I’m not sure what is happening, but I noticed, you have ‘basic’ as lowercase, maybe it is case sensitive. Try uppercase:
login.config.authMethod = BASIC Also, what is in your 'etc/jetty.xml’ and ‘etc/org.ops4j.pax.web.cfg’ files ? Best regards, Alex soto > On May 15, 2020, at 11:22 AM, Gerald Kallas <catsh...@mailbox.org> wrote: > > Hi Alex, > > yes, I'm passing the HTTP "Authorization" header for basic authentication. > > My users.properties looks like > > karaf = xxx,_g_:admingroup > _g_\:admingroup = group,admin,manager,viewer,systembundles,ssh > > username1 = password1,admin > > I'm testing with the username1 password1 combination, the request looks like > > curl --insecure --location --request GET > 'https://localhost:8443/camel/api/say/hello' \ > --header 'Authorization: Basic dXNlcm5hbWUxOnBhc3N3b3JkMQ==' > > With or without the Authorization header I'm always getting a HTTP 403 > response. > > While trying to access I'm getting a log entry > > 2020-05-15T15:20:34,031 | WARN | qtp1611313605-186 | SecurityHandler > | 229 - org.eclipse.jetty.util - 9.4.22.v20191022 | No authenticator > for: {RoleInfo,C[admin],None} > > Again my org.ops4j.pax.web.context-admin.cfg, it looks like > > bundle.symbolicName=api.xml > login.config.authMethod=Basic > login.config.realmName=karaf > context.id=default > > security.constraint.1.url = /camel/api/* > security.constraint.1.method = * > security.constraint.1.roles = admin > > And my route (Blueprint DSL "api.xml") again as well > > <blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0 > https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd";> > > <reference id="httpService" > interface="org.osgi.service.http.HttpService" /> > > <bean id="camelServlet" > class="org.apache.camel.component.servlet.CamelHttpTransportServlet"/> > > <bean class="org.apache.camel.component.osgi.OsgiServletRegisterer" > init-method="register" > destroy-method="unregister"> > <property name="servletName" value="MyServlet" /> > <property name="alias" value="/camel/api" /> > <property name="httpService" ref="httpService" /> > <property name="servlet" ref="camelServlet" /> > </bean> > > <bean id="servlet" > class="org.apache.camel.component.servlet.ServletComponent" /> > > <camelContext xmlns="http://camel.apache.org/schema/blueprint";> > <restConfiguration > component="servlet" > bindingMode="json" > enableCORS="false" > skipBindingOnErrorCode="false" > clientRequestValidation="true"> > > <componentProperty key="matchOnUriPrefix" value="true" > /> > > <endpointProperty key="servletName" value="MyServlet" /> > <endpointProperty key="disableStreamCache" value="true" > /> > > <dataFormatProperty key="contentTypeHeader" > value="false" /> > <dataFormatProperty key="baseUri" value ="/came/api" /> > </restConfiguration > > > <rest path="/say"> > <get uri="/hello"> > <to uri="direct:hello"/> > </get> > </rest> > > <route> > <from uri="direct:hello"/> > <transform> > <constant>Hello World</constant> > </transform> > </route> > > </camelContext> > > </blueprint> > > Best > - Gerald > >> Alex Soto <alex.s...@envieta.com> hat am 15. Mai 2020 14:35 geschrieben: >> >> >> Are passing the BASIC Authentication header with user name and password? >> >> The user names and roles are defined in the 'etc/users.properties’ file, >> check Karaf documentation >> https://karaf.apache.org/manual/latest/#_security_2 >> <https://karaf.apache.org/manual/latest/#_security_2> >> >> >> The 'security.constraint.1.* entries' in your file >> 'org.ops4j.pax.web.context-admin.cfg’ define the permissions for each >> route, just need to add new ones replacing 1 with 2, and so on, the url >> matching the Camel route. >> >> >> >>> On May 14, 2020, at 5:17 PM, Gerald Kallas <catsh...