From user-return-22461-apmail-karaf-user-archive=karaf.apache.org@karaf.apache.org Mon Jun 29 06:34:19 2020 Return-Path: X-Original-To: apmail-karaf-user-archive@minotaur.apache.org Delivered-To: apmail-karaf-user-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [207.244.88.153]) by minotaur.apache.org (Postfix) with SMTP id B230C1ABFA for ; Mon, 29 Jun 2020 06:34:18 +0000 (UTC) Received: (qmail 32599 invoked by uid 500); 29 Jun 2020 06:34:17 -0000 Delivered-To: apmail-karaf-user-archive@karaf.apache.org Received: (qmail 32568 invoked by uid 500); 29 Jun 2020 06:34:17 -0000 Mailing-List: contact user-help@karaf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@karaf.apache.org Delivered-To: mailing list user@karaf.apache.org Received: (qmail 32558 invoked by uid 99); 29 Jun 2020 06:34:17 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 29 Jun 2020 06:34:17 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id EBCC31A005E for ; Mon, 29 Jun 2020 06:34:16 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 0.812 X-Spam-Level: X-Spam-Status: No, score=0.812 tagged_above=-999 required=6.31 tests=[KAM_DMARC_STATUS=0.01, KAM_LAZY_DOMAIN_SECURITY=1, KAM_NUMSUBJECT=0.5, KAM_SHORT=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=disabled Received: from mx1-ec2-va.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id 8_Rer6LqT4zM for ; Mon, 29 Jun 2020 06:34:13 +0000 (UTC) Received-SPF: None (mailfrom) identity=mailfrom; client-ip=217.70.183.199; helo=relay9-d.mail.gandi.net; envelope-from=jb@nanthrax.net; receiver= Received: from relay9-d.mail.gandi.net (relay9-d.mail.gandi.net [217.70.183.199]) by mx1-ec2-va.apache.org (ASF Mail Server at mx1-ec2-va.apache.org) with ESMTPS id C8BB8BB8FC for ; Mon, 29 Jun 2020 06:34:12 +0000 (UTC) X-Originating-IP: 78.218.26.15 Received: from [192.168.1.100] (hvc29-1-78-218-26-15.fbx.proxad.net [78.218.26.15]) (Authenticated sender: jb@nanthrax.net) by relay9-d.mail.gandi.net (Postfix) with ESMTPSA id 54AC6FF805; Mon, 29 Jun 2020 06:34:02 +0000 (UTC) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.80.23.2.2\)) Subject: Re: Basic authentication of WAB using Jaas in Karaf - the trick doesn't work any longer w/ Karaf 4.2.9 and Camel 3.4.0 From: Jean-Baptiste Onofre X-Priority: 3 In-Reply-To: <1626369331.29038.1593412319660@office.mailbox.org> Date: Mon, 29 Jun 2020 08:34:01 +0200 Cc: users@camel.apache.org, Grzegorz Grzybek Content-Transfer-Encoding: quoted-printable Message-Id: <659A1446-F3C1-4D4D-B222-02C1F881E9C8@nanthrax.net> References: <4611ACAD-271D-4F46-A5AF-B338A23013B7@nanthrax.net> <3EB6E70F-1EFF-4D3F-B62B-73CE9823E942@envieta.com> <9D65F599-CAA8-4D83-BBA9-69336A0C1AB9@envieta.com> <60635369-47CD-4E93-8FF2-A14420C79373@envieta.com> <087F2EEC-6CB7-45CC-9E23-BD01F3F8FB24@nanthrax.net> <186264985.214440.1589317818699@office.mailbox.org> <0729B9CE-6E3F-4FAB-9470-E572B08ED282@envieta.com> <8CC96B1A-872B-4F1B-993A-D0B3C8059A90@envieta.com> <449476069.227879.1589389005478@office.mailbox.org> <2D269A26-7B55-492D-BE92-62CBBA913256@envieta.com> <2117519824.231076.1589410964964@office.mailbox.org> <90615E6D-0CD1-4BE7-B7C5-ADADF8F04F1B@envieta.com> <1360500970.230016.1589473298872@office.mailbox.org> <1616754294.233368.1589491026226@office.mailbox.org> <28C7E26E-4232-41B6-B99F-EE7EBCDAA89C@envieta.com> <1111680235.245859.1589556168385@office.mailbox.org> <37ED3DA8-9CF4-4FE3-82D8-226C82CE2BF0@envieta.com> <2007291336.247240.1589567034146@office.mailbox.org> <1939922904.26318.1593360745776@office.mailbox.org> <1170219945.27606.1593374549779@office.mailbox.org> <1FB9CDAC-F439-4D9A-972B-7201FCB66DDF@nanthrax.net> <3018E9A2-8055-42E4-9D23-2B60F86055AD@nanthrax.net> <1626369331.29038.1593412319660@office.mailbox.org> To: