j2p8MAAV/0l95JZb11Lls/Q== X-Virus-Scanned: amavisd-new at heinlein-support.de Received: from smtp1.mailbox.org ([80.241.60.240]) by spamfilter06.heinlein-hosting.de (spamfilter06.heinlein-hosting.de [80.241.56.125]) (amavisd-new, port 10030) with ESMTP id 3twzqa3cSgur for ; Mon, 29 Jun 2020 09:26:17 +0200 (CEST) Date: Mon, 29 Jun 2020 09:26:17 +0200 (CEST) From: Gerald Kallas To: user@karaf.apache.org Message-ID: <1618389028.29783.1593415577316@office.mailbox.org> In-Reply-To: <659A1446-F3C1-4D4D-B222-02C1F881E9C8@nanthrax.net> References: <4611ACAD-271D-4F46-A5AF-B338A23013B7@nanthrax.net> <3EB6E70F-1EFF-4D3F-B62B-73CE9823E942@envieta.com> <9D65F599-CAA8-4D83-BBA9-69336A0C1AB9@envieta.com> <60635369-47CD-4E93-8FF2-A14420C79373@envieta.com> <087F2EEC-6CB7-45CC-9E23-BD01F3F8FB24@nanthrax.net> <186264985.214440.1589317818699@office.mailbox.org> <0729B9CE-6E3F-4FAB-9470-E572B08ED282@envieta.com> <8CC96B1A-872B-4F1B-993A-D0B3C8059A90@envieta.com> <449476069.227879.1589389005478@office.mailbox.org> <2D269A26-7B55-492D-BE92-62CBBA913256@envieta.com> <2117519824.231076.1589410964964@office.mailbox.org> <90615E6D-0CD1-4BE7-B7C5-ADADF8F04F1B@envieta.com> <1360500970.230016.1589473298872@office.mailbox.org> <1616754294.233368.1589491026226@office.mailbox.org> <28C7E26E-4232-41B6-B99F-EE7EBCDAA89C@envieta.com> <1111680235.245859.1589556168385@office.mailbox.org> <37ED3DA8-9CF4-4FE3-82D8-226C82CE2BF0@envieta.com> <2007291336.247240.1589567034146@office.mailbox.org> <1939922904.26318.1593360745776@office.mailbox.org> <1170219945.27606.1593374549779@office.mailbox.org> <1FB9CDAC-F439-4D9A-972B-7201FCB66DDF@nanthrax.net> <3018E9A2-8055-42E4-9D23-2B60F86055AD@nanthrax.net> <1626369331.29038.1593412319660@office.mailbox.org> <659A1446-F3C1-4D4D-B222-02C1F881E9C8@nanthrax.net> Subject: Re: Basic authentication of WAB using Jaas in Karaf - the trick doesn't work any longer w/ Karaf 4.2.9 and Camel 3.4.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Priority: 3 Importance: Normal X-MBO-SPAM-Probability: 0 X-Rspamd-Score: -11.08 / 15.00 / 15.00 X-Rspamd-Queue-Id: 8DB861825 X-Rspamd-UID: 48e54a See for detailed description and code sample the ticket https://issues.apache.org/jira/browse/KARAF-6772 Best - Gerald > Jean-Baptiste Onofre hat am 29.06.2020 08:34 geschriebe= n: >=20 > =20 > Thanks, I will take a look. >=20 > Regards > JB >=20 > > Le 29 juin 2020 =C3=A0 08:31, Gerald Kallas a = =C3=A9crit : > >=20 > > I'm going to create the tickets for the issues. We may extend these so = far with additional information. > >=20 > > Best > > - Gerald > >=20 > >> Jean-Baptiste Onofre hat am 29.06.2020 07:40 geschri= eben: > >>=20 > >>=20 > >> I thought Gerald already explained it on the mailing list. My intentio= n is more to create the Jira with the details. > >>=20 > >> Regards > >> JB > >>=20 > >>> Le 29 juin 2020 =C3=A0 07:33, Andrea Cosentino a = =C3=A9crit : > >>>=20 > >>> I think it's good to have the details shared in public. > >>>=20 > >>> Il lun 29 giu 2020, 07:30 Jean-Baptiste Onofre > ha scritto: > >>> Hi, > >>>=20 > >>> Yes Karaf 4.2.9 upgraded to Pax Web 7.2.15 and Jetty 9.4.28.v20200408= . > >>>=20 > >>> Can you please send a private message about issues you have with Kara= f 4.2.9 and Camel 3.4.0 (as I=E2=80=99m working on camel karaf for 3.5.0) ? > >>>=20 > >>> Thanks, > >>> Regards > >>> JB > >>>=20 > >>>> Le 28 juin 2020 =C3=A0 22:02, Gerald Kallas > a =C3=A9crit : > >>>>=20 > >>>> I tested the combination Karaf 4.2.8 and Camel 3.3.0, with this the = workaround works as expected. Seems that Jetty has been updated in Karaf 4.