You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@karaf.apache.org by Gareth <ga...@gmail.com> on 2011/07/27 03:27:59 UTC
Mixing Jetty Security and Spring Security In Karaf
Hello,
I started playing with Spring Security in a wab I installed to Karaf. I got
it working (with some kludges -> I currently need to include all the spring
and spring-security jars in my war for spring to see the spring security
namespace) which is great.
I did see some weird behavior though. Once I login, and a session is
created, subsequent requests to the same web application are intercepted by
the jetty security (which is used by the karaf console). My web application
still works, but jetty complains my spring security user doesn't exist (as
only spring security, not jetty, knows about this user):
21:23:23,606 | WARN | 37-65 - /sst/sst | log |
.eclipse.jetty.util.log.Slf4jLog 50 | 46 - org.eclipse.jetty.util -
7.4.2.v20110526 | EXCEPTION
javax.security.auth.login.FailedLoginException: User rod does not exist
at
org.apache.karaf.jaas.modules.properties.PropertiesLoginModule.login(PropertiesLoginModule.java:98)
at
org.apache.karaf.jaas.boot.ProxyLoginModule.login(ProxyLoginModule.java:83)[karaf-jaas-boot.jar:]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.6.0_26]
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[:1.6.0_26]
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0_26]
at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0_26]
at
javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)[:1.6.0_26]
at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)[:1.6.0_26]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)[:1.6.0_26]
at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)[:1.6.0_26]
at
javax.security.auth.login.LoginContext.login(LoginContext.java:579)[:1.6.0_26]
at
org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:203)[59:org.eclipse.jetty.plus:7.4.2.v20110526]
at
org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:77)[53:org.eclipse.jetty.security:7.4.2.v20110526]
at
org.eclipse.jetty.security.authentication.DeferredAuthentication.authenticate(DeferredAuthentication.java:100)[53:org.eclipse.jetty.security:7.4.2.v20110526]
at
org.eclipse.jetty.server.Request.getAuthType(Request.java:353)[52:org.eclipse.jetty.server:7.4.2.v20110526]
at
javax.servlet.http.HttpServletRequestWrapper.getAuthType(HttpServletRequestWrapper.java:59)[43:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
at
javax.servlet.http.HttpServletRequestWrapper.getAuthType(HttpServletRequestWrapper.java:59)[43:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
at
com.antennasoftware.sst.SSTServlet.service(SSTServlet.java:36)[688:com.antennasoftware.spring-security-test:1.0.0]
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:806)[43:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
at
org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:538)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1352)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:368)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:169)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)[688:com.antennasoftware.spring-security-test:1.0.0]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
at
org.ops4j.pax.web.service.internal.WelcomeFilesFilter.doFilter(WelcomeFilesFilter.java:169)[62:org.ops4j.pax.web.pax-web-runtime:1.0.4]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
at
org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:476)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
at
org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:70)[63:org.ops4j.pax.web.pax-web-jetty:1.0.4]
at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119)[52:org.eclipse.jetty.server:7.4.2.v20110526]
at
org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:480)[53:org.eclipse.jetty.security:7.4.2.v20110526]
at
org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:225)[52:org.eclipse.jetty.server:7.4.2.v20110526]
at
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:937)[52:org.eclipse.jetty.server:7.4.2.v20110526]
at
org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:116)[63:org.ops4j.pax.web.pax-web-jetty:1.0.4]
at
org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:406)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
at
org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:183)[52:org.eclipse.jetty.server:7.4.2.v20110526]
at
org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:871)[52:org.eclipse.jetty.server:7.4.2.v20110526]
at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)[52:org.eclipse.jetty.server:7.4.2.v20110526]
at
org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:72)[63:org.ops4j.pax.web.pax-web-jetty:1.0.4]
at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)[52:org.eclipse.jetty.server:7.4.2.v20110526]
at
org.eclipse.jetty.server.Server.handle(Server.java:342)[52:org.eclipse.jetty.server:7.4.2.v20110526]
at
org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:589)[52:org.eclipse.jetty.server:7.4.2.v20110526]
at
org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:1048)[52:org.eclipse.jetty.server:7.4.2.v20110526]
at
org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:601)[48:org.eclipse.jetty.http:7.4.2.v20110526]
at
org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:214)[48:org.eclipse.jetty.http:7.4.2.v20110526]
at
org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:411)[52:org.eclipse.jetty.server:7.4.2.v20110526]
at
org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:535)[47:org.eclipse.jetty.io:7.4.2.v20110526]
at
org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:40)[47:org.eclipse.jetty.io:7.4.2.v20110526]
at
org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:529)[46:org.eclipse.jetty.util:7.4.2.v20110526]
at java.lang.Thread.run(Thread.java:680)[:1.6.0_26]
Any easy way to get around this?