@mailbox.org> wrote: >>> >>> Thanks Alex, >>> >>> the API now is working after removing the "httpRegistry" part. >>> >>> Now I've the next issue. My org.ops4j.pax.web.context-admin.cfg looks like >>> >>> bundle.symbolicName=api.xml >>> login.config.authMethod=BASIC >>> login.config.realmName=karaf >>> context.id=default >>> >>> security.constraint.1.url = /camel/api/* >>> security.constraint.1.method = * >>> security.constraint.1.roles = admin >>> >>> Saving this creates the log file entries as below. >>> >>> The return code with this file is now always a HTTP 403 (forbidden). What >>> might be wrong now? >>> >>> And .. where can I define the roles, users and passwords for each of the >>> routes with a servlet consumer? >>> >>> Best >>> - Gerald >>> >>> 2020-05-14T21:15:18,817 | INFO | fileinstall-/opt/apache-karaf-4.2.7/etc | >>> fileinstall | 10 - org.apache.felix.fileinstall - >>> 3.6.4 | Updating configuration from org.ops4j.pax.web.context-admin.cfg >>> 2020-05-14T21:15:18,819 | INFO | CM Configuration Updater (Update: >>> pid=org.ops4j.pax.web.context.1448dbe9-6e82-4f5f-8176-f306ab16640f) | >>> HttpContextProcessing | 258 - org.ops4j.pax.web.pax-web-runtime >>> - 7.2.11 | Updated configuration for >>> pid=org.ops4j.pax.web.context.1448dbe9-6e82-4f5f-8176-f306ab16640f >>> 2020-05-14T21:15:18,821 | INFO | paxweb-context-4-thread-22 | >>> HttpContextProcessing | 258 - org.ops4j.pax.web.pax-web-runtime >>> - 7.2.11 | Found bundle "api.xml", scheduling customization of its >>> WebContainer >>> 2020-05-14T21:15:18,822 | INFO | paxweb-context-4-thread-22 | >>> HttpContextProcessing | 258 - org.ops4j.pax.web.pax-web-runtime >>> - 7.2.11 | HTTP Context Processor {bundle=api.xml [326]}: Restoring >>> WebContainer for bundle api.xml/0.0.0 >>> 2020-05-14T21:15:18,822 | INFO | paxweb-context-4-thread-22 | >>> CamelHttpTransportServlet | 288 - org.apache.camel.camel-servlet - >>> 3.0.0 | Destroyed CamelHttpTransportServlet[MyServlet] >>> 2020-05-14T21:15:18,822 | INFO | paxweb-context-4-thread-22 | >>> ContextHandler | 223 - org.eclipse.jetty.util - >>> 9.4.20.v20190813 | Stopped >>> HttpServiceContext{httpContext=DefaultHttpContext [bundle=api.xml [326], >>> contextID=default]} >>> 2020-05-14T21:15:18,823 | INFO | paxweb-context-4-thread-22 | >>> HttpServiceContext | 256 - org.ops4j.pax.web.pax-web-jetty - >>> 7.2.11 | registering JasperInitializer >>> 2020-05-14T21:15:18,902 | INFO | paxweb-context-4-thread-22 | >>> CamelHttpTransportServlet | 288 - org.apache.camel.camel-servlet - >>> 3.0.0 | Initialized CamelHttpTransportServlet[name=MyServlet, contextPath=] >>> 2020-05-14T21:15:18,905 | INFO | paxweb-context-4-thread-22 | >>> ContextHandler | 223 - org.eclipse.jetty.util - >>> 9.4.20.v20190813 | Started >>> HttpServiceContext{httpContext=DefaultHttpContext [bundle=api.xml [326], >>> contextID=default]} >>> 2020-05-14T21:15:18,905 | INFO | paxweb-context-4-thread-22 | >>> HttpContextProcessing | 258 - org.ops4j.pax.web.pax-web-runtime >>> - 7.2.11 | Customizing WebContainer for bundle api.xml/0.0.0 >>> 2020-05-14T21:15:18,906 | INFO | paxweb-context-4-thread-22 | >>> HttpContextProcessing | 258 - org.ops4j.pax.web.pax-web-runtime >>> - 7.2.11 | Registering login configuration in WebContainer for bundle >>> "api.xml": method=BASIC, realm=karaf >>> 2020-05-14T21:15:18,908 | INFO | paxweb-context-4-thread-22 | >>> CamelHttpTransportServlet | 288 - org.apache.camel.camel-servlet - >>> 3.0.0 | Destroyed CamelHttpTransportServlet[MyServlet] >>> 2020-05-14T21:15:18,908 | INFO | paxweb-context-4-thread-22 | >>> ContextHandler | 223 - org.eclipse.jetty.util - >>> 9.4.20.v20190813 | Stopped >>> HttpServiceContext{httpContext=DefaultHttpContext [bundle=api.xml [326], >>> contextID=default]} >>> 2020-05-14T21:15:18,909 | INFO | paxweb-context-4-thread-22 | >>> HttpContextProcessing | 258 - org.ops4j.pax.web.pax-web-runtime >>> - 7.2.11 | Registering security mappings in WebContainer for bundle >>> "api.xml": SecurityConstraintsMapping{name='constraint.1', >>> url='/camel/api/*', roles=[admin]} >>> 2020-05-14T21:15:18,909 | INFO | paxweb-context-4-thread-22 | >>> HttpServiceContext | 256 - org.ops4j.pax.web.pax-web-jetty - >>> 7.2.11 | registering JasperInitializer >>> 2020-05-14T21:15:19,003 | INFO | paxweb-context-4-thread-22 | >>> CamelHttpTransportServlet | 288 - org.apache.camel.camel-servlet - >>> 3.0.0 | Initialized CamelHttpTransportServlet[name=MyServlet, contextPath=] >>> 2020-05-14T21:15:19,003 | INFO | paxweb-context-4-thread-22 | >>> ContextHandler | 223 - org.eclipse.jetty.util - >>> 9.4.20.v20190813 | Started >>> HttpServiceContext{httpContext=DefaultHttpContext [bundle=api.xml [326], >>> contextID=default]} >>> >>>> Alex Soto <alex.s...