Re: HTTP_BASIC authentication doesn't work in GAE

[Patrizio Munzi]

Hello, Ok I understand, however that was the only way I managed to make it work in M4. And It worked without any intercalated "/". Is that strange? BR     Patrizio Thierry Boileau wrote: Hello Patrizio, I notice that the guarder router add another level in the hierarchy of the URIs, because it attaches the authenticator to the segment "/". Router guardedRouter = new Router(getContext()); guardedRouter.attach("/", authenticator); The consequence is that you need to intercalate a "/" in your URI hierarchy : http://example.com//myresource. So either the guarder router attaches the authenticator using the "attachDefault" method, either you simply return the authenticator. best regards, Thierry Boileau Hi Jerome, thanks for the snippet. My error was returning the guarded router instead of the authenticator. That way worked in M4 outside GAE/J. Anyway I just verified that everything works fine. Do you know when M5 will be released?? Thanks again. Jerome Louvel wrote: Hi Patrizio,  Thierry just did a test with the latest snapshot and HTTP BASIC authentication does work. Here is attached a quick code snippet that he wrote based on your code sample.  Best regards, Jerome Louvel -- Restlet ~ Founder and Lead developer ~ http://www.restlet.org <http://www.restlet.org/> Noelios Technologies ~ Co-founder ~ http://www.noelios.com <http://www.noelios.com/>     *De :* Patrizio Munzi [mailto:patrizio.mu...@eris4.com] *Envoyé :* mardi 20 octobre 2009 09:27 *À :* discuss@restlet.tigris.org *Objet :* Re: HTTP_BASIC authentication doesn't work in GAE  Hi Jerome, did you miss my last mail..?? I'm having trouble attaching the authenticator with the new snapshot. Regards Patrizio Munzi wrote: Hi Jerome, I'm trying to test latest snapshot but I'm not able anymore to attach an authenticator to my router. Using the same snippet as before: --------------- public Restlet createRoot() { // Create a router Restlet that defines routes. Router router = new Router(getContext()); // Defines a route for the resource "list of items" router.attach("/addcall", CallResource.class); router.attach("/addsms", SMSResource.class); ChallengeAuthenticator authenticator = new ChallengeAuthenticator(getContext(), ChallengeScheme.HTTP_BASIC, "com.eris4.warp4.callfriends.server.restlet"); MapVerifier verifier = new MapVerifier(); verifier.getLocalSecrets().put("callFriends", "callFriends".toCharArray()); authenticator.setVerifier(verifier); authenticator.setNext(router); Router guardedRouter = new Router(getContext()); guardedRouter.attach("/", authenticator); return guardedRouter; } ------------- I get a Resource not found from the client. Has something changed on guarding mechanism..?? Please let me know so that I can go further. BR Jerome Louvel wrote: Hi Patrizio,  We recently moved all JAAS dependencies from Restlet Core to a JAAS extension. This should solve your issue. Could you test with a recent 2.0 snapshot and let us know?  Best regards, Jerome Louvel -- Restlet ~ Founder and Lead developer ~ http://www.restlet.org Noelios Technologies ~ Co-founder ~ http://www.noelios.com   Patrizio Munzi a écrit :  Ok, thank you.  Thierry Boileau wrote:    Hello Patrizio,  I've entered a new issue for this problem : http://restlet.tigris.org/issues/show_bug.cgi?id=893. Thanks for your report.  Best regards, Thierry Boileau         Hi everybody,  I think I've found a problem of Restlet Authentication mechanism with GAE.  I have got this simple guard: --------------------------    public Restlet createRoot() {         // Create a router Restlet that defines routes.         Router router = new Router(getContext());         // Defines a route for the resource "list of items"         router.attach("/addcall", CallResource.class);         router.attach("/addsms", SMSResource.class);         ChallengeAuthenticator authenticator = new ChallengeAuthenticator(getContext(), ChallengeScheme.HTTP_BASIC, "com.eris4.warp4.callfriends.server.restlet");        MapVerifier verifier = new MapVerifier();        verifier.getSecrets().put("callFriends", "callFriends".toCharArray());        authenticator.setVerifier(verifier);        authenticator.setNext(router);               Router guardedRouter = new Router(getContext());        guardedRouter.attach("/", authenticator);               return guardedRouter;    } --------------------------  and this simple client: --------------------------    public static void main(String[] args) throws ResourceException {        //       Client client = new Client(new Context(), Protocol.HTTP);         //       client.getContext().getParameters().add("converter", "com.noelios.restlet.http.HttpClientConverter");         Engine.getInstance().getRegisteredClients().add(new HttpClientHelper(null));        Client client = new Client(Protocol.HTTP);        Status resultStatus = null;        try {            Form form = new Form();             form.add("param1", "1");            Representation callRepresentation = form.getWebRepresentation();             Request request = new Request(Method.POST, url);            ChallengeResponse authentication = new ChallengeResponse(ChallengeScheme.HTTP_BASIC, "login", "psw");            request.setChallengeResponse(authentication);             request.setEntity(callRepresentation);            Response response = client.handle(request);            resultStatus = response.getStatus();        } catch (Throwable t) {            System.err.println("Exception: " + t);        }         } --------------------------  and GAE side I get the following exception: -------------------------- SEVERE: Unhandled exception or error intercepted java.security.AccessControlException: access denied (javax.security.auth.AuthPermission modifyPrincipals)    at java.security.AccessControlContext.checkPermission(Unknown Source)    at java.security.AccessController.checkPermission(Unknown Source)    at java.lang.SecurityManager.checkPermission(Unknown Source)    at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:139)    at