Thanks, JB.
I found the problem was, a typo in the `realm-name` in the web.xml file. It
appears to be case-sensitive. I had:
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Karaf</realm-name>
</login-config>
But in the jetty.xml:
<New class="org.eclipse.jetty.jaas.JAASLoginService">
<Set name="name">karaf</Set>
So I think it could not match the `Karaf` in the Web.xml to the `karaf` in the
Jetty.xml.
I wish the error message was more explicit. Anyway, now the web app is
properly initialized, BUT… the security constraint is not being applied to my
Camel Rest services, only to the ‘/admin’. URL.
For example:
http://localhost:8181/admin/api/rest/executions
<http://localhost:8181/admin/api/rest/executions>
Does not prompt for a password, it successfully returns the data from the Camel
Rest DSL route. And this url
http://localhost:8181/admin <http://localhost:8181/admin>
is protected with basic authentication, so the browser prompts me for the user
name and password.
What I need is protect everything starting with '/admin’
Any ideas?
Best regards,
Alex soto
> On May 12, 2020, at 11:24 AM, Jean-Baptiste Onofre <[email protected]> wrote:
>
> Hi,
>
> It sounds like a class loader issue, so possible.
>
> Let me add an example in Karaf showing basic auth.
>
> Regards
> JB
>
>> Le 12 mai 2020 à 15:39, Alex Soto <[email protected]
>> <mailto:[email protected]>> a écrit :
>>
>> I found that I have multiple versions of Jetty deployed in Karaf, that is:
>> 9.4.20.v20190813, and 9.4.22.v20191022
>> Would this be the reason for the following exception:
>>
>> 2020-05-12T09:10:19,122 | ERROR | paxweb-extender-2-thread-1 |
>> WebAppPublisher | 302 -
>> org.ops4j.pax.web.pax-web-extender-war - 7.2.14 | Error deploying web
>> application
>> java.lang.IllegalStateException: No LoginService for
>> org.eclipse.jetty.security.authentication.BasicAuthenticator@1d7311a1 in
>> ConstraintSecurityHandler@64779d1e{STARTING}
>> at
>> org.eclipse.jetty.security.authentication.LoginAuthenticator.setConfiguration(LoginAuthenticator.java:92)
>> ~[?:?]
>> at
>> org.eclipse.jetty.security.SecurityHandler.doStart(SecurityHandler.java:344)
>> ~[?:?]
>> at
>> org.eclipse.jetty.security.ConstraintSecurityHandler.doStart(ConstraintSecurityHandler.java:419)
>> ~[?:?]
>> at
>> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
>> ~[?:?]
>> at
>> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
>> ~[?:?]
>> at
>> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:110)
>> ~[?:?]
>> at
>> org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:106)
>> ~[?:?]
>> at
>> org.eclipse.jetty.server.handler.ScopedHandler.doStart(ScopedHandler.java:120)
>> ~[?:?]
>> at
>> org.eclipse.jetty.server.session.SessionHandler.doStart(SessionHandler.java:504)
>> ~[?:?]
>> at
>> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
>> ~[?:?]
>> at
>> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
>> ~[?:?]
>> at
>> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:110)
>> ~[?:?]
>> at
>> org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:106)
>> ~[?:?]
>> at
>> org.eclipse.jetty.server.handler.ScopedHandler.doStart(ScopedHandler.java:120)
>> ~[?:?]
>> at
>> org.eclipse.jetty.server.handler.ContextHandler.startContext(ContextHandler.java:879)
>> ~[?:?]
>> at
>> org.eclipse.jetty.servlet.ServletContextHandler.startContext(ServletContextHandler.java:357)
>> ~[?:?]
>> at
>> org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.startContext(HttpServiceContext.java:396)
>> ~[?:?]
>> at
>> org.eclipse.jetty.server.handler.ContextHandler.doStart(ContextHandler.java:821)
>> ~[?:?]
>> at
>> org.eclipse.jetty.servlet.ServletContextHandler.doStart(ServletContextHandler.java:276)
>> ~[?:?]
>> at
>> org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doStart(HttpServiceContext.java:272)
>> ~[?:?]
>> at
>> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
>> ~[?:?]
>> at
>> org.ops4j.pax.web.service.jetty.internal.JettyServerImpl$1.start(JettyServerImpl.java:329)
>> ~[?:?]
>> at
>> org.ops4j.pax.web.service.internal.HttpServiceStarted.end(HttpServiceStarted.java:1264)
>> ~[?:?]
>> at
>> org.ops4j.pax.web.service.internal.HttpServiceProxy.end(HttpServiceProxy.java:456)
>> ~[?:?]