thanks in advance,
Gareth
--
View this message in context: http://karaf.922171.n3.nabble.com/Mixing-Jetty-Security-and-Spring-Security-In-Karaf-tp3202093p3202093.html
Sent from the Karaf - User mailing list archive at Nabble.com.
Re: Mixing Jetty Security and Spring Security In Karaf
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
Hi Gareth,
and thanks for raising the Jira, we will take a look ASAP.
Regards
JB
On 07/27/2011 09:20 PM, Gareth wrote:
> Karaf issue added (attached the war and the eclipse project):
>
> https://issues.apache.org/jira/browse/KARAF-785
>
> thanks,
> Gareth
>
> --
> View this message in context: http://karaf.922171.n3.nabble.com/Mixing-Jetty-Security-and-Spring-Security-In-Karaf-tp3202093p3204545.html
> Sent from the Karaf - User mailing list archive at Nabble.com.
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com
Re: Mixing Jetty Security and Spring Security In Karaf
Posted by Gareth <ga...@gmail.com>.
Karaf issue added (attached the war and the eclipse project):
https://issues.apache.org/jira/browse/KARAF-785
thanks,
Gareth
--
View this message in context: http://karaf.922171.n3.nabble.com/Mixing-Jetty-Security-and-Spring-Security-In-Karaf-tp3202093p3204545.html
Sent from the Karaf - User mailing list archive at Nabble.com.
Re: Mixing Jetty Security and Spring Security In Karaf
Posted by Achim Nierbeck <bc...@googlemail.com>.
Hi Gareth,
yeah it's sufficient to just send me the sources for the war I can do
a pax exam test :-)
Oh, and yes the reproduction instructions would really help.
If you just want to open a karaf issue it's fine with me I'm going to
open a issue for pax web then.
regards, Achim
2011/7/27 Gareth <ga...@gmail.com>:
> Is this a test case created using Pax Exam (I haven't played with that
> yet :)) Would it be OK, if I just sent the created war, my source (my
> Eclipse project), and instructions on what to do to reproduce?
>
> Just confirming - I should create an issue BOTH in Pax and in Karaf?
>
> thanks in advance,
> Gareth
>
> On Wed, Jul 27, 2011 at 3:15 AM, Achim Nierbeck [via Karaf]
> <ml...@n3.nabble.com> wrote:
>> Oh, and could you please provide a testcase so I can test this feature?
>> It would really be great if this could also be used as a iTest for pax web
>> :-)
>>
>> thanx, Achim
>>
>> 2011/7/27 Achim Nierbeck <[hidden email]>:
>>> Hi Gareth,
>>>
>>> this is probably more Pax-Web related I guess I have to see into this.
>>> Could you please open an issue on Karaf and Pax Web so I can keep
>>> track on this :-)
>>>
>>> thanx, Achim
>>>
>>> 2011/7/27 Gareth <[hidden email]>:
>>>> Hello,
>>>>
>>>> I started playing with Spring Security in a wab I installed to Karaf. I
>>>> got
>>>> it working (with some kludges -> I currently need to include all the
>>>> spring
>>>> and spring-security jars in my war for spring to see the spring security
>>>> namespace) which is great.