user@karaf.apache.org X-Mailer: Apple Mail (2.3608.80.23.2.2) Thanks, I will take a look. Regards JB > Le 29 juin 2020 =C3=A0 08:31, Gerald Kallas a = =C3=A9crit : >=20 > I'm going to create the tickets for the issues. We may extend these so = far with additional information. >=20 > Best > - Gerald >=20 >> Jean-Baptiste Onofre hat am 29.06.2020 07:40 = geschrieben: >>=20 >>=20 >> I thought Gerald already explained it on the mailing list. My = intention is more to create the Jira with the details. >>=20 >> Regards >> JB >>=20 >>> Le 29 juin 2020 =C3=A0 07:33, Andrea Cosentino a = =C3=A9crit : >>>=20 >>> I think it's good to have the details shared in public. >>>=20 >>> Il lun 29 giu 2020, 07:30 Jean-Baptiste Onofre > ha scritto: >>> Hi, >>>=20 >>> Yes Karaf 4.2.9 upgraded to Pax Web 7.2.15 and Jetty = 9.4.28.v20200408. >>>=20 >>> Can you please send a private message about issues you have with = Karaf 4.2.9 and Camel 3.4.0 (as I=E2=80=99m working on camel karaf for = 3.5.0) ? >>>=20 >>> Thanks, >>> Regards >>> JB >>>=20 >>>> Le 28 juin 2020 =C3=A0 22:02, Gerald Kallas > a =C3=A9crit : >>>>=20 >>>> I tested the combination Karaf 4.2.8 and Camel 3.3.0, with this the = workaround works as expected. Seems that Jetty has been updated in Karaf = 4.2.9? >>>>=20 >>>> (The combination Karaf 4.2.8 and Camel 3.4.0 doesn't work due to = other issues.) >>>>=20 >>>>> Gerald Kallas > = hat am 28.06.2020 18:12 geschrieben: >>>>>=20 >>>>>=20 >>>>> Hi all, >>>>>=20 >>>>> I was updating the runtime to Karaf 4.2.9 and Camel 3.4.0. >>>>>=20 >>>>> after removing one of the org.eclipse.jetty.jaas.JAASLoginService = entries in my etc/jetty.xml I'm getting an error as attached below. >>>>>=20 >>>>> Neither hawtio nor my servlet are working any longer. Seems that = now both entries of org.eclipse.jetty.jaas.JAASLoginService are = mandatory. >>>>>=20 >>>>> With both entries, as you found Grzegorz, the authentication = doesn't work. >>>>>=20 >>>>> Should I create a JIRA ticket and if yes, within Karaf? Or maybe = you have another workaround for that behaviour? >>>>>=20 >>>>> Best >>>>> - Gerald >>>>>=20 >>>>>=20 >>>>> 2020-06-28T16:06:47,673 | ERROR | FelixStartLevel | = HttpServiceStarted | 266 - = org.ops4j.pax.web.pax-web-runtime - 7.2.16 | Could not start the servlet = context for context path [] >>>>> java.lang.SecurityException: AuthConfigFactory error: = java.lang.ClassNotFoundException: = org.apache.geronimo.components.jaspi.AuthConfigFactoryImpl not found by = org.apache.geronimo.specs.geronimo-jaspic_1.0_spec [169] >>>>> at = javax.security.auth.message.config.AuthConfigFactory.getFactory(AuthConfig= Factory.java:77) ~[?:?] >>>>> at = org.eclipse.jetty.security.jaspi.JaspiAuthenticatorFactory.getAuthenticato= r(JaspiAuthenticatorFactory.java:90) ~[?:?] >>>>> at = org.eclipse.jetty.security.SecurityHandler.doStart(SecurityHandler.java:39= 4) ~[?:?] >>>>> at = org.eclipse.jetty.security.ConstraintSecurityHandler.doStart(ConstraintSec= urityHandler.java:419) ~[?:?] >>>>> at = org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle= .java:72) ~[?:?] >>>>> at = org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCyc= le.java:169) ~[?:?] >>>>> at = org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeC= ycle.java:110) ~[?:?] >>>>> at = org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.j= ava:97) ~[?:?] >>>>> at = org.eclipse.jetty.server.handler.ScopedHandler.doStart(ScopedHandler.java:= 120) ~[?:?] >>>>> at = org.eclipse.jetty.server.session.SessionHandler.doStart(SessionHandler.jav= a:504) ~[?:?] >>>>> at = org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle= .java:72) ~[?:?] >>>>> at = org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCyc= le.java:169) ~[?:?] >>>>> at = org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeC= ycle.java:110) ~[?:?] >>>>> at = org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.j= ava:97) ~[?:?] >>>>> at = org.eclipse.jetty.server.handler.ScopedHandler.doStart(ScopedHandler.java:= 120) ~[?:?] >>>>> at = org.eclipse.jetty.server.handler.ContextHandler.startContext(ContextHandle= r.java:898) ~[?:?] >>>>> at = org.eclipse.jetty.servlet.ServletContextHandler.startContext(ServletContex= tHandler.java:356) ~[?:?] >>>>> at = org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.startContext(H= ttpServiceContext.java:396) ~[?:?] >>>>> at = org.eclipse.jetty.server.handler.ContextHandler.doStart(ContextHandler.jav= a:838) ~[?:?] >>>>> at = org.eclipse.jetty.servlet.ServletContextHandler.doStart(ServletContextHand= ler.java:275) ~[?:?] >>>>> at = org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doStart(HttpSe= rviceContext.java:272) ~[?:?] >>>>> at = org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle= .java:72) ~[?:?] >>>>> at = org.ops4j.pax.web.service.jetty.internal.JettyServerImpl$1.start(JettyServ= erImpl.java:329) ~[?:?] >>>>> at = org.ops4j.pax.web.service.internal.HttpServiceStarted.registerServlet(Http= ServiceStarted.java:255) [!/:?] >>>>> at = org.ops4j.pax.web.service.internal.HttpServiceStarted.registerServlet(Http= ServiceStarted.java:226) [!/:?] >>>>> at = org.ops4j.pax.web.service.internal.HttpServiceStarted.registerServlet(Http= ServiceStarted.java:210) [!/:?] >>>>> at = org.ops4j.pax.web.service.internal.HttpServiceProxy.registerServlet(HttpSe= rviceProxy.java:69) [!/:?] >>>>> at = Proxy92a1a95e_1f66_41cb_8fcd_ed63d983d611.registerServlet(Unknown = Source) [?:?] >>>>> at = org.apache.camel.component.osgi.OsgiServletRegisterer.register(OsgiServlet= Registerer.java:98) [!/:3.4.0] >>>>> at = jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) = ~[?:?] >>>>> at = jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorI= mpl.java:62) ~[?:?] >>>>> at = jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodA= ccessorImpl.java:43) ~[?:?] >>>>> at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?] >>>>> at = org.apache.aries.blueprint.utils.ReflectionUtils.invoke(ReflectionUtils.ja= va:337) [!/:1.10.2] >>>>> at = org.apache.aries.blueprint.container.BeanRecipe.invoke(BeanRecipe.java:835= ) [!/:1.10.2] >>>>> at = org.apache.aries.blueprint.container.BeanRecipe.runBeanProcInit(BeanRecipe= .java:591) [!/:1.10.2] >>>>> at = org.apache.aries.blueprint.container.BeanRecipe.internalCreate2(BeanRecipe= .java:703) [!/:1.10.2] >>>>> at = org.apache.aries.blueprint.container.BeanRecipe.internalCreate(BeanRecipe.= java:666) [!/:1.10.2] >>>>> at = org.apache.aries.blueprint.di.AbstractRecipe$1.call(AbstractRecipe.java:81= ) [!