@envieta.com> hat am 14. Mai 2020 18:42 geschrieben: >>>> >>>> >>>> Looks good to me: '/camel/api/say/hello' should be correct. >>>> >>>> The only difference I see is that in my case I am not using the >>>> ‘httpRegistry'; try removing that part. >>>> >>>> >>>> Best regards, >>>> Alex soto >>>> >>>> >>>> >>>> >>>> >>>>> On May 14, 2020, at 12:21 PM, Gerald Kallas <catsh...@mailbox.org> wrote: >>>>> Thanks Alex. >>>>> >>>>> I'm still struggling upfront. I was copying your example and have >>>>> combined the parts in one Blueprint DSL. >>>>> >>>>> See my complete Blueprint DSL file below. I'm always getting a HTTP 404 >>>>> (not found). >>>>> >>>>> I'm assuming that the URL >>>>> >>>>> https://localhost:8443/camel/api/say/hello >>>>> >>>>> should be the one to call. Do I still miss something? Many thanks in >>>>> advance. >>>>> >>>>> <blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"; >>>>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >>>>> xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0 >>>>> https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd";> >>>>> >>>>> <reference id="httpService" interface="org.osgi.service.http.HttpService" >>>>> /> >>>>> >>>>> <bean id="camelServlet" >>>>> class="org.apache.camel.component.servlet.CamelHttpTransportServlet"/> >>>>> >>>>> <bean >>>>> class="org.apache.camel.component.servlet.osgi.OsgiServletRegisterer" >>>>> init-method="register" >>>>> destroy-method="unregister"> >>>>> <property name="servletName" value="MyServlet" /> >>>>> <property name="alias" value="/camel/api" /> >>>>> <property name="httpService" ref="httpService" /> >>>>> <property name="servlet" ref="camelServlet" /> >>>>> </bean> >>>>> >>>>> <bean id="httpRegistry" >>>>> class="org.apache.camel.component.servlet.DefaultHttpRegistry" /> >>>>> >>>>> <bean id="servlet" >>>>> class="org.apache.camel.component.servlet.ServletComponent"> >>>>> <property name="httpRegistry" ref="httpRegistry" /> >>>>> </bean> >>>>> >>>>> <camelContext xmlns="http://camel.apache.org/schema/blueprint";> >>>>> <restConfiguration >>>>> component="servlet" >>>>> bindingMode="json" >>>>> enableCORS="false" >>>>> skipBindingOnErrorCode="false" >>>>> clientRequestValidation="true"> >>>>> >>>>> <componentProperty key="matchOnUriPrefix" value="true" /> >>>>> >>>>> <endpointProperty key="servletName" value="MyServlet" /> >>>>> <endpointProperty key="disableStreamCache" value="true" /> >>>>> >>>>> <dataFormatProperty key="contentTypeHeader" value="false" /> >>>>> <dataFormatProperty key="baseUri" value ="/came/api" /> >>>>> </restConfiguration > >>>>> >>>>> <rest path="/say"> >>>>> <get uri="/hello"> >>>>> <to uri="direct:hello"/> >>>>> </get> >>>>> </rest> >>>>> >>>>> <route> >>>>> <from uri="direct:hello"/> >>>>> <transform> >>>>> <constant>Hello World</constant> >>>>> </transform> >>>>> </route> >>>>> >>>>> </camelContext> >>>>> >>>>> </blueprint> >>>>> >>>>> Best >>>>> - Gerald >>>>> >>>>> >>>>>> Alex Soto <alex.s...@envieta.com> hat am 14. Mai 2020 14:55 geschrieben: >>>>>> >>>>>> >>>>>> Hi Gerald, >>>>>> >>>>>> I would put the Servlet in the same bundle; I don’t see the need to >>>>>> separate it for reuse. >>>>>> Looks like you are missing security constraint in the >>>>>> 'etc/org.ops4j.pax.web.context-admin.cfg' file >>>>>> >>>>>> security.constraint.1.url = /camel/services/* >>>>>> security.constraint.1.method = * >>>>>> security.constraint.1.roles = admin >>>>>> >>>>>> >>>>>> Best regards, >>>>>> Alex soto >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>>> On May 13, 2020, at 7:02 PM, Gerald Kallas <catsh...@mailbox.org> wrote: >>>>>>> <property name="alias" value="/camel/services" /> >>>>>> >>>>
