The keystore configuration is only needed for HTTPS. You can use BASIC AUTH without HTTPS.
If you want to leverage on the OSGI HTTP service (it looks so, because you are using address="/externalWarehouse"), you have to configure BASIC AUTH in your jetty.xml like: <Configure class="org.eclipse.jetty.server.Server"> <!-- =========================================================== --> <!-- Set connectors --> <!-- =========================================================== --> <!-- One of each type! --> <!-- =========================================================== --> <Call name="addConnector"> <Arg> <New class="org.eclipse.jetty.server.nio.BlockingChannelConnector"> <Set name="host"> <Property name="jetty.host" /> </Set> <Set name="port"> <Property name="jetty.port" default="8181" /> </Set> <Set name="maxIdleTime">300000</Set> <Set name="Acceptors">1</Set> <Set name="statsOn">false</Set> <Set name="confidentialPort">8443</Set> </New> </Arg> </Call> <Call name="addBean"> <Arg> <New class="org.eclipse.jetty.plus.jaas.JAASLoginService"> <Set name="name">karaf</Set> <Set name="loginModuleName">karaf</Set> <Set name="roleClassNames"> <Array type="java.lang.String"> <Item>org.apache.karaf.jaas.boot.principal.RolePrincipal</Item> </Array> </Set> </New> </Arg> </Call> <Call name="addBean"> <Arg> <New class="org.eclipse.jetty.plus.jaas.JAASLoginService"> <Set name="name">default</Set> <Set name="loginModuleName">karaf</Set> <Set name="roleClassNames"> <Array type="java.lang.String"> <Item>org.apache.karaf.jaas.boot.principal.RolePrincipal</Item> </Array> </Set> </New> </Arg> </Call> </Configure> If you want to start up a new Jetty instance to expose your web service, your configuration looks good. As Willem already explained, you has to configure a complete URL like address=" http://127.0.0.1:9000/externalWarehouse". And you can remove the keystore configuration if you are using HTTP. <httpj:engine-factory bus=*"cxf"*> <httpj:engine port=*"9000"*> <httpj:threadingParameters minThreads=*"5"* maxThreads=*"20"* /> <httpj:handlers> <!-- BASIC AUTHENTICATION configuration --> <ref bean=*"securityHandler"*/> </httpj:handlers> </httpj:engine> </httpj:engine-factory> <bean id=*"securityHandler"* class= *"org.eclipse.jetty.security.ConstraintSecurityHandler"*> <property name=*"authenticator"*> <bean class= *"org.eclipse.jetty.security.authentication.BasicAuthenticator"*/> </property> <property name=*"constraintMappings"*> <list> <bean class=*"org.eclipse.jetty.security.ConstraintMapping"* > <property name=*"constraint"*> <bean class= *"org.eclipse.jetty.http.security.Constraint"*> <property name=*"name"* value=*"BASIC"*/> <property name=*"roles"* value=*"yourRole"*/> <property name=*"authenticate"* value=*"true"*/> </bean> </property> <property name=*"pathSpec"* value=*"/*"*/> </bean> </list> </property> <property name=*"loginService"*> <bean class=*"org.eclipse.jetty.security.HashLoginService"*> <property name=*"name"* value=*"karaf"* /> <property name=*"config"* value= *"src/test/resources/jetty-realm.properties"* /> </bean> </property> <property name=*"strict"* value=*"false"*/> </bean> Best, Christian ----------------- Software Integration Specialist Apache Member V.P. Apache Camel | Apache Camel PMC Member | Apache Camel committer Apache Incubator PMC Member https://www.linkedin.com/pub/christian-mueller/11/551/642 On Fri, Oct 31, 2014 at 9:44 AM, Hilderich <hilde.sch...@yahoo.de> wrote: > Hello Willem, > > Many thanks for that crucial hint. I did as you said but no Basic > Authentication was requested. What I am not understand so far is the > keystore stuff in <httpj:tlsServerParameters ... > As I interpret it correctly this has something to do with SSL/https but I > have no intentions to switch to https. As a result I have in the meantime > <httpj ... section in blueprint modified to: > > <httpj:engine-factory bus="cxf"> > <httpj:engine port="9000"> > <httpj:threadingParameters minThreads="5" > maxThreads="20" /> > <httpj:handlers> > <ref component-id="securityHandler" /> > </httpj:handlers> > </httpj:engine> > </httpj:engine-factory> > > > Do I have get something wrong? Is Basic Auth inevitably connected with > SSL/http??? > > Could you please help me once again to establish BASIC Auth via http and > how > jetty has properly configured in blueprint.xml? > > Kind regards, > Hilderich > > > > -- > View this message in context: > http://camel.465427.n5.nabble.com/Adding-jaas-authentication-to-a-cxf-endpoint-in-karaf-tp5758340p5758360.html > Sent from the Camel - Users mailing list archive at Nabble.com. >