>>>>
>>>> I did see some weird behavior though. Once I login, and a session is
>>>> created, subsequent requests to the same web application are intercepted
>>>> by
>>>> the jetty security (which is used by the karaf console). My web
>>>> application
>>>> still works, but jetty complains my spring security user doesn't exist
>>>> (as
>>>> only spring security, not jetty, knows about this user):
>>>>
>>>> 21:23:23,606 | WARN | 37-65 - /sst/sst | log
>>>> |
>>>> .eclipse.jetty.util.log.Slf4jLog 50 | 46 - org.eclipse.jetty.util -
>>>> 7.4.2.v20110526 | EXCEPTION
>>>> javax.security.auth.login.FailedLoginException: User rod does not exist
>>>> at
>>>>
>>>> org.apache.karaf.jaas.modules.properties.PropertiesLoginModule.login(PropertiesLoginModule.java:98)
>>>> at
>>>>
>>>> org.apache.karaf.jaas.boot.ProxyLoginModule.login(ProxyLoginModule.java:83)[karaf-jaas-boot.jar:]
>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
>>>> Method)[:1.6.0_26]
>>>> at
>>>>
>>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[:1.6.0_26]
>>>> at
>>>>
>>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0_26]
>>>> at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0_26]
>>>> at
>>>>
>>>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)[:1.6.0_26]
>>>> at
>>>>
>>>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)[:1.6.0_26]
>>>> at
>>>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>>>> at java.security.AccessController.doPrivileged(Native
>>>> Method)[:1.6.0_26]
>>>> at
>>>>
>>>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)[:1.6.0_26]
>>>> at
>>>>
>>>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)[:1.6.0_26]
>>>> at
>>>>
>>>> org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:203)[59:org.eclipse.jetty.plus:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:77)[53:org.eclipse.jetty.security:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.security.authentication.DeferredAuthentication.authenticate(DeferredAuthentication.java:100)[53:org.eclipse.jetty.security:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.server.Request.getAuthType(Request.java:353)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>>> at
>>>>
>>>> javax.servlet.http.HttpServletRequestWrapper.getAuthType(HttpServletRequestWrapper.java:59)[43:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
>>>> at
>>>>
>>>> javax.servlet.http.HttpServletRequestWrapper.getAuthType(HttpServletRequestWrapper.java:59)[43:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
>>>> at
>>>>
>>>> com.antennasoftware.sst.SSTServlet.service(SSTServlet.java:36)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:806)[43:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
>>>> at
>>>>
>>>> org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:538)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1352)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:368)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:169)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)[688:com.antennasoftware.spring-security-test:1.0.0]
>>>> at
>>>>
>>>> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.ops4j.pax.web.service.internal.WelcomeFilesFilter.doFilter(WelcomeFilesFilter.java:169)[62:org.ops4j.pax.web.pax-web-runtime:1.0.4]
>>>> at
>>>>
>>>> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:476)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:70)[63:org.ops4j.pax.web.pax-web-jetty:1.0.4]
>>>> at
>>>>
>>>> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:480)[53:org.eclipse.jetty.security:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:225)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:937)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:116)[63:org.ops4j.pax.web.pax-web-jetty:1.0.4]
>>>> at
>>>>
>>>> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:406)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:183)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:871)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:72)[63:org.ops4j.pax.web.pax-web-jetty:1.0.4]
>>>> at
>>>>
>>>> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.server.Server.handle(Server.java:342)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:589)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:1048)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:601)[48:org.eclipse.jetty.http:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:214)[48:org.eclipse.jetty.http:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:411)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:535)[47:org.eclipse.jetty.io:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:40)[47:org.eclipse.jetty.io:7.4.2.v20110526]
>>>> at
>>>>
>>>> org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:529)[46:org.eclipse.jetty.util:7.4.2.v20110526]
>>>> at java.lang.Thread.run(Thread.java:680)[:1.6.0_26]
>>>>
>>>> Any easy way to get around this?
>>>>
>>>> thanks in advance,
>>>> Gareth
>>>>
>>>>
>>>> --
>>>> View this message in context:
>>>> http://karaf.922171.n3.nabble.com/Mixing-Jetty-Security-and-Spring-Security-In-Karaf-tp3202093p3202093.html
>>>> Sent from the Karaf - User mailing list archive at Nabble.com.