= 2.9? > >>>>=20 > >>>> (The combination Karaf 4.2.8 and Camel 3.4.0 doesn't work due to oth= er issues.) > >>>>=20 > >>>>> Gerald Kallas > = hat am 28.06.2020 18:12 geschrieben: > >>>>>=20 > >>>>>=20 > >>>>> Hi all, > >>>>>=20 > >>>>> I was updating the runtime to Karaf 4.2.9 and Camel 3.4.0. > >>>>>=20 > >>>>> after removing one of the org.eclipse.jetty.jaas.JAASLoginService e= ntries in my etc/jetty.xml I'm getting an error as attached below. > >>>>>=20 > >>>>> Neither hawtio nor my servlet are working any longer. Seems that no= w both entries of org.eclipse.jetty.jaas.JAASLoginService are mandatory. > >>>>>=20 > >>>>> With both entries, as you found Grzegorz, the authentication doesn'= t work. > >>>>>=20 > >>>>> Should I create a JIRA ticket and if yes, within Karaf? Or maybe yo= u have another workaround for that behaviour? > >>>>>=20 > >>>>> Best > >>>>> - Gerald > >>>>>=20 > >>>>>=20 > >>>>> 2020-06-28T16:06:47,673 | ERROR | FelixStartLevel | HttpServiceSta= rted | 266 - org.ops4j.pax.web.pax-web-runtime - 7.2.16 | Cou= ld not start the servlet context for context path [] > >>>>> java.lang.SecurityException: AuthConfigFactory error: java.lang.Cla= ssNotFoundException: org.apache.geronimo.components.jaspi.AuthConfigFactory= Impl not found by org.apache.geronimo.specs.geronimo-jaspic_1.0_spec [169] > >>>>> at javax.security.auth.message.config.AuthConfigFactory.getFa= ctory(AuthConfigFactory.java:77) ~[?:?] > >>>>> at org.eclipse.jetty.security.jaspi.JaspiAuthenticatorFactory= .getAuthenticator(JaspiAuthenticatorFactory.java:90) ~[?:?] > >>>>> at org.eclipse.jetty.security.SecurityHandler.doStart(Securit= yHandler.java:394) ~[?:?] > >>>>> at org.eclipse.jetty.security.ConstraintSecurityHandler.doSta= rt(ConstraintSecurityHandler.java:419) ~[?:?] > >>>>> at org.eclipse.jetty.util.component.AbstractLifeCycle.start(A= bstractLifeCycle.java:72) ~[?:?] > >>>>> at org.eclipse.jetty.util.component.ContainerLifeCycle.start(= ContainerLifeCycle.java:169) ~[?:?] > >>>>> at org.eclipse.jetty.util.component.ContainerLifeCycle.doStar= t(ContainerLifeCycle.java:110) ~[?:?] > >>>>> at org.eclipse.jetty.server.handler.AbstractHandler.doStart(A= bstractHandler.java:97) ~[?:?] > >>>>> at org.eclipse.jetty.server.handler.ScopedHandler.doStart(Sco= pedHandler.java:120) ~[?:?] > >>>>> at org.eclipse.jetty.server.session.SessionHandler.doStart(Se= ssionHandler.java:504) ~[?:?] > >>>>> at org.eclipse.jetty.util.component.AbstractLifeCycle.start(A= bstractLifeCycle.java:72) ~[?:?] > >>>>> at org.eclipse.jetty.util.component.ContainerLifeCycle.start(= ContainerLifeCycle.java:169) ~[?:?] > >>>>> at org.eclipse.jetty.util.component.ContainerLifeCycle.doStar= t(ContainerLifeCycle.java:110) ~[?:?] > >>>>> at org.eclipse.jetty.server.handler.AbstractHandler.doStart(A= bstractHandler.java:97) ~[?:?] > >>>>> at org.eclipse.jetty.server.handler.ScopedHandler.doStart(Sco= pedHandler.java:120) ~[?:?] > >>>>> at org.eclipse.jetty.server.handler.ContextHandler.startConte= xt(ContextHandler.java:898) ~[?:?] > >>>>> at