How to create a ldap restletRealm to manage restlet route authentication using LDAP

Wed, 23 Jul 2014 08:37:48 -0700 

I have a Camel application which using camel-restlet for web service calls. 
now I want to add ldap authentication for restlet calls.  tried couple of
options with camel-restlet realm,  LdapVerifier using
ChallengeAuthenticator.  can not make it work!  need help?  Thanks

I am able to add LDAP authentication to restlet by using LDAP SecretVerifer. 
but if the restlet call is wrapped by Camel route (using
org.apache.camel.component.restlet.MethodBasedRoute). The SecretVerifer did
not triggered.

Here are some codes and config:
web.xml:

    <servlet>
      <servlet-name>RestletServlet</servlet-name>
     
<servlet-class>org.restlet.ext.spring.SpringServerServlet</servlet-class>
      <init-param>
        <param-name>org.restlet.component</param-name>
        <param-value>RestletComponent</param-value>
      </init-param>
        </servlet>
    <servlet-mapping>
      <servlet-name>RestletServlet</servlet-name>
      <url-pattern>/*</url-pattern>
    </servlet-mapping>

CamelContext.xml

    <bean id="RestletComponent" class="org.restlet.Component">
        <property name="defaultHost" ref="defaultHost" />
    </bean>
    
    <bean id="challengeAuthenticator"
class="org.restlet.security.ChallengeAuthenticator">
        <constructor-arg><null /></constructor-arg>
        
        <constructor-arg value="#{
T(org.restlet.data.ChallengeScheme).HTTP_BASIC }" />
        <constructor-arg value="restletRealm" />
        <property name="verifier" ref="ldapVerifer" />
         <property name="next" ref="application" /> 
    </bean>
    
    <bean id="defaultHost" class="org.restlet.ext.spring.SpringHost">
        <constructor-arg ref="RestletComponent" />
        <property name="defaultAttachment" ref="challengeAuthenticator" />
    </bean>
    
    
    <bean id="application" class="org.restlet.Application">
        
        <property name="inboundRoot" ref="router" />
    </bean>


    
    <bean id="router" class="org.restlet.ext.spring.SpringRouter">
        <property name="attachments">
            <map>
                <entry key="/user/{name}">
                         <bean class="org.restlet.ext.spring.SpringFinder">
                            <lookup-method name="create" 
bean="userServerResource"
/>
                        </bean>
                </entry>
            </map>
        </property>
    </bean>

    <bean id="RestletComponentService" 
class="org.apache.camel.component.restlet.RestletComponent">
    <constructor-arg ref="RestletComponent" />
    </bean>

LdapVerifer.java

    @Service(value="ldapVerifer")
    public class LdapVerifer extends SecretVerifier {

        @Autowired
        private AuthenticationManager authenticationManager;
        
        private static final Logger logger = LoggerFactory
                        .getLogger(LdapVerifer.class);
        
        @Override
        public int verify(String userName, char[] password) 
        {
                
                logger.debug("Start authenticating login user : " + userName);
                long startTime = System.currentTimeMillis();
                
                StringBuffer pd = new StringBuffer();
        
                for(int i = 0; i < password.length; i++){
                    pd.append(password[i]);
                }
                try {
                Authentication authenticate =
authenticationManager.authenticate(new   
UsernamePasswordAuthenticationToken(userName, pd.toString()));
                if (authenticate.isAuthenticated()) 
                {
                   
SecurityContextHolder.getContext().setAuthentication(authenticate);
                    long endTime = System.currentTimeMillis();
                                logger.debug ("Authentication for login user " 
+ userName + "
succeed. the    process time is: "  + (endTime - startTime) + "
milliseconds");
                                return RESULT_VALID;
                }
            }
            catch (AuthenticationException e) 
            {
                logger.error("Failed to authenticate login user: " + userName, 
e);
            }
                return RESULT_VALID;
    }


Here is the output for restlet routings:

    Jul 23, 2014 10:05:44 AM org.apache.catalina.core.ApplicationContext log
    INFO: RestletServlet: [Restlet] Attaching restlet:     
org.restlet.security.ChallengeAuthenticator@1ee53046 to URI: /medbus
    Jul 23, 2014 10:05:44 AM org.apache.catalina.core.ApplicationContext log
    INFO: RestletServlet: [Restlet] Attaching restlet: 
org.apache.camel.component.restlet.MethodBasedRouter@6f52bffd to URI:
/medbus/wf/query/{id}/{includeResult}
    Jul 23, 2014 10:05:44 AM org.apache.catalina.core.ApplicationContext log
    INFO: RestletServlet: [Restlet] Attaching restlet:
org.apache.camel.component.restlet.MethodBasedRouter@681b8815 to URI:
/medbus/wf/query
    Jul 23, 2014 10:05:44 AM org.apache.catalina.core.ApplicationContext log
    INFO: RestletServlet: [Restlet] Attaching restlet:
org.apache.camel.component.restlet.MethodBasedRouter@34717fcf to URI:
/medbus/wf/reprocess/{id}


if you access URI not in camel routes,  the Ldap authentication was kicked
in,  but if you access the URI in the camel routes.  ldap authentication was
not triggered at all .
for example,  if you call /medbus/user/name, it works fine, but if you
call/medbus/wf/query,  no authentication.  

Thanks in advance!



--
View this message in context: 
http://camel.465427.n5.nabble.com/How-to-create-a-ldap-restletRealm-to-manage-restlet-route-authentication-using-LDAP-tp5754308.html
Sent from the Camel - Users mailing list archive at Nabble.com.

Reply via email to