>>>>
>>>
>>>
>>>
>>> --
>>> --
>>> *Achim Nierbeck*
>>>
>>>
>>> Apache Karaf <http://karaf.apache.org/> Committer & PMC
>>> OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/>
>>> Committer & Project Lead
>>> blog <http://notizblog.nierbeck.de/>
>>>
>>
>>
>> --
>> --
>> *Achim Nierbeck*
>>
>>
>> Apache Karaf <http://karaf.apache.org/> Committer & PMC
>> OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/>
>> Committer & Project Lead
>> blog <http://notizblog.nierbeck.de/>
>>
>>
>> ________________________________
>> If you reply to this email, your message will be added to the discussion
>> below:
>> http://karaf.922171.n3.nabble.com/Mixing-Jetty-Security-and-Spring-Security-In-Karaf-tp3202093p3202709.html
>> To unsubscribe from Mixing Jetty Security and Spring Security In Karaf,
>> click here.
>
>
> --
> View this message in context: http://karaf.922171.n3.nabble.com/Mixing-Jetty-Security-and-Spring-Security-In-Karaf-tp3202093p3203756.html
> Sent from the Karaf - User mailing list archive at Nabble.com.
>
--
--
*Achim Nierbeck*
Apache Karaf <http://karaf.apache.org/> Committer & PMC
OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/>
Committer & Project Lead
blog <http://notizblog.nierbeck.de/>
Re: Mixing Jetty Security and Spring Security In Karaf
Posted by Gareth <ga...@gmail.com>.
Is this a test case created using Pax Exam (I haven't played with that
yet :)) Would it be OK, if I just sent the created war, my source (my
Eclipse project), and instructions on what to do to reproduce?
Just confirming - I should create an issue BOTH in Pax and in Karaf?
thanks in advance,
Gareth
On Wed, Jul 27, 2011 at 3:15 AM, Achim Nierbeck [via Karaf]
<ml...@n3.nabble.com> wrote:
> Oh, and could you please provide a testcase so I can test this feature?
> It would really be great if this could also be used as a iTest for pax web
> :-)
>
> thanx, Achim
>
> 2011/7/27 Achim Nierbeck <[hidden email]>:
>> Hi Gareth,
>>
>> this is probably more Pax-Web related I guess I have to see into this.
>> Could you please open an issue on Karaf and Pax Web so I can keep
>> track on this :-)
>>
>> thanx, Achim
>>
>> 2011/7/27 Gareth <[hidden email]>:
>>> Hello,
>>>
>>> I started playing with Spring Security in a wab I installed to Karaf. I
>>> got
>>> it working (with some kludges -> I currently need to include all the
>>> spring
>>> and spring-security jars in my war for spring to see the spring security
>>> namespace) which is great.