org.eclipse.jetty.servlet.ServletContextHandler.startConte= xt(ServletContextHandler.java:356) ~[?:?] > >>>>> at org.ops4j.pax.web.service.jetty.internal.HttpServiceContex= t.startContext(HttpServiceContext.java:396) ~[?:?] > >>>>> at org.eclipse.jetty.server.handler.ContextHandler.doStart(Co= ntextHandler.java:838) ~[?:?] > >>>>> at org.eclipse.jetty.servlet.ServletContextHandler.doStart(Se= rvletContextHandler.java:275) ~[?:?] > >>>>> at org.ops4j.pax.web.service.jetty.internal.HttpServiceContex= t.doStart(HttpServiceContext.java:272) ~[?:?] > >>>>> at org.eclipse.jetty.util.component.AbstractLifeCycle.start(A= bstractLifeCycle.java:72) ~[?:?] > >>>>> at org.ops4j.pax.web.service.jetty.internal.JettyServerImpl$1= .start(JettyServerImpl.java:329) ~[?:?] > >>>>> at org.ops4j.pax.web.service.internal.HttpServiceStarted.regi= sterServlet(HttpServiceStarted.java:255) [!/:?] > >>>>> at org.ops4j.pax.web.service.internal.HttpServiceStarted.regi= sterServlet(HttpServiceStarted.java:226) [!/:?] > >>>>> at org.ops4j.pax.web.service.internal.HttpServiceStarted.regi= sterServlet(HttpServiceStarted.java:210) [!/:?] > >>>>> at org.ops4j.pax.web.service.internal.HttpServiceProxy.regist= erServlet(HttpServiceProxy.java:69) [!/:?] > >>>>> at Proxy92a1a95e_1f66_41cb_8fcd_ed63d983d611.registerServlet(= Unknown Source) [?:?] > >>>>> at org.apache.camel.component.osgi.OsgiServletRegisterer.regi= ster(OsgiServletRegisterer.java:98) [!/:3.4.0] > >>>>> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Nati= ve Method) ~[?:?] > >>>>> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Nativ= eMethodAccessorImpl.java:62) ~[?:?] > >>>>> at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(D= elegatingMethodAccessorImpl.java:43) ~[?:?] > >>>>> at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?] > >>>>> at org.apache.aries.blueprint.utils.ReflectionUtils.invoke(Re= flectionUtils.java:337) [!/:1.10.2] > >>>>> at org.apache.aries.blueprint.container.BeanRecipe.invoke(Bea= nRecipe.java:835) [!/:1.10.2] > >>>>> at org.apache.aries.blueprint.container.BeanRecipe.runBeanPro= cInit(BeanRecipe.java:591) [!/:1.10.2] > >>>>> at org.apache.aries.blueprint.container.BeanRecipe.internalCr= eate2(BeanRecipe.java:703) [!/:1.10.2] > >>>>> at org.apache.aries.blueprint.container.BeanRecipe.internalCr= eate(BeanRecipe.java:666) [!/:1.10.2] > >>>>> at org.apache.aries.blueprint.di.AbstractRecipe$1.call(Abstra= ctRecipe.java:81) [!/:1.10.2] > >>>>> at java.util.concurrent.FutureTask.run(FutureTask.java:264) [= ?:?] > >>>>> at org.apache.aries.blueprint.di.AbstractRecipe.create(Abstra= ctRecipe.java:90) [!/:1.10.2] > >>>>> at org.apache.aries.blueprint.container.BlueprintRepository.c= reateInstances(BlueprintRepository.java:360) [!/:1.10.2] > >>>>> at org.apache.aries.blueprint.container.BlueprintRepository.c= reateAll(BlueprintRepository.java:190) [!/:1.10.2] > >>>>> at org.apache.aries.blueprint.container.BlueprintContainerImp= l.instantiateEagerComponents(BlueprintContainerImpl.java:737) [!/:1.10.2] > >>>>> at org.apache.aries.blueprint.container.BlueprintContainerImp= l.doRun(BlueprintContainerImpl.java:433) [!/:1.10.2] > >>>>> at org.apache.aries.blueprint.container.BlueprintContainerImp= l.run(BlueprintContainerImpl.java:298) [!