So what exactly did you do? So at first it wasn't working for you? but then you added authMethod = basic to cxf.properties and it worked for you?
As far as I understood, the Jira issue fixed just the configuration for the cxf.providers? Chris Christo Twitter: https://twitter.com/ChrisChristo7 Tumblr: http://chrischristo7.tumblr.com LinkedIn: http://uk.linkedin.com/in/chrischristo On 14 May 2013, at 12:36, Romain Manni-Bucau <[email protected]> wrote: > was working this morning, maybe you got a too old snapshot > > *Romain Manni-Bucau* > *Twitter: @rmannibucau <https://twitter.com/rmannibucau>* > *Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/> > *LinkedIn: **http://fr.linkedin.com/in/rmannibucau* > *Github: https://github.com/rmannibucau* > > > > 2013/5/14 Chris.Christo <[email protected]> > >> Thanks for the clarification on the JIRA issue. >> >> ok so I added the following properties to cxf.properties >> >> authMethod = BASIC >> realmName = PropertiesLogin >> >> but still no luck. >> >> We are dealing with a hello world example pretty much and its so >> frustrating not being able to get this to work. :( >> >> >> >> Chris Christo >> >> Twitter: https://twitter.com/ChrisChristo7 >> Tumblr: http://chrischristo7.tumblr.com >> LinkedIn: http://uk.linkedin.com/in/chrischristo >> >> On 14 May 2013, at 06:02, Romain Manni-Bucau <[email protected]> >> wrote: >> >>> Jira is to ensure your original config would always work (was the case >>> under some conditions) >>> >>> Btw do you use authMethod=basic in conf/conf.d/cxf.properties? >>> Le 14 mai 2013 00:43, "Chris.Christo" <[email protected]> a écrit : >>> >>>> Hi Romain, >>>> >>>> >>>> Ok yeah adding that property solved the exception mapper issue, thanks >> for >>>> that! >>>> >>>> Yeah from an architectural point of view, I would agree that it does >> make >>>> more sense to define your providers for each app in each of their own >>>> META-INF/application.properties. >>>> >>>> However I still can't get authorized. >>>> >>>> I try 'curl -G http://john:secret@localhost:4204/ROOT/example/secure' >> and >>>> I just get 'Unauthorized!'. I don't understand why, I have login.config >> in >>>> conf with PropertiesLogin, have my users.properties and >> group.properties in >>>> conf also, and have the >> 'openejb.authentication.realmName=PropertiesLogin' >>>> property in system.properties. As far as I understand this is pretty >> much >>>> everything I have to do to get security working. >>>> >>>> What am I missing? >>>> >>>> Also can you please explain what you did here: >>>> https://issues.apache.org/jira/browse/TOMEE-931 >>>> >>>> >>>> Thanks, >>>> >>>> Chris Christo >>>> >>>> Twitter: https://twitter.com/ChrisChristo7 >>>> Tumblr: http://chrischristo7.tumblr.com >>>> LinkedIn: http://uk.linkedin.com/in/chrischristo >>>> >>>> >>>> On 13 May 2013, at 19:07, Romain Manni-Bucau <[email protected]> >>>> wrote: >>>> >>>>> FYI: https://issues.apache.org/jira/browse/TOMEE-931 >>>>> >>>>> *Romain Manni-Bucau* >>>>> *Twitter: @rmannibucau <https://twitter.com/rmannibucau>* >>>>> *Blog: **http://rmannibucau.wordpress.com/*< >>>> http://rmannibucau.wordpress.com/> >>>>> *LinkedIn: **http://fr.linkedin.com/in/rmannibucau* >>>>> *Github: https://github.com/rmannibucau* >>>>> >>>>> >>>>> >>>>> 2013/5/13 Romain Manni-Bucau <[email protected]> >>>>> >>>>>> adding in system.properties >>>>>> >>>>>> openejb.jaxrs.providers.auto=true >>>>>> >>>>>> will make it work >>>>>> >>>>>> that said a correct packaging (IMO) would be a >>>>>> META-INF/application.properties with the line: >>>>>> >>>>>> openejb.jaxrs.providers=example.EJBAccessExceptionMapper >>>>>> >>>>>> *Romain Manni-Bucau* >>>>>> *Twitter: @rmannibucau <https://twitter.com/rmannibucau>* >>>>>> *Blog: **http://rmannibucau.wordpress.com/*< >>>> http://rmannibucau.wordpress.com/> >>>>>> *LinkedIn: **http://fr.linkedin.com/in/rmannibucau* >>>>>> *Github: https://github.com/rmannibucau* >>>>>> >>>>>> >>>>>> >>>>>> 2013/5/13 Chris.Christo <[email protected]> >>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> I'm trying to setup security access to my rest class. >>>>>>> >>>>>>> You can see below what I have setup. But basically I have a rest >> class >>>>>>> with two methods, one annotated with @RolesAllowed and one not. I >> have >>>> a >>>>>>> groups.properties file, a users.properties file, a login.config file >>>> and a >>>>>>> system.properties file all within the conf/ folder within the server >>>>>>> (OpenEJB standalone 4.6.0-SNAPSHOT) directory. >>>>>>> >>>>>>> I'm using the PropertiesLogin option with JAAS. >>>>>>> >>>>>>> I think I have everything setup correctly, but it doesn't seem to >> work. >>>>>>> When I curl at localhost:4204/ROOT/example/insecure it works fine, >> but >>>> when >>>>>>> I curl to localhost:4204/ROOT/example/secure (with the correct login >>>>>>> credentials) I keep getting an unauthorised error. >>>>>>> >>>>>>> The other thing is that I have this exception mapper called >>>>>>> 'EJBAccessExceptionMapper' which basically diverts an >>>> EJBAccessException to >>>>>>> respond "Unauthorized!". I have added it to system.properties as >>>>>>> >>>>>>> openejb.cxf.jax-rs.providers=example.EJBAccessExceptionMapper >>>>>>> >>>>>>> but it doesn't get picked up for some reason?? The server throws an >>>>>>> exception rather than the simple message "Unauthorized!". >>>>>>> >>>>>>> I have attached an example maven project with the below files to >>>>>>> illustrate the problem. There is also a deploy.sh file which kinda >>>>>>> replicates what the maven-tomee-plugin does (but as a script and for >>>> the >>>>>>> standalone server and not TomEE). It basically creates a copy of the >>>>>>> OpenEJB standalone server within the target directory, copies the >>>> ROOT.jar >>>>>>> (that is created from a mvn package) into apps and also copies over >> the >>>>>>> src/main/openejb/conf files, and then finally it starts the server. >>>>>>> >>>>>>> >>>>>>> >>>>>>> So basically unzip and run 'mvn package' and then run 'sh deploy.sh'. >>>>>>> (You must have done a mvn install on the >>>> tomee/assembly/openejb-standalone! >>>>>>> prior to this!) >>>>>>> >>>>>>> >>>>>>> >>>>>>> *example/ExampleRest.java* >>>>>>> <!-- Begin File --> >>>>>>> @Singleton >>>>>>> @Path("/example") >>>>>>> public class ExampleRest { >>>>>>> >>>>>>> @GET >>>>>>> @Path(value = "/insecure") >>>>>>> public String insecure() { >>>>>>> return "pass"; >>>>>>> } >>>>>>> >>>>>>> @RolesAllowed("admin") >>>>>>> @GET >>>>>>> @Path(value = "/secure") >>>>>>> public String secure() { >>>>>>> return "pass"; >>>>>>> } >>>>>>> } >>>>>>> <!-- End File --> >>>>>>> >>>>>>> *conf/groups.properties:* >>>>>>> <!-- Begin File --> >>>>>>> admin=john >>>>>>> <!-- End File --> >>>>>>> >>>>>>> *conf/users.properties:* >>>>>>> <!-- Begin File --> >>>>>>> john=secret >>>>>>> <!-- End File --> >>>>>>> >>>>>>> *conf/system.properties:* >>>>>>> <!-- Begin File --> >>>>>>> ... >>>>>>> openejb.authentication.realmName=PropertiesLogin >>>>>>> openejb.cxf.jax-rs.providers=example.EJBAccessExceptionMapper >>>>>>> ... >>>>>>> <!-- End File --> >>>>>>> >>>>>>> *conf/login.config:* >>>>>>> <!-- Begin File --> >>>>>>> PropertiesLogin { >>>>>>> org.apache.openejb.core.security.jaas.PropertiesLoginModule >> required >>>>>>> Debug=true >>>>>>> UsersFile="users.properties" >>>>>>> GroupsFile="groups.properties"; >>>>>>> }; >>>>>>> <!-- End File --> >>>>>>> >>>>>>> >>>>>>> Chris Christo >>>>>>> >>>>>>> Twitter: https://twitter.com/ChrisChristo7 >>>>>>> Tumblr: http://chrischristo7.tumblr.com >>>>>>> LinkedIn: http://uk.linkedin.com/in/chrischristo >>>>>>> >>>>>>> >>>>>>> >>>>>> >>>> >>>> >> >>