>>>
>>> I did see some weird behavior though. Once I login, and a session is
>>> created, subsequent requests to the same web application are intercepted
>>> by
>>> the jetty security (which is used by the karaf console). My web
>>> application
>>> still works, but jetty complains my spring security user doesn't exist
>>> (as
>>> only spring security, not jetty, knows about this user):
>>>
>>> 21:23:23,606 | WARN | 37-65 - /sst/sst | log
>>> |
>>> .eclipse.jetty.util.log.Slf4jLog 50 | 46 - org.eclipse.jetty.util -
>>> 7.4.2.v20110526 | EXCEPTION
>>> javax.security.auth.login.FailedLoginException: User rod does not exist
>>> at
>>>
>>> org.apache.karaf.jaas.modules.properties.PropertiesLoginModule.login(PropertiesLoginModule.java:98)
>>> at
>>>
>>> org.apache.karaf.jaas.boot.ProxyLoginModule.login(ProxyLoginModule.java:83)[karaf-jaas-boot.jar:]
>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
>>> Method)[:1.6.0_26]
>>> at
>>>
>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[:1.6.0_26]
>>> at
>>>
>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0_26]
>>> at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0_26]
>>> at
>>>
>>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)[:1.6.0_26]
>>> at
>>>
>>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)[:1.6.0_26]
>>> at
>>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>>> at java.security.AccessController.doPrivileged(Native
>>> Method)[:1.6.0_26]
>>> at
>>>
>>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)[:1.6.0_26]
>>> at
>>>
>>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)[:1.6.0_26]
>>> at
>>>
>>> org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:203)[59:org.eclipse.jetty.plus:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:77)[53:org.eclipse.jetty.security:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.security.authentication.DeferredAuthentication.authenticate(DeferredAuthentication.java:100)[53:org.eclipse.jetty.security:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.server.Request.getAuthType(Request.java:353)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>> at
>>>
>>> javax.servlet.http.HttpServletRequestWrapper.getAuthType(HttpServletRequestWrapper.java:59)[43:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
>>> at
>>>
>>> javax.servlet.http.HttpServletRequestWrapper.getAuthType(HttpServletRequestWrapper.java:59)[43:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
>>> at
>>>
>>> com.antennasoftware.sst.SSTServlet.service(SSTServlet.java:36)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:806)[43:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
>>> at
>>>
>>> org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:538)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1352)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
>>> at
>>>
>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:368)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:169)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)[688:com.antennasoftware.spring-security-test:1.0.0]
>>> at
>>>
>>> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
>>> at
>>>
>>> org.ops4j.pax.web.service.internal.WelcomeFilesFilter.doFilter(WelcomeFilesFilter.java:169)[62:org.ops4j.pax.web.pax-web-runtime:1.0.4]
>>> at
>>>
>>> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:476)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
>>> at
>>>
>>> org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:70)[63:org.ops4j.pax.web.pax-web-jetty:1.0.4]
>>> at
>>>
>>> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:480)[53:org.eclipse.jetty.security:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:225)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:937)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>> at
>>>
>>> org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:116)[63:org.ops4j.pax.web.pax-web-jetty:1.0.4]
>>> at
>>>
>>> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:406)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:183)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:871)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>> at
>>>
>>> org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:72)[63:org.ops4j.pax.web.pax-web-jetty:1.0.4]
>>> at
>>>
>>> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.server.Server.handle(Server.java:342)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:589)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:1048)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:601)[48:org.eclipse.jetty.http:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:214)[48:org.eclipse.jetty.http:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:411)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:535)[47:org.eclipse.jetty.io:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:40)[47:org.eclipse.jetty.io:7.4.2.v20110526]
>>> at
>>>
>>> org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:529)[46:org.eclipse.jetty.util:7.4.2.v20110526]
>>> at java.lang.Thread.run(Thread.java:680)[:1.6.0_26]
>>>
>>> Any easy way to get around this?
>>>
>>> thanks in advance,
>>> Gareth
>>>
>>>
>>> --
>>> View this message in context:
>>> http://karaf.922171.n3.nabble.com/Mixing-Jetty-Security-and-Spring-Security-In-Karaf-tp3202093p3202093.html
>>> Sent from the Karaf - User mailing list archive at Nabble.com.
>>>
>>
>>
>>
>> --
>> --
>> *Achim Nierbeck*
>>
>>
>> Apache Karaf <http://karaf.apache.org/> Committer & PMC
>> OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/>
>> Committer & Project Lead
>> blog <http://notizblog.nierbeck.de/>
>>
>
>
> --
> --
> *Achim Nierbeck*
>
>
> Apache Karaf <http://karaf.apache.org/> Committer & PMC
> OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/>
> Committer & Project Lead
> blog <http://notizblog.nierbeck.de/>
>
>
> ________________________________
> If you reply to this email, your message will be added to the discussion
> below:
> http://karaf.922171.n3.nabble.com/Mixing-Jetty-Security-and-Spring-Security-In-Karaf-tp3202093p3202709.html
> To unsubscribe from Mixing Jetty Security and Spring Security In Karaf,
> click here.