/:1.10.2] >>>>> at java.util.concurrent.FutureTask.run(FutureTask.java:264) = [?:?] >>>>> at = org.apache.aries.blueprint.di.AbstractRecipe.create(AbstractRecipe.java:90= ) [!/:1.10.2] >>>>> at = org.apache.aries.blueprint.container.BlueprintRepository.createInstances(B= lueprintRepository.java:360) [!/:1.10.2] >>>>> at = org.apache.aries.blueprint.container.BlueprintRepository.createAll(Bluepri= ntRepository.java:190) [!/:1.10.2] >>>>> at = org.apache.aries.blueprint.container.BlueprintContainerImpl.instantiateEag= erComponents(BlueprintContainerImpl.java:737) [!/:1.10.2] >>>>> at = org.apache.aries.blueprint.container.BlueprintContainerImpl.doRun(Blueprin= tContainerImpl.java:433) [!/:1.10.2] >>>>> at = org.apache.aries.blueprint.container.BlueprintContainerImpl.run(BlueprintC= ontainerImpl.java:298) [!/:1.10.2] >>>>> at = org.apache.aries.blueprint.container.BlueprintExtender.createContainer(Blu= eprintExtender.java:311) [!/:1.10.2] >>>>> at = org.apache.aries.blueprint.container.BlueprintExtender.createContainer(Blu= eprintExtender.java:280) [!/:1.10.2] >>>>> at = org.apache.aries.blueprint.container.BlueprintExtender.createContainer(Blu= eprintExtender.java:276) [!/:1.10.2] >>>>> at = org.apache.aries.blueprint.container.BlueprintExtender.modifiedBundle(Blue= printExtender.java:266) [!/:1.10.2] >>>>> at = org.apache.aries.util.tracker.hook.BundleHookBundleTracker$Tracked.customi= zerModified(BundleHookBundleTracker.java:500) [!/:1.10.2] >>>>> at = org.apache.aries.util.tracker.hook.BundleHookBundleTracker$Tracked.customi= zerModified(BundleHookBundleTracker.java:433) [!/:1.10.2] >>>>> at = org.apache.aries.util.tracker.hook.BundleHookBundleTracker$AbstractTracked= .track(BundleHookBundleTracker.java:725) [!/:1.10.2] >>>>> at = org.apache.aries.util.tracker.hook.BundleHookBundleTracker$Tracked.bundleC= hanged(BundleHookBundleTracker.java:463) [!/:1.10.2] >>>>> at = org.apache.aries.util.tracker.hook.BundleHookBundleTracker$BundleEventHook= .event(BundleHookBundleTracker.java:422) [!/:1.10.2] >>>>> at = org.apache.felix.framework.util.SecureAction.invokeBundleEventHook(SecureA= ction.java:1179) [org.apache.felix.framework-5.6.12.jar:?] >>>>> at = org.apache.felix.framework.EventDispatcher.createWhitelistFromHooks(EventD= ispatcher.java:730) [org.apache.felix.framework-5.6.12.jar:?] >>>>> at = org.apache.felix.framework.EventDispatcher.fireBundleEvent(EventDispatcher= .java:485) [org.apache.felix.framework-5.6.12.jar:?] >>>>> at = org.apache.felix.framework.Felix.fireBundleEvent(Felix.java:4579) = [org.apache.felix.framework-5.6.12.jar:?] >>>>> at = org.apache.felix.framework.Felix.startBundle(Felix.java:2174) = [org.apache.felix.framework-5.6.12.jar:?] >>>>> at = org.apache.felix.framework.Felix.setActiveStartLevel(Felix.java:1373) = [org.apache.felix.framework-5.6.12.jar:?] >>>>> at = org.apache.felix.framework.FrameworkStartLevelImpl.run(FrameworkStartLevel= Impl.java:308) [org.apache.felix.framework-5.6.12.jar:?] >>>>> at java.lang.Thread.run(Thread.java:834) [?:?] >>>>> Caused by: java.lang.ClassNotFoundException: = org.apache.geronimo.components.jaspi.AuthConfigFactoryImpl not found by = org.apache.geronimo.specs.geronimo-jaspic_1.0_spec [169] >>>>> at = org.apache.felix.framework.BundleWiringImpl.findClassOrResourceByDelegatio= n(BundleWiringImpl.java:1639) ~[?:?] >>>>> at = org.apache.felix.framework.BundleWiringImpl.access$200(BundleWiringImpl.ja= va:80) ~[?:?] >>>>> at = org.apache.felix.framework.BundleWiringImpl$BundleClassLoader.loadClass(Bu= ndleWiringImpl.java:2053) ~[?:?] >>>>> at