Jira is to ensure your original config would always work (was the case under some conditions)
Btw do you use authMethod=basic in conf/conf.d/cxf.properties? Le 14 mai 2013 00:43, "Chris.Christo" <[email protected]> a écrit : > Hi Romain, > > > Ok yeah adding that property solved the exception mapper issue, thanks for > that! > > Yeah from an architectural point of view, I would agree that it does make > more sense to define your providers for each app in each of their own > META-INF/application.properties. > > However I still can't get authorized. > > I try 'curl -G http://john:secret@localhost:4204/ROOT/example/secure' and > I just get 'Unauthorized!'. I don't understand why, I have login.config in > conf with PropertiesLogin, have my users.properties and group.properties in > conf also, and have the 'openejb.authentication.realmName=PropertiesLogin' > property in system.properties. As far as I understand this is pretty much > everything I have to do to get security working. > > What am I missing? > > Also can you please explain what you did here: > https://issues.apache.org/jira/browse/TOMEE-931 > > > Thanks, > > Chris Christo > > Twitter: https://twitter.com/ChrisChristo7 > Tumblr: http://chrischristo7.tumblr.com > LinkedIn: http://uk.linkedin.com/in/chrischristo > > > On 13 May 2013, at 19:07, Romain Manni-Bucau <[email protected]> > wrote: > > > FYI: https://issues.apache.org/jira/browse/TOMEE-931 > > > > *Romain Manni-Bucau* > > *Twitter: @rmannibucau <https://twitter.com/rmannibucau>* > > *Blog: **http://rmannibucau.wordpress.com/*< > http://rmannibucau.wordpress.com/> > > *LinkedIn: **http://fr.linkedin.com/in/rmannibucau* > > *Github: https://github.com/rmannibucau* > > > > > > > > 2013/5/13 Romain Manni-Bucau <[email protected]> > > > >> adding in system.properties > >> > >> openejb.jaxrs.providers.auto=true > >> > >> will make it work > >> > >> that said a correct packaging (IMO) would be a > >> META-INF/application.properties with the line: > >> > >> openejb.jaxrs.providers=example.EJBAccessExceptionMapper > >> > >> *Romain Manni-Bucau* > >> *Twitter: @rmannibucau <https://twitter.com/rmannibucau>* > >> *Blog: **http://rmannibucau.wordpress.com/*< > http://rmannibucau.wordpress.com/> > >> *LinkedIn: **http://fr.linkedin.com/in/rmannibucau* > >> *Github: https://github.com/rmannibucau* > >> > >> > >> > >> 2013/5/13 Chris.Christo <[email protected]> > >> > >>> Hi, > >>> > >>> I'm trying to setup security access to my rest class. > >>> > >>> You can see below what I have setup. But basically I have a rest class > >>> with two methods, one annotated with @RolesAllowed and one not. I have > a > >>> groups.properties file, a users.properties file, a login.config file > and a > >>> system.properties file all within the conf/ folder within the server > >>> (OpenEJB standalone 4.6.0-SNAPSHOT) directory. > >>> > >>> I'm using the PropertiesLogin option with JAAS. > >>> > >>> I think I have everything setup correctly, but it doesn't seem to work. > >>> When I curl at localhost:4204/ROOT/example/insecure it works fine, but > when > >>> I curl to localhost:4204/ROOT/example/secure (with the correct login > >>> credentials) I keep getting an unauthorised error. > >>> > >>> The other thing is that I have this exception mapper called > >>> 'EJBAccessExceptionMapper' which basically diverts an > EJBAccessException to > >>> respond "Unauthorized!". I have added it to system.properties as > >>> > >>> openejb.cxf.jax-rs.providers=example.EJBAccessExceptionMapper > >>> > >>> but it doesn't get picked up for some reason?? The server throws an > >>> exception rather than the simple message "Unauthorized!". > >>> > >>> I have attached an example maven project with the below files to > >>> illustrate the problem. There is also a deploy.sh file which kinda > >>> replicates what the maven-tomee-plugin does (but as a script and for > the > >>> standalone server and not TomEE). It basically creates a copy of the > >>> OpenEJB standalone server within the target directory, copies the > ROOT.jar > >>> (that is created from a mvn package) into apps and also copies over the > >>> src/main/openejb/conf files, and then finally it starts the server. > >>> > >>> > >>> > >>> So basically unzip and run 'mvn package' and then run 'sh deploy.sh'. > >>> (You must have done a mvn install on the > tomee/assembly/openejb-standalone! > >>> prior to this!) > >>> > >>> > >>> > >>> *example/ExampleRest.java* > >>> <!-- Begin File --> > >>> @Singleton > >>> @Path("/example") > >>> public class ExampleRest { > >>> > >>> @GET > >>> @Path(value = "/insecure") > >>> public String insecure() { > >>> return "pass"; > >>> } > >>> > >>> @RolesAllowed("admin") > >>> @GET > >>> @Path(value = "/secure") > >>> public String secure() { > >>> return "pass"; > >>> } > >>> } > >>> <!-- End File --> > >>> > >>> *conf/groups.properties:* > >>> <!-- Begin File --> > >>> admin=john > >>> <!-- End File --> > >>> > >>> *conf/users.properties:* > >>> <!-- Begin File --> > >>> john=secret > >>> <!-- End File --> > >>> > >>> *conf/system.properties:* > >>> <!-- Begin File --> > >>> ... > >>> openejb.authentication.realmName=PropertiesLogin > >>> openejb.cxf.jax-rs.providers=example.EJBAccessExceptionMapper > >>> ... > >>> <!-- End File --> > >>> > >>> *conf/login.config:* > >>> <!-- Begin File --> > >>> PropertiesLogin { > >>> org.apache.openejb.core.security.jaas.PropertiesLoginModule required > >>> Debug=true > >>> UsersFile="users.properties" > >>> GroupsFile="groups.properties"; > >>> }; > >>> <!-- End File --> > >>> > >>> > >>> Chris Christo > >>> > >>> Twitter: https://twitter.com/ChrisChristo7 > >>> Tumblr: http://chrischristo7.tumblr.com > >>> LinkedIn: http://uk.linkedin.com/in/chrischristo > >>> > >>> > >>> > >> > >
