Re: Basic authentication works only for the first deployed application

[Glen Mazza]

I may be wrong here, but I think basic auth is for the server itself, 
not the individual web service endpoints, so whenever you validate the 
first time (whether to your first or second endpoint), the subsequent 
call to the other web service endpoint should work fine.

Glen
On 10/08/2012 04:04 AM, gasius wrote:
Hi,

I use CXF (2.4.6) over Jetty (7.4.5.v20110725) on ServiceMix 4.4.2. I need
to expose some web services secured with basic authentication. So I created
such bus configuration (only engine-factory part posted):

/    <httpj:engine-factory bus="cxf">
         <httpj:engine port="9081">
             <httpj:handlers>
                 <beans:bean
class="org.eclipse.jetty.security.ConstraintSecurityHandler">
                     <beans:property name="loginService"
ref="securityLoginService" />
                     <beans:property name="constraintMappings">
                         <beans:list>
                             <beans:ref bean="securityConstraintMapping" />
                         </beans:list>
                     </beans:property>
                 </beans:bean>
             </httpj:handlers>
         </httpj:engine>
     </httpj:engine-factory>
     <beans:bean id="securityLoginService"
class="org.eclipse.jetty.security.HashLoginService">
         <beans:property name="name" value="WSRealm" />
         <beans:property name="config" value="etc/jetty-realm.properties" />
     </beans:bean>

     <beans:bean id="securityConstraint"
class="org.eclipse.jetty.http.security.Constraint">
         <beans:property name="name" value="BASIC" />
         <beans:property name="roles" value="admin" />
         <beans:property name="authenticate" value="true" />
     </beans:bean>
  
     <beans:bean id="securityConstraintMapping"
class="org.eclipse.jetty.security.ConstraintMapping">
         <beans:property name="constraint" ref="securityConstraint" />
         <beans:property name="pathSpec" value="/*" />
     </beans:bean>/

And register it in OSGi service registry using name cxf-bus. Later in my
Camel routes I set bus on endpoints like this:

in first bundle:
/cxf:bean:myFirstEndpoint?bus=#cxf-bus/

in second bundle:
/cxf:bean:mySecondEndpoint?bus=#cxf-bus/

When I deploy first bundle and try to access endpoint basic authentication
credentials are requested. But when I deploy second bundle I can access
mySecondEndpoint without any authentication. If I uninstall both bundles and
switch order of deployment then basic authentication works for the second
bundle but do not for the first. What am I doing wrong? Is there some way to
refresh security handler after I do subsequent deployments?



--
View this message in context: 
http://cxf.547215.n5.nabble.com/Basic-authentication-works-only-for-the-first-deployed-application-tp5715963.html
Sent from the cxf-user mailing list archive at Nabble.com.