/:1.10.2] > >>>>> at org.apache.aries.blueprint.container.BlueprintExtender.cre= ateContainer(BlueprintExtender.java:311) [!/:1.10.2] > >>>>> at org.apache.aries.blueprint.container.BlueprintExtender.cre= ateContainer(BlueprintExtender.java:280) [!/:1.10.2] > >>>>> at org.apache.aries.blueprint.container.BlueprintExtender.cre= ateContainer(BlueprintExtender.java:276) [!/:1.10.2] > >>>>> at org.apache.aries.blueprint.container.BlueprintExtender.mod= ifiedBundle(BlueprintExtender.java:266) [!/:1.10.2] > >>>>> at org.apache.aries.util.tracker.hook.BundleHookBundleTracker= $Tracked.customizerModified(BundleHookBundleTracker.java:500) [!/:1.10.2] > >>>>> at org.apache.aries.util.tracker.hook.BundleHookBundleTracker= $Tracked.customizerModified(BundleHookBundleTracker.java:433) [!/:1.10.2] > >>>>> at org.apache.aries.util.tracker.hook.BundleHookBundleTracker= $AbstractTracked.track(BundleHookBundleTracker.java:725) [!/:1.10.2] > >>>>> at org.apache.aries.util.tracker.hook.BundleHookBundleTracker= $Tracked.bundleChanged(BundleHookBundleTracker.java:463) [!/:1.10.2] > >>>>> at org.apache.aries.util.tracker.hook.BundleHookBundleTracker= $BundleEventHook.event(BundleHookBundleTracker.java:422) [!/:1.10.2] > >>>>> at org.apache.felix.framework.util.SecureAction.invokeBundleE= ventHook(SecureAction.java:1179) [org.apache.felix.framework-5.6.12.jar:?] > >>>>> at org.apache.felix.framework.EventDispatcher.createWhitelist= FromHooks(EventDispatcher.java:730) [org.apache.felix.framework-5.6.12.jar:= ?] > >>>>> at org.apache.felix.framework.EventDispatcher.fireBundleEvent= (EventDispatcher.java:485) [org.apache.felix.framework-5.6.12.jar:?] > >>>>> at org.apache.felix.framework.Felix.fireBundleEvent(Felix.jav= a:4579) [org.apache.felix.framework-5.6.12.jar:?] > >>>>> at org.apache.felix.framework.Felix.startBundle(Felix.java:21= 74) [org.apache.felix.framework-5.6.12.jar:?] > >>>>> at org.apache.felix.framework.Felix.setActiveStartLevel(Felix= .java:1373) [org.apache.felix.framework-5.6.12.jar:?] > >>>>> at org.apache.felix.framework.FrameworkStartLevelImpl.run(Fra= meworkStartLevelImpl.java:308) [org.apache.felix.framework-5.6.12.jar:?] > >>>>> at java.lang.Thread.run(Thread.java:834) [?:?] > >>>>> Caused by: java.lang.ClassNotFoundException: org.apache.geronimo.co= mponents.jaspi.AuthConfigFactoryImpl not found by org.apache.geronimo.specs= .geronimo-jaspic_1.0_spec [169] > >>>>> at org.apache.felix.framework.BundleWiringImpl.findClassOrRes= ourceByDelegation(BundleWiringImpl.java:1639) ~[?:?] > >>>>> at org.apache.felix.framework.BundleWiringImpl.access$200(Bun= dleWiringImpl.java:80) ~[?:?] > >>>>> at org.apache.felix.framework.BundleWiringImpl$BundleClassLoa= der.loadClass(BundleWiringImpl.java:2053) ~[?:?] > >>>>> at java.lang.ClassLoader.loadClass(ClassLoader.java:521) ~[?:= ?] > >>>>> at java.lang.Class.forName0(Native Method) ~[?:?] > >>>>> at java.lang.Class.forName(Class.java:398) ~[?:?] > >>>>> at org.apache.geronimo.osgi.locator.ProviderLocator.loadClass= (ProviderLocator.java:195) ~[?:?] > >>>>> at javax.security.auth.message.config.AuthConfigFactory$3.run= (AuthConfigFactory.java:68) ~[?:?] > >>>>> at java.security.AccessController.doPrivileged(Native Method)= ~[?:?] > >>>>> at javax.security.auth.message.config.AuthConfigFactory.getFa= ctory(AuthConfigFactory.java:64) ~[?:?] > >>>>> ... 