Re: JAAS configuration: ClassNotFoundException UsernameTokenProcessor

Tue, 13 Sep 2011 21:03:14 -0700 

Hi,
If you really wanna use the cxfbc:consumer to do JAAS auth, you need revise the testcase you append a little bit. 

Mainly the src/main/resources/OSGI-INF/blueprint/jaasRealm.xml
should be
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0";
           xmlns:jaas="http://karaf.apache.org/xmlns/jaas/v1.0.0";

           xmlns:cm="http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.1.0 
"
           xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0 
">


    <type-converters>

        <bean  
class="org.apache.karaf.jaas.modules.properties.PropertiesConverter"/>

    </type-converters>


    <!-- Allow usage of System properties, especially the karaf.base  
property -->
    <ext:property-placeholder placeholder-prefix="$[" placeholder- 
suffix="]"/>



    <!-- AdminConfig property place holder for the  
org.apache.karaf.jaas  -->
    <cm:property-placeholder persistent-id="org.apache.karaf.jaas"  
update-strategy="reload">

        <cm:default-properties>
            <cm:property name="encryption.name" value=""/>
            <cm:property name="encryption.enabled" value="false"/>
            <cm:property name="encryption.prefix" value="{CRYPT}"/>
            <cm:property name="encryption.suffix" value="{CRYPT}"/>
            <cm:property name="encryption.algorithm" value="MD5"/>

            <cm:property name="encryption.encoding"  
value="hexadecimal"/>

        </cm:default-properties>
    </cm:property-placeholder>

    <jaas:config name="servicemix-domain">

        <jaas:module  
className 
="org.apache.karaf.jaas.modules.properties.PropertiesLoginModule"  
flags="required">

            users = $[karaf.base]/etc/users.properties
            encryption.name = ${encryption.name}
            encryption.enabled = ${encryption.enabled}
            encryption.prefix = ${encryption.prefix}
            encryption.suffix = ${encryption.suffix}
            encryption.algorithm = ${encryption.algorithm}
            encryption.encoding = ${encryption.encoding}
        </jaas:module>
    </jaas:config>



    <!-- The Backing Engine Factory Service for the  
PropertiesLoginModule -->
    <service  
interface="org.apache.karaf.jaas.modules.BackingEngineFactory">
        <bean  
class 
= 
"org 
.apache.karaf.jaas.modules.properties.PropertiesBackingEngineFactory"/>

    </service>


    <service  
interface="org.apache.karaf.jaas.modules.EncryptionService"  
ranking="-1">

        <service-properties>
            <entry key="name" value="basic"/>
        </service-properties>

        <bean  
class 
="org.apache.karaf.jaas.modules.encryption.BasicEncryptionService"/>

    </service>

</blueprint>

also in the pom.xml you need remove
org.apache.cxf.transport.http_osgi,

from the Import-Package as since from CXF 2.4 this pacakge no long  
exist.

And the client request should be
<?xml version="1.0" encoding="UTF-8"?>

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/ 
" xmlns:v="http://www.acr.cz/ws/issp/v_1.0.0"; xmlns:v1="http://www.aura.cz/xrg/isl/g/v_1.0.0.0 
" xmlns:v2="http://www.aura.cz/xrg/isl/pocty-techniky/request/ 
v_1.0.0.0">
<soapenv:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd 
">
<wsse:UsernameToken wsu:Id="UsernameToken-63" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd 
">

<wsse:Username>smx</wsse:Username>

<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText 
">smx</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary 
">rZzGQVHKNjvbXzW4gZqumg==</ 
wsse:Nonce><wsu:Created>2011-09-13T09:39:30.655Z</wsu:Created>

</wsse:UsernameToken></wsse:Security></soapenv:Header>
   <soapenv:Body>
      <v1:PoctyTechniky>
         <v1:requestXml>
            <v2:Xrg>
               <!--Optional:-->
               <v2:PoctyTechniky>
                  <v2:kcu>0</v2:kcu>
               </v2:PoctyTechniky>
            </v2:Xrg>
         </v1:requestXml>
      </v1:PoctyTechniky>
   </soapenv:Body>
</soapenv:Envelope>
What you sent me before has an invalid char inside


I tested it with Fuse ESB 4.4.0-fuse-00-43 as you already install this  
version and the JAAS through  
cxfbc(org.apache.servicemix.cxfbc.interceptors.JbiJAASInterceptor  
delegate JAAS to servicemix-domain in this case) works for me.



Ideally we should have leverage the karaf domain which by default get  
installed and so you needn't have src/main/resources/OSGI-INF/ 
blueprint/jaasRealm.xml to specify servicemix-domain at all,  
unfortunately now the cxfbc JbiJAASInterceptor bind to "servicemix- 
domain" which we need improve to make it configurable. I'll create an  
jira ticket to track it.


Freeman
On 2011-9-13, at 下午10:03, Radomir Kadlec wrote:


Hi Freeman,


what ist then the simpliest way to use JAAS authentication together  
with

cxfbc:consumer endpoint?
Must I write my own passwordCallbackHandler to solve it?


Or is there another way to create secured webservice endpoints in  
Servicemix

without to implement a Java client (to not use jaxws:endpoint
implementor="...")?

I need only cath the ws request, do WS-Security authentication,  
auditing,
check the message aginst wsdl and then route the request to the end  
service

on unsecured server.

Thanks,
Radomir

--
View this message in context: 
http://servicemix.396122.n5.nabble.com/JAAS-configuration-ClassNotFoundException-UsernameTokenProcessor-tp4794258p4798637.html
Sent from the ServiceMix - User mailing list archive at Nabble.com.


---------------------------------------------
Freeman Fang

FuseSource
Email:[email protected]
Web: fusesource.com
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com































					Reply via email to