Re: camel-jetty + authentication JAAS

Tue, 07 Dec 2010 00:53:41 -0800 

Hi Achim,
Thanks for the trick. I can authenticate my user using LDAP realm deployed on Karaf. Nevertheless, the following error is still there 



09:35:08,655 | DEBUG | 9 - /favicon.ico | 
log                              | .eclipse.jetty.util.log.Slf4jLog   70 
| 61 - org.eclipse.jetty.util - 7.1.6.v20100715 | REQUEST /favicon.ico 
on org.eclipse.jetty.server.nio.selectchannelconnecto...@2ad7532
09:35:08,662 | WARN  | 9 - /favicon.ico | 
log                              | .eclipse.jetty.util.log.Slf4jLog   40 
| 61 - org.eclipse.jetty.util - 7.1.6.v20100715 | /favicon.ico: 
java.lang.NullPointerException
09:35:08,662 | DEBUG | 9 - /favicon.ico | 
log                              | .eclipse.jetty.util.log.Slf4jLog   80 
| 61 - org.eclipse.jetty.util - 7.1.6.v20100715 | EXCEPTION

java.lang.NullPointerException

    at 
org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:489)[68:org.eclipse.jetty.security:7.1.6.v20100715]
    at 
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:113)[67:org.eclipse.jetty.server:7.1.6.v20100715]
    at 
org.eclipse.jetty.server.Server.handle(Server.java:347)[67:org.eclipse.jetty.server:7.1.6.v20100715]
    at 
org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:594)[67:org.eclipse.jetty.server:7.1.6.v20100715]
    at 
org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:1042)[67:org.eclipse.jetty.server:7.1.6.v20100715]
    at 
org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:549)[63:org.eclipse.jetty.http:7.1.6.v20100715]
    at 
org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:211)[63:org.eclipse.jetty.http:7.1.6.v20100715]
    at 
org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:424)[67:org.eclipse.jetty.server:7.1.6.v20100715]
    at 
org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:506)[62:org.eclipse.jetty.io:7.1.6.v20100715]
    at 
org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:436)[61:org.eclipse.jetty.util:7.1.6.v20100715]

    at java.lang.Thread.run(Thread.java:680)[:1.6.0_22]


after the authentication and the camel route does not receive any exchange.


When looking to the SecurityHandler class of eclipse jetty, the NPE can 
come from the fact that the IdentityService cannot be removed because it 
has not been created (see error hereunder)



09:34:42,508 | DEBUG | ExtenderThread-2 | 
log                              | .eclipse.jetty.util.log.Slf4jLog   80 
| 61 - org.eclipse.jetty.util - 7.1.6.v20100715 | EXCEPTION
java.lang.IllegalStateException: No IdentityService for 
org.eclipse.jetty.security.authentication.basicauthentica...@25d3e3f3 in 
constraintsecurityhand...@32ecabac
    at 
org.eclipse.jetty.security.authentication.LoginAuthenticator.setConfiguration(LoginAuthenticator.java:37)[68:org.eclipse.jetty.security:7.1.6.v20100715]
    at 
org.eclipse.jetty.security.SecurityHandler.doStart(SecurityHandler.java:333)[68:org.eclipse.jetty.security:7.1.6.v20100715]


Regards,

Charles

On 06/12/10 19:06, Achim Nierbeck wrote:

Hi, maybe it has something todo the way the JAAS Login of jetty works.
to get the standard Jetty-Jaas configuration to work you have to make
the following
configuration in the jetty.xml

<Call name="addBean">
       <Arg>
         <New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
           <Set name="name">karaf</Set>
           <Set name="loginModuleName">karaf</Set>
           <Set name="roleClassNames">
             <Array type="java.lang.String">
               <Item>org.apache.karaf.jaas.modules.RolePrincipal</Item>
             </Array>
           </Set>
         </New>
       </Arg>
     </Call>

The important part is, that you have to configure the roleClass Name, if
this
one isn't provided you end up in strange Exceptions, because the classes
are instantiated using reflection.
When looking for this issue I was able to login also and did get an
exception afterwards.

Greetings, Achim


Hi,

I try to use JAAS authentication within a camel route using
SecurityHandler of Jetty

<bean id="loginService"
class="org.eclipse.jetty.plus.jaas.JAASLoginService">
<property name="name" value="karaf" />
<property name="loginModuleName" value="karaf" />
</bean>

<bean id="constraint" class="org.eclipse.jetty.http.security.Constraint">
<property name="name" value="BASIC"/>
<property name="roles" value="admin"/>
<property name="authenticate" value="true"/>
</bean>

<bean id="constraintMapping"
class="org.eclipse.jetty.security.ConstraintMapping">
<property name="constraint" ref="constraint"/>
<property name="pathSpec" value="/*"/>
</bean>

<bean id="securityHandler"
class="org.eclipse.jetty.security.ConstraintSecurityHandler">
<property name="authenticator">
<bean
class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
</property>
<property name="constraintMappings">
<list>
<ref bean="constraintMapping"/>
</list>
</property>
<property name="loginService" ref="loginService" />
<property name="strict" value="false" />
</bean>

<camelContext trace="true" xmlns="http://camel.apache.org/schema/spring";>
<route>
<from
uri="jetty:http://localhost:8080/services?handlers=securityHandler"/>
<bean ref="responseBean"/>
<to
uri="log:org.apache.camel.ldap?level=INFO&amp;showAll=true&amp;multiline=true"/>
</route>
</camelContext>

The authentication works fine (I can provide the username + passord in
the prompt) except that after I get a NPE exception and camel-jetty
endpoint is not able to get any exchange
11:34:17,243 | WARN  | -55 - /services/ |
log                              | .eclipse.jetty.util.log.Slf4jLog
40 | 61 - org.eclipse.jetty.util - 7.1.6.v20100715 | /services/:
java.lang.NullPointerException
11:34:17,243 | DEBUG | -55 - /services/ |
log                              | .eclipse.jetty.util.log.Slf4jLog
80 | 61 - org.eclipse.jetty.util - 7.1.6.v20100715 | EXCEPTION
java.lang.NullPointerException
     at
org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:489)[68:org.eclipse.jetty.security:7.1.6.v20100715]
     at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:113)[67:org.eclipse.jetty.server:7.1.6.v20100715]
     at
org.eclipse.jetty.server.Server.handle(Server.java:347)[67:org.eclipse.jetty.server:7.1.6.v20100715]
     at
org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:594)[67:org.eclipse.jetty.server:7.1.6.v20100715]
     at
org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:1042)[67:org.eclipse.jetty.server:7.1.6.v20100715]
     at
org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:549)[63:org.eclipse.jetty.http:7.1.6.v20100715]
     at
org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:211)[63:org.eclipse.jetty.http:7.1.6.v20100715]
     at
org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:424)[67:org.eclipse.jetty.server:7.1.6.v20100715]
     at
org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:506)[62:org.eclipse.jetty.io:7.1.6.v20100715]
     at
org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:436)[61:org.eclipse.jetty.util:7.1.6.v20100715]
     at java.lang.Thread.run(Thread.java:680)[:1.6.0_22]

Any idea is welcome ?

Regards,

Charles






















					Reply via email to