Re: JAAS configuration: ClassNotFoundException UsernameTokenProcessor

Mon, 12 Sep 2011 19:48:51 -0700 

Hi,
If you can also append the client request(soap payload you used for soapUI), it would be more helpful. 


Btw, if you just wanna wire soap request into SMX/KARAF jaas,  you  
actually needn't use JBI component,  A better solution is leverage cxf  
JAASLoginInterceptor directly, and I strongly recommend you should use  
this way.

You can adjust cxf-ws-security-osgi a little bit.

so the major part in examples/cxf-ws-security-osgi/src/main/resources/ 
META-INF/spring/beans.xml should be changed to

<jaxws:endpoint id="helloWorld"
implementor="org.apache.servicemix.examples.cxf.HelloWorldImpl"
address="/HelloWorldSecurity">
<jaxws:inInterceptors>
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken"/>
<entry key="passwordType" value="PasswordText"/>
</map>
</constructor-arg>
</bean>
<ref bean="authenticationInterceptor"/>
</jaxws:inInterceptors>
<jaxws:properties>
<entry key="ws-security.ut.no-callbacks" value="true"/>
</jaxws:properties>
</jaxws:endpoint>

<bean id="authenticationInterceptor"  
class="org.apache.cxf.interceptor.security.JAASLoginInterceptor">

<property name="contextName" value="karaf"/>
</bean>

and you just need $SMX_HOME/etc/users.properties to add name/password
joe=password


so that you can see authentication happen against user  
storage(user.properties in this case).
This just reuse default jaas configuration in  
karaf(PropertiesLoginModule) with JAAS LoginContext name "karaf".



Of course you can use your customer jaas login module, which described  
in [1], you just need specify <property name="contextName"  
value="your_jaas_context_name"/> for  
org.apache.cxf.interceptor.security.JAASLoginInterceptor accordingly.



IIRC, to make this work it need some later cxf/karaf version feature  
so I'm not sure Apache SMX4.3 can support it, so before Apache SMX4.4  
is out, you may consider to try with latest FUSE ESB[2]


Hope this helps.

[1]http://karaf.apache.org/manual/latest-2.2.x/developers-guide/security-framework.html
[2]http://repo.fusesource.com/nexus/content/repositories/releases/org/apache/servicemix/apache-servicemix/4.4.0-fuse-00-43/
Freeman
On 2011-9-12, at 下午9:48, Radomir Kadlec wrote:


Hello,
I configure *JAAS* for *cxfbc:consumer without ws-policy in WSDL* on
Servicemix 4.3 as OSGI bundle.
The WSDL contains no ws-security configuration.


The cxfbc:consumer refers *WSS4JInInterceptor* in the same beans.xml  
with

this entries:
               <entry
                   key="action"
                   value="UsernameToken" />
               <entry
                   key="passwordType"
                   value="PasswordText" />
               <entry key="passwordCallbackRef">
                   <ref bean="myPasswordCallback"/>
               </entry>


I have *JAAS* configured in separately stored blueprint  
configuration file

but in the same OSGI bundle:

   <jaas:config name="servicemix-domain">
       <jaas:module

className 
="org.apache.karaf.jaas.modules.properties.PropertiesLoginModule"

           flags="required">

           org.apache.activemq.jaas.properties.user = etc/ 
users.properties

       </jaas:module>
   </jaas:config>

There *<Import-Package>* section contains the package
*org.apache.ws.security.processor*.

When I call the cxfbc service with username and password token in soap

header from my test client (soapUI), the login module will be found  
in the

jaas realm servicemix-domain.
But it appears this exception in Servicemix:

*java.lang.ClassNotFoundException:
org.apache.ws.security.processor.UsernameTokenProcessor*

       at java.net.URLClassLoader$1.run(URLClassLoader.java:202)[: 
1.6.0_24]

       at java.security.AccessController.doPrivileged(Native
Method)[:1.6.0_24]
       at
java.net.URLClassLoader.findClass(URLClassLoader.java:190)[:1.6.0_24]

       at java.lang.ClassLoader.loadClass(ClassLoader.java:307)[: 
1.6.0_24]

       at

sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)[: 
1.6.0_24]
       at java.lang.ClassLoader.loadClass(ClassLoader.java:248)[: 
1.6.0_24]

       at

org.apache.ws.security.util.Loader.loadClass(Loader.java:185) 
[113:org.apache.ws.security.wss4j:1.5.9]

       at

org.apache.ws.security.util.Loader.loadClass(Loader.java:177) 
[113:org.apache.ws.security.wss4j:1.5.9]

       at

org.apache.ws.security.WSSConfig.getProcessor(WSSConfig.java:561) 
[113:org.apache.ws.security.wss4j:1.5.9]

       at

org 
.apache 
.ws 
.security 
.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:321) 
[113:org.apache.ws.security.wss4j:1.5.9]

       at

org 
.apache 
.ws 
.security 
.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:245) 
[113:org.apache.ws.security.wss4j:1.5.9]

       at

org 
.apache 
.cxf 
.ws 
.security 
.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:215) 
[116:org.apache.cxf.bundle:2.3.2]


See the project in this *attachment* too:

http://servicemix.396122.n5.nabble.com/file/n4794258/gateway.zip  
gateway.zip


*And second issue:*

When I redeploy my bundle (delete it from and copy to deploy), there  
is this
exception after calling the service and it is needed to restart  
Servicemix:



Caused by:  
org.osgi.service.blueprint.container.ServiceUnavailableException:

Service is unavailable
       at

org.apache.aries.blueprint.container.ReferenceListRecipe 
$ServiceDispatcher.call(ReferenceListRecipe.java:201)

       at

org.apache.aries.blueprint.container.AbstractServiceReferenceRecipe 
$CgLibProxyFactory$1.loadObject(AbstractServiceReferenceRecipe.java: 
652)

       at

org.apache.karaf.jaas.config.JaasRealm$$EnhancerByCGLIB$ 
$57d60f75.getName(<generated>)

       at

org 
.apache 
.karaf 
.jaas 
.config 
.impl 
.OsgiConfiguration.getAppConfigurationEntry(OsgiConfiguration.java:54)

       at
javax.security.auth.login.LoginContext.init(LoginContext.java:243)
       at
javax.security.auth.login.LoginContext.<init>(LoginContext.java:367)
       at
javax.security.auth.login.LoginContext.<init>(LoginContext.java:444)
       at

org 
.apache 
.servicemix 
.nmr 
.core 
.security 
.JaasAuthenticationService 
.authenticate(JaasAuthenticationService.java:50)

       at

org.apache.servicemix.nmr.api.security.AuthenticationService$ 
$EnhancerByCGLIB$$c9d6bc26.authenticate(<generated>)




Thank you for any tips, how to properly configure the JAAS  
authentization in

Servicemix 4.3. on a cxbc:consumer.
Radomir

--
View this message in context: 
http://servicemix.396122.n5.nabble.com/JAAS-configuration-ClassNotFoundException-UsernameTokenProcessor-tp4794258p4794258.html
Sent from the ServiceMix - User mailing list archive at Nabble.com.


---------------------------------------------
Freeman Fang

FuseSource
Email:[email protected]
Web: fusesource.com
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com































					Reply via email to