there was another jira this morning so i guess you are just on an old version ;)
*Romain Manni-Bucau* *Twitter: @rmannibucau <https://twitter.com/rmannibucau>* *Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/> *LinkedIn: **http://fr.linkedin.com/in/rmannibucau* *Github: https://github.com/rmannibucau* 2013/5/14 Chris.Christo <[email protected]> > So what exactly did you do? > > So at first it wasn't working for you? but then you added authMethod = > basic to cxf.properties and it worked for you? > > As far as I understood, the Jira issue fixed just the configuration for > the cxf.providers? > > > Chris Christo > > Twitter: https://twitter.com/ChrisChristo7 > Tumblr: http://chrischristo7.tumblr.com > LinkedIn: http://uk.linkedin.com/in/chrischristo > > On 14 May 2013, at 12:36, Romain Manni-Bucau <[email protected]> > wrote: > > > was working this morning, maybe you got a too old snapshot > > > > *Romain Manni-Bucau* > > *Twitter: @rmannibucau <https://twitter.com/rmannibucau>* > > *Blog: **http://rmannibucau.wordpress.com/*< > http://rmannibucau.wordpress.com/> > > *LinkedIn: **http://fr.linkedin.com/in/rmannibucau* > > *Github: https://github.com/rmannibucau* > > > > > > > > 2013/5/14 Chris.Christo <[email protected]> > > > >> Thanks for the clarification on the JIRA issue. > >> > >> ok so I added the following properties to cxf.properties > >> > >> authMethod = BASIC > >> realmName = PropertiesLogin > >> > >> but still no luck. > >> > >> We are dealing with a hello world example pretty much and its so > >> frustrating not being able to get this to work. :( > >> > >> > >> > >> Chris Christo > >> > >> Twitter: https://twitter.com/ChrisChristo7 > >> Tumblr: http://chrischristo7.tumblr.com > >> LinkedIn: http://uk.linkedin.com/in/chrischristo > >> > >> On 14 May 2013, at 06:02, Romain Manni-Bucau <[email protected]> > >> wrote: > >> > >>> Jira is to ensure your original config would always work (was the case > >>> under some conditions) > >>> > >>> Btw do you use authMethod=basic in conf/conf.d/cxf.properties? > >>> Le 14 mai 2013 00:43, "Chris.Christo" <[email protected]> a > écrit : > >>> > >>>> Hi Romain, > >>>> > >>>> > >>>> Ok yeah adding that property solved the exception mapper issue, thanks > >> for > >>>> that! > >>>> > >>>> Yeah from an architectural point of view, I would agree that it does > >> make > >>>> more sense to define your providers for each app in each of their own > >>>> META-INF/application.properties. > >>>> > >>>> However I still can't get authorized. > >>>> > >>>> I try 'curl -G http://john:secret@localhost:4204/ROOT/example/secure' > >> and > >>>> I just get 'Unauthorized!'. I don't understand why, I have > login.config > >> in > >>>> conf with PropertiesLogin, have my users.properties and > >> group.properties in > >>>> conf also, and have the > >> 'openejb.authentication.realmName=PropertiesLogin' > >>>> property in system.properties. As far as I understand this is pretty > >> much > >>>> everything I have to do to get security working. > >>>> > >>>> What am I missing? > >>>> > >>>> Also can you please explain what you did here: > >>>> https://issues.apache.org/jira/browse/TOMEE-931 > >>>> > >>>> > >>>> Thanks, > >>>> > >>>> Chris Christo > >>>> > >>>> Twitter: https://twitter.com/ChrisChristo7 > >>>> Tumblr: http://chrischristo7.tumblr.com > >>>> LinkedIn: http://uk.linkedin.com/in/chrischristo > >>>> > >>>> > >>>> On 13 May 2013, at 19:07, Romain Manni-Bucau <[email protected]> > >>>> wrote: > >>>> > >>>>> FYI: https://issues.apache.org/jira/browse/TOMEE-931 > >>>>> > >>>>> *Romain Manni-Bucau* > >>>>> *Twitter: @rmannibucau <https://twitter.com/rmannibucau>* > >>>>> *Blog: **http://rmannibucau.wordpress.com/*< > >>>> http://rmannibucau.wordpress.com/> > >>>>> *LinkedIn: **http://fr.linkedin.com/in/rmannibucau* > >>>>> *Github: https://github.com/rmannibucau* > >>>>> > >>>>> > >>>>> > >>>>> 2013/5/13 Romain Manni-Bucau <[email protected]> > >>>>> > >>>>>> adding in system.properties > >>>>>> > >>>>>> openejb.jaxrs.providers.auto=true > >>>>>> > >>>>>> will make it work > >>>>>> > >>>>>> that said a correct packaging (IMO) would be a > >>>>>> META-INF/application.properties with the line: > >>>>>> > >>>>>> openejb.jaxrs.providers=example.EJBAccessExceptionMapper > >>>>>> > >>>>>> *Romain