Thanks for the clarification on the JIRA issue. ok so I added the following properties to cxf.properties
authMethod = BASIC realmName = PropertiesLogin but still no luck. We are dealing with a hello world example pretty much and its so frustrating not being able to get this to work. :( Chris Christo Twitter: https://twitter.com/ChrisChristo7 Tumblr: http://chrischristo7.tumblr.com LinkedIn: http://uk.linkedin.com/in/chrischristo On 14 May 2013, at 06:02, Romain Manni-Bucau <[email protected]> wrote: > Jira is to ensure your original config would always work (was the case > under some conditions) > > Btw do you use authMethod=basic in conf/conf.d/cxf.properties? > Le 14 mai 2013 00:43, "Chris.Christo" <[email protected]> a écrit : > >> Hi Romain, >> >> >> Ok yeah adding that property solved the exception mapper issue, thanks for >> that! >> >> Yeah from an architectural point of view, I would agree that it does make >> more sense to define your providers for each app in each of their own >> META-INF/application.properties. >> >> However I still can't get authorized. >> >> I try 'curl -G http://john:secret@localhost:4204/ROOT/example/secure' and >> I just get 'Unauthorized!'. I don't understand why, I have login.config in >> conf with PropertiesLogin, have my users.properties and group.properties in >> conf also, and have the 'openejb.authentication.realmName=PropertiesLogin' >> property in system.properties. As far as I understand this is pretty much >> everything I have to do to get security working. >> >> What am I missing? >> >> Also can you please explain what you did here: >> https://issues.apache.org/jira/browse/TOMEE-931 >> >> >> Thanks, >> >> Chris Christo >> >> Twitter: https://twitter.com/ChrisChristo7 >> Tumblr: http://chrischristo7.tumblr.com >> LinkedIn: http://uk.linkedin.com/in/chrischristo >> >> >> On 13 May 2013, at 19:07, Romain Manni-Bucau <[email protected]> >> wrote: >> >>> FYI: https://issues.apache.org/jira/browse/TOMEE-931 >>> >>> *Romain Manni-Bucau* >>> *Twitter: @rmannibucau <https://twitter.com/rmannibucau>* >>> *Blog: **http://rmannibucau.wordpress.com/*< >> http://rmannibucau.wordpress.com/> >>> *LinkedIn: **http://fr.linkedin.com/in/rmannibucau* >>> *Github: https://github.com/rmannibucau* >>> >>> >>> >>> 2013/5/13 Romain Manni-Bucau <[email protected]> >>> >>>> adding in system.properties >>>> >>>> openejb.jaxrs.providers.auto=true >>>> >>>> will make it work >>>> >>>> that said a correct packaging (IMO) would be a >>>> META-INF/application.properties with the line: >>>> >>>> openejb.jaxrs.providers=example.EJBAccessExceptionMapper >>>> >>>> *Romain Manni-Bucau* >>>> *Twitter: @rmannibucau <https://twitter.com/rmannibucau>* >>>> *Blog: **http://rmannibucau.wordpress.com/*< >> http://rmannibucau.wordpress.com/> >>>> *LinkedIn: **http://fr.linkedin.com/in/rmannibucau* >>>> *Github: https://github.com/rmannibucau* >>>> >>>> >>>> >>>> 2013/5/13 Chris.Christo <[email protected]> >>>> >>>>> Hi, >>>>> >>>>> I'm trying to setup security access to my rest class. >>>>> >>>>> You can see below what I have setup. But basically I have a rest class >>>>> with two methods, one annotated with @RolesAllowed and one not. I have >> a >>>>> groups.properties file, a users.properties file, a login.config file >> and a >>>>> system.properties file all within the conf/ folder within the server >>>>> (OpenEJB standalone 4.6.0-SNAPSHOT) directory. >>>>> >>>>> I'm using the PropertiesLogin option with JAAS. >>>>> >>>>> I think I have everything setup correctly, but it doesn't seem to work. >>>>> When I curl at localhost:4204/ROOT/example/insecure it works fine, but >> when >>>>> I curl to localhost:4204/ROOT/example/secure (with the correct login >>>>> credentials) I keep getting an unauthorised error. >>>>> >>>>> The other thing is that I have this exception mapper called >>>>> 'EJBAccessExceptionMapper' which basically diverts an >> EJBAccessException to >>>>> respond "Unauthorized!". I have added it to system.properties as >>>>> >>>>> openejb.cxf.jax-rs.providers=example.EJBAccessExceptionMapper >>>>> >>>>> but it doesn't get picked up for some reason?? The server throws an >>>>> exception rather than the simple message "Unauthorized!". >>>>> >>>>> I have attached an example maven project with the below files to >>>>> illustrate the problem. There is also a deploy.sh file which kinda >>>>> replicates what the maven-tomee-plugin does (but as a script and for >> the >>>>> standalone server and not TomEE). It basically creates a copy of the >>>>> OpenEJB standalone server within the target directory, copies the >> ROOT.jar >>>>> (that is created from a mvn package) into apps and also copies over the >>>>> src/main/openejb/conf files, and then finally it starts the server. >>>>> >>>>> >>>>> >>>>> So basically unzip and run 'mvn package' and then run 'sh deploy.sh'. >>>>> (You must have done a mvn install on the >> tomee/assembly/openejb-standalone! >>>>> prior to this!) >>>>> >>>>> >>>>> >>>>> *example/ExampleRest.java* >>>>> <!-- Begin File --> >>>>> @Singleton >>>>> @Path("/example") >>>>> public class ExampleRest { >>>>> >>>>> @GET >>>>> @Path(value = "/insecure") >>>>> public String insecure() { >>>>> return "pass"; >>>>> } >>>>> >>>>> @RolesAllowed("admin") >>>>> @GET >>>>> @Path(value = "/secure") >>>>> public String secure() { >>>>> return "pass"; >>>>> } >>>>> } >>>>> <!-- End File --> >>>>> >>>>> *conf/groups.properties:* >>>>> <!-- Begin File --> >>>>> admin=john >>>>> <!-- End File --> >>>>> >>>>> *conf/users.properties:* >>>>> <!-- Begin File --> >>>>> john=secret >>>>> <!-- End File --> >>>>> >>>>> *conf/system.properties:* >>>>> <!-- Begin File --> >>>>> ... >>>>> openejb.authentication.realmName=PropertiesLogin >>>>> openejb.cxf.jax-rs.providers=example.EJBAccessExceptionMapper >>>>> ... >>>>> <!-- End File --> >>>>> >>>>> *conf/login.config:* >>>>> <!-- Begin File --> >>>>> PropertiesLogin { >>>>> org.apache.openejb.core.security.jaas.PropertiesLoginModule required >>>>> Debug=true >>>>> UsersFile="users.properties" >>>>> GroupsFile="groups.properties"; >>>>> }; >>>>> <!-- End File --> >>>>> >>>>> >>>>> Chris Christo >>>>> >>>>> Twitter: https://twitter.com/ChrisChristo7 >>>>> Tumblr: http://chrischristo7.tumblr.com >>>>> LinkedIn: http://uk.linkedin.com/in/chrischristo >>>>> >>>>> >>>>> >>>> >> >>