java.lang.ClassLoader.loadClass(ClassLoader.java:521) = ~[?:?] >>>>> at java.lang.Class.forName0(Native Method) ~[?:?] >>>>> at java.lang.Class.forName(Class.java:398) ~[?:?] >>>>> at = org.apache.geronimo.osgi.locator.ProviderLocator.loadClass(ProviderLocator= .java:195) ~[?:?] >>>>> at = javax.security.auth.message.config.AuthConfigFactory$3.run(AuthConfigFacto= ry.java:68) ~[?:?] >>>>> at java.security.AccessController.doPrivileged(Native = Method) ~[?:?] >>>>> at = javax.security.auth.message.config.AuthConfigFactory.getFactory(AuthConfig= Factory.java:64) ~[?:?] >>>>> ... 62 more >>>>>=20 >>>>>> Grzegorz Grzybek > hat am 18.05.2020 15:24 geschrieben: >>>>>>=20 >>>>>>=20 >>>>>> Hello >>>>>>=20 >>>>>> I have some answer. First, the "http context processing" feature = was mainly >>>>>> tested to "inject" Keycloak authenticator and I mostly tested it = with >>>>>> pax-web-undertow. >>>>>>=20 >>>>>> But I checked how it works with pax-web-jetty in the debugger. >>>>>>=20 >>>>>> The key problem is that when Jetty's SecurityHandler is starting, = it tries >>>>>> to find/discover org.eclipse.jetty.security.LoginService = instance. >>>>>> With default etc/jetty.xml, there are TWO beans with >>>>>> org.eclipse.jetty.jaas.JAASLoginService class and >>>>>> org.eclipse.jetty.security.SecurityHandler#findLoginService() = method does >>>>>> this: >>>>>>=20 >>>>>> else if (list.size() =3D=3D 1) >>>>>> service =3D list.iterator().next(); >>>>>>=20 >>>>>> So I simply made it working by ensuring there's only one >>>>>> org.eclipse.jetty.jaas.JAASLoginService: >>>>>>=20 >>>>>> list =3D {java.util.ArrayList@9544} size =3D 1 >>>>>> 0 =3D {org.eclipse.jetty.jaas.JAASLoginService@9547} >>>>>> "JAASLoginService@7ba67d0b{STARTED}" >>>>>> LOG: org.eclipse.jetty.util.log.Logger =3D >>>>>> {org.eclipse.jetty.util.log.Slf4jLog@9549} >>>>>> "org.ops4j.pax.logging.slf4j.Slf4jLogger@43ea82d7" >>>>>> DEFAULT_ROLE_CLASS_NAME: java.lang.String =3D >>>>>> "org.eclipse.jetty.jaas.JAASRole" >>>>>> DEFAULT_ROLE_CLASS_NAMES: java.lang.String[] =3D >>>>>> {java.lang.String[1]@9551} >>>>>> _roleClassNames: java.lang.String[] =3D = {java.lang.String[2]@9552} >>>>>> _callbackHandlerClass: java.lang.String =3D null >>>>>> _realmName: java.lang.String =3D "karaf" >>>>>> _loginModuleName: java.lang.String =3D "karaf" >>>>>>=20 >>>>>> Now, with your Camel route, I got: >>>>>>=20 >>>>>> $ curl -v http://localhost:8181/camel/api/say/hello = >>>>>> * Trying ::1:8181... >>>>>> * Connected to localhost (::1) port 8181 (#0) >>>>>>> GET /camel/api/say/hello HTTP/1.1 >>>>>>> Host: localhost:8181 >>>>>>> User-Agent: curl/7.69.1 >>>>>>> Accept: */* >>>>>>>=20 >>>>>> * Mark bundle as not supporting multiuse >>>>>> < HTTP/1.1 404 Not Found >>>>>> < Cache-Control: must-revalidate,no-cache,no-store >>>>>> < Content-Type: text/html;charset=3Diso-8859-1 >>>>>> < Content-Length: 456 >>>>>> < Server: Jetty(9.4.22.v20191022) >>>>>> < >>>>>>=20 >>>>>> $ curl -v -u karaf:karaf = http://localhost:8181/camel/api/say/hello = >>>>>> * Trying ::1:8181... >>>>>> * Connected to localhost (::1) port 8181 (#0) >>>>>> * Server auth using Basic with user 'karaf' >>>>>>> GET /camel/api/say/hello HTTP/1.1 >>>>>>> Host: localhost:8181 >>>>>>> Authorization: Basic a2FyYWY6a2FyYWY=3D >>>>>>> User-Agent: curl/7.69.1 >>>>>>> Accept: */* >>>>>>>=20 >>>>>> * Mark bundle as not supporting multiuse >>>>>> < HTTP/1.1 200 OK >>>>>> < Content-Type: application/json >>>>>> < Accept: */* >>>>>> < Authorization: Basic a2FyYWY6a2FyYWY=3D >>>>>> < breadcrumbId: ID-everfree-forest-1589807499756-0-1 >>>>>> < User-Agent: curl/7.69.1 >>>>>> < Transfer-Encoding: chunked >>>>>> < Server: Jetty(9.4.22.v20191022) >>>>>> < >>>>>> * Connection #0 to host localhost left intact >>>>>> "Hello World" >>>>>>=20 >>>>>> In theory it should be possible to grab (in etc/jetty.xml, using >>>>>> element) instance of SecurityHandler and simply set = there the >>>>>> "realmName" property to "Karaf", so even with two different beans = with >>>>>> org.eclipse.jetty.jaas.JAASLoginService class, Jetty would pick = up the >>>>>> right one. But in Pax Web security handler is part of every >>>>>> org.ops4j.pax.web.service.jetty.internal.HttpServiceContext = created and >>>>>> only in Pax Web 8 I'd be able to fix this in more clean way. >>>>>>=20 >>>>>> So, please use only one org.eclipse.jetty.jaas.JAASLoginService = in your >>>>>> etc/jetty.xml >>>>>>=20 >>>>>> regards >>>>>> Grzegorz Grzybek >>>>>>=20 >>>>>> pon., 18 maj 2020 o 10:25 Achim Nierbeck .invalid> >>>>>> napisa=C5=82(a): >>>>>>=20 >>>>>>> Hi, >>>>>>>=20 >>>>>>> I already also answered Gerald in another mail. >>>>>>> I'm not quite sure but what might be an issue, is that the = default >>>>>>> http-context used in his application isn't bound to the = underlying security >>>>>>> realm. >>>>>>> Therefore it's quite a possibility that there needs to be a = configuration >>>>>>> done in his own application, using his own http-Context. >>>>>>>=20 >>>>>>> Can be found here: >>>>>>>=20 >>>>>>> = https://github.com/ops4j/org.ops4j.pax.web/blob/master/samples/authenticat= ion/src/main/java/org/ops4j/pax/web/samples/authentication/internal/Activa= tor.java = >>>>>>>=20 >>>>>>> = https://github.com/ops4j/org.ops4j.pax.web/blob/master/samples/authenticat= ion/src/main/java/org/ops4j/pax/web/samples/authentication/AuthHttpContext= .java = >>>>>>> and here: >>>>>>>=20 >>>>>>> = https://github.com/jgoodyear/ApacheKarafCookbook/blob/master/chapter4/chap= ter4-recipe4/chapter4-recipe4-whiteboard/src/main/java/com/packt/internal/= Activator.java = >>>>>>>=20 >>>>>>> regards, Achim >>>>>>>=20 >>>>>>>=20 >>>>>>> Am Fr., 15. Mai 2020 um 21:06 Uhr schrieb Alex Soto = >>>>>>>> : >>>>>>>=20 >>>>>>>> I=E2=80=99m sorry, I don=E2=80=99t know why it's not working; = it looks correct to me. >>>>>>>> Maybe somebody from the Pax-Web team can help you. >>>>>>>> The only suspicious thing is the warning: >>>>>>>>=20 >>>>>>>> 2020-05-15T18:20:50,256 | WARN | qtp1611313605-201 | = SecurityHandler >>>>>>>> | 229 - org.eclipse.jetty.util - 9.4.22.v20191022 | = No >>>>>>>> authenticator for: {RoleInfo,C[admin],None} >>>>>>>>=20 >>>>>>>>=20 >>>>>>>> Which suggest something is misconfigured. >>>>>>>>=20 >>>>>>>> Best regards, >>>>>>>> Alex soto >>>>>>>>=20 >>>>>>>>=20 >>>>>>>>=20 >>>>>>>>=20 >>>>>>>>> On May 15, 2020, at 2:23 PM, Gerald Kallas = > >>>>>>> wrote: >>>>>>>>>=20 >>>>>>>>> 2020-05-15T18:20:50,256 | WARN | qtp1611313605-201 | = SecurityHandler >>>>>>>> | 229 - org.eclipse.jetty.util - 9.4.22.v20191022 | = No >>>>>>>> authenticator for: {RoleInfo,C[admin],None} >>>>>>>>=20 >>>>>>>>=20 >>>>>>>=20 >>>>>>> -- >>>>>>>=20 >>>>>>> Apache Member >>>>>>> Apache Karaf > Committer & PMC >>>>>>> OPS4J Pax Web > Committer & >>>>>>> Project Lead >>>>>>> blog > >>>>>>> Co-Author of Apache Karaf Cookbook > >>>>>>>=20 >>>=20