javax.security.auth.Subject$SecureSet.add(Unknown Source)    at java.util.Collections$SynchronizedCollection.add(Unknown Source)    at org.restlet.security.SecretVerifier.verify(SecretVerifier.java:114)    at org.restlet.security.ChallengeAuthenticator.authenticate(ChallengeAuthenticator.java:134)    at org.restlet.security.Authenticator.beforeHandle(Authenticator.java:107)    at org.restlet.routing.Filter.handle(Filter.java:199)    at org.restlet.routing.Filter.doHandle(Filter.java:156)    at org.restlet.routing.Filter.handle(Filter.java:201)    at org.restlet.routing.Router.doHandle(Router.java:321)    at org.restlet.routing.Router.handle(Router.java:520)    at org.restlet.routing.Filter.doHandle(Filter.java:156)    at org.restlet.routing.Filter.handle(Filter.java:201)    at org.restlet.routing.Filter.doHandle(Filter.java:156)    at org.restlet.routing.Filter.handle(Filter.java:201)    at org.restlet.routing.Filter.doHandle(Filter.java:156)    at org.restlet.engine.application.StatusFilter.doHandle(StatusFilter.java:152)    at org.restlet.routing.Filter.handle(Filter.java:201)    at org.restlet.routing.Filter.doHandle(Filter.java:156)    at org.restlet.routing.Filter.handle(Filter.java:201)    at org.restlet.engine.ChainHelper.handle(ChainHelper.java:111)    at org.restlet.engine.application.ApplicationHelper.handle(ApplicationHelper.java:72)    at org.restlet.Application.handle(Application.java:344)    at org.restlet.routing.Filter.doHandle(Filter.java:156)    at org.restlet.routing.Filter.handle(Filter.java:201)    at org.restlet.routing.Router.doHandle(Router.java:321)    at org.restlet.routing.Router.handle(Router.java:520)    at org.restlet.routing.Filter.doHandle(Filter.java:156)    at org.restlet.routing.Filter.handle(Filter.java:201)    at org.restlet.routing.Router.doHandle(Router.java:321)    at org.restlet.routing.Router.handle(Router.java:520)    at org.restlet.routing.Filter.doHandle(Filter.java:156)    at org.restlet.routing.Filter.handle(Filter.java:201)    at org.restlet.engine.ChainHelper.handle(ChainHelper.java:111)    at org.restlet.Component.handle(Component.java:403)    at org.restlet.Server.handle(Server.java:350)    at org.restlet.engine.ServerHelper.handle(ServerHelper.java:71)    at org.restlet.engine.http.HttpServerHelper.handle(HttpServerHelper.java:149)    at org.restlet.ext.servlet.ServerServlet.service(ServerServlet.java:967)    at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)    at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487)    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1093)    at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43)    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)    at com.google.appengine.tools.development.StaticFileFilter.doFilter(StaticFileFilter.java:121)    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)    at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360)    at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)    at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)    at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:712)    at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405)    at com.google.apphosting.utils.jetty.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:54)    at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139)    at com.google.appengine.tools.development.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:313)    at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139)    at org.mortbay.jetty.Server.handle(Server.java:313)    at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:506)    at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:844)    at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:644)    at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:205)    at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:381)    at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:396)    at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:442) -----------------------  has anybody any idea on how I can work around this??? Is it a bug??  Thanks  ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2392516 <http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2392516>              ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2393621 <http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2393621>         --  *Patrizio Munzi* Product Specialist Viale Bruno Buozzi, 19 - 00197 Roma (Italy) tel: +39 06 4543 3540 fax: +39 06 4543 3587 mobile: +39 393 7195 164 mail: patrizio.mu...@eris4.com <mailto:patrizio.mu...@eris4.com> <mailto:patrizio.mu...@eris4.com> web: http://www.eris4.com <http://www.eris4.com/> skype: eris4_munzi <skype:eris4_munzi?add>      ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2407600 <http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2407600>    -- *Patrizio Munzi* Product Specialist Viale Bruno Buozzi, 19 - 00197 Roma (Italy) tel: +39 06 4543 3540 fax: +39 06 4543 3587 mobile: +39 393 7195 164 mail: patrizio.mu...@eris4.com <mailto:patrizio.mu...@eris4.com> web: http://www.eris4.com <http://www.eris4.com/> skype: eris4_munzi <skype:eris4_munzi?add>  -- *Patrizio Munzi* Product Specialist Viale Bruno Buozzi, 19 - 00197 Roma (Italy) tel: +39 06 4543 3540 fax: +39 06 4543 3587 mobile: +39 393 7195 164 mail: patrizio.mu...@eris4.com <mailto:patrizio.mu...@eris4.com> web: http://www.eris4.com <http://www.eris4.com/> skype: eris4_munzi <skype:eris4_munzi?add> -- *Patrizio Munzi* Product Specialist Viale Bruno Buozzi, 19 - 00197 Roma (Italy) tel: +39 06 4543 3540 fax: +39 06 4543 3587 mobile: +39 393 7195 164 mail: patrizio.mu...@eris4.com <mailto:patrizio.mu...@eris4.com> web: http://www.eris4.com <http://www.eris4.com/> skype: eris4_munzi <skype:eris4_munzi?add> ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2410099 -- Patrizio Munzi Product Specialist Viale Bruno Buozzi, 19 - 00197 Roma (Italy) tel: +39 06 4543 3540 fax: +39 06 4543 3587 mobile: +39 393 7195 164 mail: patrizio.mu...@eris4.com web: http://www.eris4.com skype: eris4_munzi