[ https://issues.apache.org/jira/browse/CAMEL-5952?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13550946#comment-13550946 ]
Charles Moulliard commented on CAMEL-5952: ------------------------------------------ Here is the trick tobe done when we detect that we get something from CXF, .... {code} protected Authentication convertToAuthentication(Subject subject) { Authentication answer = null; for (Principal principal : subject.getPrincipals()) { if (principal instanceof WSUsernameTokenPrincipal) { WSUsernameTokenPrincipal ut = (WSUsernameTokenPrincipal) principal; answer = new UsernamePasswordAuthenticationToken(ut.getName(), ut.getPassword()); break; } } return answer; } } {code} > Even if we retrieve a javax.security.auth.Subject from Exchange message, the > authentication fails > ------------------------------------------------------------------------------------------------- > > Key: CAMEL-5952 > URL: https://issues.apache.org/jira/browse/CAMEL-5952 > Project: Camel > Issue Type: Bug > Affects Versions: 2.11.0 > Environment: camel-spring-security > Reporter: Charles Moulliard > Assignee: Willem Jiang > Attachments: Screen Shot 2013-01-10 at 18.20.48.png > > > When we would like to authenticate a user using camel-spring-security & > camel-cxf, we get the following message even if we have been able to retrieve > a Subject from CamelExchange (see screenshot). > {code} > Class SpringSecurityPolicyAutorization > ... > protected Authentication getAuthentication(Message message) { > Subject subject = message.getHeader(Exchange.AUTHENTICATION, > Subject.class); // NOT NULL - SEE SCREENSHOT > Authentication answer = null; > if (subject != null) { > answer = getAuthenticationAdapter().toAuthentication(subject); > } > > // ANSWER IS NULL as the following code return null in > DefaultAuthenticationAdapter > public Authentication toAuthentication(Subject subject) { > if (subject == null || subject.getPrincipals().size() == 0) { > return null; > } > Set<Authentication> authentications = > subject.getPrincipals(Authentication.class); > > // IN OUR CASE, the Set size is equal to zero > if (authentications.size() > 0) { > // just return the first one > return authentications.iterator().next(); > } else { > return convertToAuthentication(subject); > } > } > /** > * You can add the customer convert code here > */ > protected Authentication convertToAuthentication(Subject subject) { > return null; > } > {code} > Camel Route Config > {code} > <?xml version="1.0" encoding="UTF-8"?> > <beans xmlns="http://www.springframework.org/schema/beans" > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" > xmlns:cxf="http://camel.apache.org/schema/cxf" > xmlns:spring-security="http://www.springframework.org/schema/security" > xsi:schemaLocation=" > http://www.springframework.org/schema/beans > http://www.springframework.org/schema/beans/spring-beans.xsd > http://www.springframework.org/schema/security > http://www.springframework.org/schema/security/spring-security.xsd > http://camel.apache.org/schema/spring > http://camel.apache.org/schema/spring/camel-spring.xsd > http://camel.apache.org/schema/spring-security > > http://camel.apache.org/schema/spring-security/camel-spring-security.xsd > http://camel.apache.org/schema/cxf > http://camel.apache.org/schema/cxf/camel-cxf.xsd"> > <bean id="accessDecisionManager" > class="org.springframework.security.access.vote.AffirmativeBased"> > <property name="allowIfAllAbstainDecisions" value="true"/> > <property name="decisionVoters"> > <list> > <bean > class="org.springframework.security.access.vote.RoleVoter"/> > </list> > </property> > </bean> > <spring-security:authentication-manager alias="authenticationManager"> > <spring-security:authentication-provider > user-service-ref="userDetailsService"/> > </spring-security:authentication-manager> > <spring-security:user-service id="userDetailsService"> > <spring-security:user name="jim" password="jimspassword" > authorities="ROLE_USER, ROLE_ADMIN"/> > <spring-security:user name="charles" password="charlespassword" > authorities="ROLE_USER, ROLE_ADMIN"/> > <spring-security:user name="bob" password="bobspassword" > authorities="ROLE_USER"/> > </spring-security:user-service> > <authorizationPolicy id="admin" access="ROLE_ADMIN" > authenticationManager="authenticationManager" > accessDecisionManager="accessDecisionManager" > > xmlns="http://camel.apache.org/schema/spring-security"/> > <cxf:cxfEndpoint id="WS" > address="http://localhost:9090/training/WebService" > serviceClass="com.fusesource.training.CustomerService"> > <cxf:outInterceptors> > <ref bean="loggingOutInterceptor"/> > </cxf:outInterceptors> > <cxf:inInterceptors> > <ref bean="loggingInInterceptor"/> > <ref bean="wss4jInInterceptor"/> > </cxf:inInterceptors> > </cxf:cxfEndpoint> > <bean id="loggingOutInterceptor" > class="org.apache.cxf.interceptor.LoggingOutInterceptor"/> > <bean id="loggingInInterceptor" > class="org.apache.cxf.interceptor.LoggingInInterceptor"/> > <bean id="wss4jInInterceptor" > class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> > <constructor-arg> > <map> > <entry key="action" value="UsernameToken Timestamp"/> > <entry key="passwordType" value="PasswordDigest"/> > <entry key="passwordCallbackClass" > value="com.fusesource.training.camel.UTPasswordCallback"/> > </map> > </constructor-arg> > </bean> > <camelContext trace="false" xmlns="http://camel.apache.org/schema/spring"> > <route id="cxf-to-client"> > <from uri="cxf:bean:WS"/> > <policy ref="admin"> > <log message=">>> SOAP Action : ${in.header.SOAPAction}"/> > </policy> > </route> > </camelContext> > </beans> > {code} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira