As I configure the camelServlet using a Servlet Activator, I will follow
the way of OSGI and
org.osgi.service.http.HttpContext
Do you suggest to call JAAS or to register the handlers required by
Jetty in the osgi servlet?
On 20/12/10 14:59, Guillaume Nodet wrote:
On Mon, Dec 20, 2010 at 14:42, Charles Moulliard<[email protected]> wrote:
Hi,
I would like to start a discussion around the following point as it does not
seem obvious to find an answer. To authenticate a HTTP user with camel on
Karaf we can use the component camel-jetty and camel-servlet. Jetty + JAAS +
camel can be easily configured using Spring beans + securityHandler with
camel but this does not seem the case with camel-servlet.
The component camel-servlet does not accept as parameter a handler(s) for
Jetty. This is normal as camel can be deployed in different Application
Servers which are not build with Jetty. So what alternative(s) exist to
configure camel-servlet with Jetty + JAAS on Karaf ? Using jetty.xml (in etc
folder) but how to link camel servlet with jetty security handler ?
Unless I'm wrong, when you use camel-servlet, you're responsible for
setting up the CamelHttpTransportServlet servlet.
In OSGi, it could be done either using a standard web application
(deployed using the war support), or directly using the OSGi HTTP
service. In the former case, you'd have to configure the web.xml for
security. In the latter case, you need to use the OSGi HTTP service
api to properly configure the security bits (by implementing
org.osgi.service.http.HttpContext interface).
I agree we could have an example of showing the last way in camel .
Configuring the war for security isn't specific to OSGi or Camel fwiw.
Regards,
Charles