>> at
>> org.ops4j.pax.web.extender.war.internal.RegisterWebAppVisitorWC.end(RegisterWebAppVisitorWC.java:405)
>> ~[?:?]
>> at
>> org.ops4j.pax.web.extender.war.internal.model.WebApp.accept(WebApp.java:658)
>> ~[?:?]
>> at
>> org.ops4j.pax.web.extender.war.internal.WebAppPublisher$WebAppDependencyListener.register(WebAppPublisher.java:228)
>> ~[?:?]
>> at
>> org.ops4j.pax.web.extender.war.internal.WebAppPublisher$WebAppDependencyListener.addingService(WebAppPublisher.java:173)
>> ~[?:?]
>> at
>> org.ops4j.pax.web.extender.war.internal.WebAppPublisher$WebAppDependencyListener.addingService(WebAppPublisher.java:129)
>> ~[?:?]
>> at
>> org.osgi.util.tracker.ServiceTracker$Tracked.customizerAdding(ServiceTracker.java:941)
>> ~[osgi.core-6.0.0.jar:?]
>> at
>> org.osgi.util.tracker.ServiceTracker$Tracked.customizerAdding(ServiceTracker.java:870)
>> ~[osgi.core-6.0.0.jar:?]
>> at
>> org.osgi.util.tracker.AbstractTracked.trackAdding(AbstractTracked.java:256)
>> ~[osgi.core-6.0.0.jar:?]
>> at
>> org.osgi.util.tracker.AbstractTracked.trackInitial(AbstractTracked.java:183)
>> ~[osgi.core-6.0.0.jar:?]
>> at org.osgi.util.tracker.ServiceTracker.open(ServiceTracker.java:318)
>> ~[osgi.core-6.0.0.jar:?]
>> at org.osgi.util.tracker.ServiceTracker.open(ServiceTracker.java:261)
>> ~[osgi.core-6.0.0.jar:?]
>> at
>> org.ops4j.pax.web.extender.war.internal.WebAppPublisher.publish(WebAppPublisher.java:98)
>> ~[?:?]
>> at
>> org.ops4j.pax.web.extender.war.internal.WebObserver.deploy(WebObserver.java:217)
>> ~[?:?]
>> at
>> org.ops4j.pax.web.extender.war.internal.WebObserver$1.doStart(WebObserver.java:172)
>> ~[?:?]
>> at
>> org.ops4j.pax.web.extender.war.internal.extender.SimpleExtension.start(SimpleExtension.java:59)
>> ~[?:?]
>> at
>> org.ops4j.pax.web.extender.war.internal.extender.AbstractExtender.lambda$createExtension$0(AbstractExtender.java:277)
>> ~[?:?]
>> at
>> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
>> [?:1.8.0_171]
>> at java.util.concurrent.FutureTask.run(FutureTask.java:266)
>> [?:1.8.0_171]
>> at
>> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180)
>> [?:1.8.0_171]
>> at
>> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
>> [?:1.8.0_171]
>> at
>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
>> [?:1.8.0_171]
>> at
>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
>> [?:1.8.0_171]
>> at java.lang.Thread.run(Thread.java:748) [?:1.8.0_171]
>>
>>
>>
>>
>> Best regards,
>> Alex soto
>>
>>
>>
>>
>>> On May 11, 2020, at 12:50 PM, Alex Soto <[email protected]
>>> <mailto:[email protected]>> wrote:
>>>
>>> A little more info. The class appears in many bundles:
>>>
>>>
>>> karaf@root()> bundle:find-class
>>> org.eclipse.jetty.security.authentication.BasicAuthenticator
>>>
>>> Jetty :: Security (229)
>>> org/eclipse/jetty/security/authentication/BasicAuthenticator.class
>>>
>>> Jetty :: Security (230)
>>> org/eclipse/jetty/security/authentication/BasicAuthenticator.class
>>>
>>> Jetty :: JASPI Security (231)
>>> org/eclipse/jetty/security/authentication/BasicAuthenticator.class
>>>
>>> Jetty :: JASPI Security (232)
>>> org/eclipse/jetty/security/authentication/BasicAuthenticator.class
>>>
>>> OPS4J Pax Web - Jetty (309)
>>> org/eclipse/jetty/security/authentication/BasicAuthenticator.class
>>>
>>>
>>>
>>>
>>> Best regards,
>>> Alex soto
>>>
>>>
>>>
>>>
>>>> On May 11, 2020, at 12:44 PM, Alex Soto <[email protected]
>>>> <mailto:[email protected]>> wrote:
>>>>
>>>> org.eclipse.jetty.security.authentication.BasicAuthenticator
>>>
>>
>