62 more > >>>>>=20 > >>>>>> Grzegorz Grzybek > hat am 18.05.2020 15:24 geschrieben: > >>>>>>=20 > >>>>>>=20 > >>>>>> Hello > >>>>>>=20 > >>>>>> I have some answer. First, the "http context processing" feature w= as mainly > >>>>>> tested to "inject" Keycloak authenticator and I mostly tested it w= ith > >>>>>> pax-web-undertow. > >>>>>>=20 > >>>>>> But I checked how it works with pax-web-jetty in the debugger. > >>>>>>=20 > >>>>>> The key problem is that when Jetty's SecurityHandler is starting, = it tries > >>>>>> to find/discover org.eclipse.jetty.security.LoginService instance. > >>>>>> With default etc/jetty.xml, there are TWO beans with > >>>>>> org.eclipse.jetty.jaas.JAASLoginService class and > >>>>>> org.eclipse.jetty.security.SecurityHandler#findLoginService() meth= od does > >>>>>> this: > >>>>>>=20 > >>>>>> else if (list.size() =3D=3D 1) > >>>>>> service =3D list.iterator().next(); > >>>>>>=20 > >>>>>> So I simply made it working by ensuring there's only one > >>>>>> org.eclipse.jetty.jaas.JAASLoginService: > >>>>>>=20 > >>>>>> list =3D {java.util.ArrayList@9544} size =3D 1 > >>>>>> 0 =3D {org.eclipse.jetty.jaas.JAASLoginService@9547} > >>>>>> "JAASLoginService@7ba67d0b{STARTED}" > >>>>>> LOG: org.eclipse.jetty.util.log.Logger =3D > >>>>>> {org.eclipse.jetty.util.log.Slf4jLog@9549} > >>>>>> "org.ops4j.pax.logging.slf4j.Slf4jLogger@43ea82d7" > >>>>>> DEFAULT_ROLE_CLASS_NAME: java.lang.String =3D > >>>>>> "org.eclipse.jetty.jaas.JAASRole" > >>>>>> DEFAULT_ROLE_CLASS_NAMES: java.lang.String[] =3D > >>>>>> {java.lang.String[1]@9551} > >>>>>> _roleClassNames: java.lang.String[] =3D {java.lang.String[2]@9552= } > >>>>>> _callbackHandlerClass: java.lang.String =3D null > >>>>>> _realmName: java.lang.String =3D "karaf" > >>>>>> _loginModuleName: java.lang.String =3D "karaf" > >>>>>>=20 > >>>>>> Now, with your Camel route, I got: > >>>>>>=20 > >>>>>> $ curl -v http://localhost:8181/camel/api/say/hello > >>>>>> * Trying ::1:8181... > >>>>>> * Connected to localhost (::1) port 8181 (#0) > >>>>>>> GET /camel/api/say/hello HTTP/1.1 > >>>>>>> Host: localhost:8181 > >>>>>>> User-Agent: curl/7.69.1 > >>>>>>> Accept: */* > >>>>>>>=20 > >>>>>> * Mark bundle as not supporting multiuse > >>>>>> < HTTP/1.1 404 Not Found > >>>>>> < Cache-Control: must-revalidate,no-cache,no-store > >>>>>> < Content-Type: text/html;charset=3Diso-8859-1 > >>>>>> < Content-Length: 456 > >>>>>> < Server: Jetty(9.4.22.v20191022) > >>>>>> < > >>>>>>=20 > >>>>>> $ curl -v -u karaf:karaf http://localhost:8181/camel/api/say/hello= > >>>>>> * Trying ::1:8181... > >>>>>> * Connected to localhost (::1) port 8181 (#0) > >>>>>> * Server auth using Basic with user 'karaf' > >>>>>>> GET /camel/api/say/hello HTTP/1.1 > >>>>>>> Host: localhost:8181 > >>>>>>> Authorization: Basic a2FyYWY6a2FyYWY=3D > >>>>>>> User-Agent: curl/7.69.1 > >>>>>>> Accept: */* > >>>>>>>=20 > >>>>>> * Mark bundle as not supporting multiuse > >>>>>> < HTTP/1.1 200 OK > >>>>>> < Content-Type: application/json > >>>>>> < Accept: */* > >>>>>> < Authorization: Basic a2FyYWY6a2FyYWY=3D > >>>>>> < breadcrumbId: ID-everfree-forest-1589807499756-0-1 > >>>>>> < User-Agent: curl/7.69.1 > >>>>>> < Transfer-Encoding: chunked > >>>>>> < Server: Jetty(9.4.22.v20191022) > >>>>>> < > >>>>>> * Connection #0 to host localhost left intact > >>>>>> "Hello World" > >>>>>>=20 > >>>>>> In theory it should be possible to grab (in etc/jetty.xml, using > >>>>>> element) instance of SecurityHandler and simply set th= ere the > >>>>>> "realmName" property to "Karaf", so even with two different beans = with > >>>>>> org.eclipse.jetty.jaas.JAASLoginService class, Jetty would pick up= the > >>>>>> right one. But in Pax Web security handler is part of every > >>>>>> org.ops4j.pax.web.service.jetty.internal.HttpServiceContext create= d and > >>>>>> only in Pax Web 8 I'd be able to fix this in more clean way. > >>>>>>=20 > >>>>>> So, please use only one org.eclipse.jetty.jaas.JAASLoginService in= your > >>>>>> etc/jetty.xml > >>>>>>=20 > >>>>>> regards > >>>>>> Grzegorz Grzybek > >>>>>>=20 > >>>>>> pon., 18 maj 2020 o 10:25 Achim Nierbeck .invalid> > >>>>>> napisa=C5=82(a): > >>>>>>=20 > >>>>>>> Hi, > >>>>>>>=20 > >>>>>>> I already also answered Gerald in another mail. > >>>>>>> I'm not quite sure but what might be an issue, is that the defaul= t > >>>>>>> http-context used in his application isn't bound to the underlyin= g security > >>>>>>> realm. > >>>>>>> Therefore it's quite a possibility that there needs to be a confi= guration > >>>>>>> done in his own application, using his own http-Context. > >>>>>>>=20 > >>>>>>> Can be found here: > >>>>>>>=20 > >>>>>>> https://github.com/ops4j/org.ops4j.pax.web/blob/master/samples/au= thentication/src/main/java/org/ops4j/pax/web/samples/authentication/interna= l/Activator.java > >>>>>>>=20 > >>>>>>> https://github.com/ops4j/org.ops4j.pax.web/blob/master/samples/au= thentication/src/main/java/org/ops4j/pax/web/samples/authentication/AuthHtt= pContext.java > >>>>>>> and here: > >>>>>>>=20 > >>>>>>> https://github.com/jgoodyear/ApacheKarafCookbook/blob/master/chap= ter4/chapter4-recipe4/chapter4-recipe4-whiteboard/src/main/java/com/packt/i= nternal/Activator.java > >>>>>>>=20 > >>>>>>> regards, Achim > >>>>>>>=20 > >>>>>>>=20 > >>>>>>> Am Fr., 15. Mai 2020 um 21:06 Uhr schrieb Alex Soto > >>>>>>>> : > >>>>>>>=20 > >>>>>>>> I=E2=80=99m sorry, I don=E2=80=99t know why it's not working; it= looks correct to me. > >>>>>>>> Maybe somebody from the Pax-Web team can help you. > >>>>>>>> The only suspicious thing is the warning: > >>>>>>>>=20 > >>>>>>>> 2020-05-15T18:20:50,256 | WARN | qtp1611313605-201 | SecurityHa= ndler > >>>>>>>> | 229 - org.eclipse.jetty.util - 9.4.22.v20191022 | No > >>>>>>>> authenticator for: {RoleInfo,C[admin],None} > >>>>>>>>=20 > >>>>>>>>=20 > >>>>>>>> Which suggest something is misconfigured. > >>>>>>>>=20 > >>>>>>>> Best regards, > >>>>>>>> Alex soto > >>>>>>>>=20 > >>>>>>>>=20 > >>>>>>>>=20 > >>>>>>>>=20 > >>>>>>>>> On May 15, 2020, at 2:23 PM, Gerald Kallas > > >>>>>>> wrote: > >>>>>>>>>=20 > >>>>>>>>> 2020-05-15T18:20:50,256 | WARN | qtp1611313605-201 | SecurityH= andler > >>>>>>>> | 229 - org.eclipse.jetty.util - 9.4.22.v20191022 | = No > >>>>>>>> authenticator for: {RoleInfo,C[admin],None} > >>>>>>>>=20 > >>>>>>>>=20 > >>>>>>>=20 > >>>>>>> -- > >>>>>>>=20 > >>>>>>> Apache Member > >>>>>>> Apache Karaf = > Committer & PMC > >>>>>>> OPS4J Pax Web > Committer & > >>>>>>> Project Lead > >>>>>>> blog > > >>>>>>> Co-Author of Apache Karaf Cookbook > > >>>>>>>=20 > >>>