Manni-Bucau* > >>>>>> *Twitter: @rmannibucau <https://twitter.com/rmannibucau>* > >>>>>> *Blog: **http://rmannibucau.wordpress.com/*< > >>>> http://rmannibucau.wordpress.com/> > >>>>>> *LinkedIn: **http://fr.linkedin.com/in/rmannibucau* > >>>>>> *Github: https://github.com/rmannibucau* > >>>>>> > >>>>>> > >>>>>> > >>>>>> 2013/5/13 Chris.Christo <[email protected]> > >>>>>> > >>>>>>> Hi, > >>>>>>> > >>>>>>> I'm trying to setup security access to my rest class. > >>>>>>> > >>>>>>> You can see below what I have setup. But basically I have a rest > >> class > >>>>>>> with two methods, one annotated with @RolesAllowed and one not. I > >> have > >>>> a > >>>>>>> groups.properties file, a users.properties file, a login.config > file > >>>> and a > >>>>>>> system.properties file all within the conf/ folder within the > server > >>>>>>> (OpenEJB standalone 4.6.0-SNAPSHOT) directory. > >>>>>>> > >>>>>>> I'm using the PropertiesLogin option with JAAS. > >>>>>>> > >>>>>>> I think I have everything setup correctly, but it doesn't seem to > >> work. > >>>>>>> When I curl at localhost:4204/ROOT/example/insecure it works fine, > >> but > >>>> when > >>>>>>> I curl to localhost:4204/ROOT/example/secure (with the correct > login > >>>>>>> credentials) I keep getting an unauthorised error. > >>>>>>> > >>>>>>> The other thing is that I have this exception mapper called > >>>>>>> 'EJBAccessExceptionMapper' which basically diverts an > >>>> EJBAccessException to > >>>>>>> respond "Unauthorized!". I have added it to system.properties as > >>>>>>> > >>>>>>> openejb.cxf.jax-rs.providers=example.EJBAccessExceptionMapper > >>>>>>> > >>>>>>> but it doesn't get picked up for some reason?? The server throws an > >>>>>>> exception rather than the simple message "Unauthorized!". > >>>>>>> > >>>>>>> I have attached an example maven project with the below files to > >>>>>>> illustrate the problem. There is also a deploy.sh file which kinda > >>>>>>> replicates what the maven-tomee-plugin does (but as a script and > for > >>>> the > >>>>>>> standalone server and not TomEE). It basically creates a copy of > the > >>>>>>> OpenEJB standalone server within the target directory, copies the > >>>> ROOT.jar > >>>>>>> (that is created from a mvn package) into apps and also copies over > >> the > >>>>>>> src/main/openejb/conf files, and then finally it starts the server. > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> So basically unzip and run 'mvn package' and then run 'sh > deploy.sh'. > >>>>>>> (You must have done a mvn install on the > >>>> tomee/assembly/openejb-standalone! > >>>>>>> prior to this!) > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> *example/ExampleRest.java* > >>>>>>> <!-- Begin File --> > >>>>>>> @Singleton > >>>>>>> @Path("/example") > >>>>>>> public class ExampleRest { > >>>>>>> > >>>>>>> @GET > >>>>>>> @Path(value = "/insecure") > >>>>>>> public String insecure() { > >>>>>>> return "pass"; > >>>>>>> } > >>>>>>> > >>>>>>> @RolesAllowed("admin") > >>>>>>> @GET > >>>>>>> @Path(value = "/secure") > >>>>>>> public String secure() { > >>>>>>> return "pass"; > >>>>>>> } > >>>>>>> } > >>>>>>> <!-- End File --> > >>>>>>> > >>>>>>> *conf/groups.properties:* > >>>>>>> <!-- Begin File --> > >>>>>>> admin=john > >>>>>>> <!-- End File --> > >>>>>>> > >>>>>>> *conf/users.properties:* > >>>>>>> <!-- Begin File --> > >>>>>>> john=secret > >>>>>>> <!-- End File --> > >>>>>>> > >>>>>>> *conf/system.properties:* > >>>>>>> <!-- Begin File --> > >>>>>>> ... > >>>>>>> openejb.authentication.realmName=PropertiesLogin > >>>>>>> openejb.cxf.jax-rs.providers=example.EJBAccessExceptionMapper > >>>>>>> ... > >>>>>>> <!-- End File --> > >>>>>>> > >>>>>>> *conf/login.config:* > >>>>>>> <!-- Begin File --> > >>>>>>> PropertiesLogin { > >>>>>>> org.apache.openejb.core.security.jaas.PropertiesLoginModule > >> required > >>>>>>> Debug=true > >>>>>>> UsersFile="users.properties" > >>>>>>> GroupsFile="groups.properties"; > >>>>>>> }; > >>>>>>> <!-- End File --> > >>>>>>> > >>>>>>> > >>>>>>> Chris Christo > >>>>>>> > >>>>>>> Twitter: https://twitter.com/ChrisChristo7 > >>>>>>> Tumblr: http://chrischristo7.tumblr.com > >>>>>>> LinkedIn: http://uk.linkedin.com/in/chrischristo > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>> > >>>> > >>>> > >> > >> > >