--
View this message in context: http://karaf.922171.n3.nabble.com/Mixing-Jetty-Security-and-Spring-Security-In-Karaf-tp3202093p3203756.html
Sent from the Karaf - User mailing list archive at Nabble.com.
Re: Mixing Jetty Security and Spring Security In Karaf
Posted by Achim Nierbeck <bc...@googlemail.com>.
Oh, and could you please provide a testcase so I can test this feature?
It would really be great if this could also be used as a iTest for pax web :-)
thanx, Achim
2011/7/27 Achim Nierbeck <bc...@googlemail.com>:
> Hi Gareth,
>
> this is probably more Pax-Web related I guess I have to see into this.
> Could you please open an issue on Karaf and Pax Web so I can keep
> track on this :-)
>
> thanx, Achim
>
> 2011/7/27 Gareth <ga...@gmail.com>:
>> Hello,
>>
>> I started playing with Spring Security in a wab I installed to Karaf. I got
>> it working (with some kludges -> I currently need to include all the spring
>> and spring-security jars in my war for spring to see the spring security
>> namespace) which is great.
>>
>> I did see some weird behavior though. Once I login, and a session is
>> created, subsequent requests to the same web application are intercepted by
>> the jetty security (which is used by the karaf console). My web application
>> still works, but jetty complains my spring security user doesn't exist (as
>> only spring security, not jetty, knows about this user):
>>
>> 21:23:23,606 | WARN | 37-65 - /sst/sst | log |
>> .eclipse.jetty.util.log.Slf4jLog 50 | 46 - org.eclipse.jetty.util -
>> 7.4.2.v20110526 | EXCEPTION
>> javax.security.auth.login.FailedLoginException: User rod does not exist
>> at
>> org.apache.karaf.jaas.modules.properties.PropertiesLoginModule.login(PropertiesLoginModule.java:98)
>> at
>> org.apache.karaf.jaas.boot.ProxyLoginModule.login(ProxyLoginModule.java:83)[karaf-jaas-boot.jar:]
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.6.0_26]
>> at
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[:1.6.0_26]
>> at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0_26]
>> at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0_26]
>> at
>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)[:1.6.0_26]
>> at
>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)[:1.6.0_26]
>> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>> at java.security.AccessController.doPrivileged(Native Method)[:1.6.0_26]
>> at
>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)[:1.6.0_26]
>> at
>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)[:1.6.0_26]
>> at
>> org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:203)[59:org.eclipse.jetty.plus:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:77)[53:org.eclipse.jetty.security:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.security.authentication.DeferredAuthentication.authenticate(DeferredAuthentication.java:100)[53:org.eclipse.jetty.security:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.server.Request.getAuthType(Request.java:353)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>> at
>> javax.servlet.http.HttpServletRequestWrapper.getAuthType(HttpServletRequestWrapper.java:59)[43:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
>> at
>> javax.servlet.http.HttpServletRequestWrapper.getAuthType(HttpServletRequestWrapper.java:59)[43:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
>> at
>> com.antennasoftware.sst.SSTServlet.service(SSTServlet.java:36)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> javax.servlet.http.HttpServlet.service(HttpServlet.java:806)[43:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
>> at
>> org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:538)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1352)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:368)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:169)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)[688:com.antennasoftware.spring-security-test:1.0.0]
>> at
>> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
>> at
>> org.ops4j.pax.web.service.internal.WelcomeFilesFilter.doFilter(WelcomeFilesFilter.java:169)[62:org.ops4j.pax.web.pax-web-runtime:1.0.4]
>> at
>> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:476)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
>> at
>> org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:70)[63:org.ops4j.pax.web.pax-web-jetty:1.0.4]
>> at
>> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:480)[53:org.eclipse.jetty.security:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:225)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:937)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>> at
>> org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:116)[63:org.ops4j.pax.web.pax-web-jetty:1.0.4]
>> at
>> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:406)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:183)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:871)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>> at
>> org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:72)[63:org.ops4j.pax.web.pax-web-jetty:1.0.4]
>> at
>> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.server.Server.handle(Server.java:342)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:589)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:1048)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:601)[48:org.eclipse.jetty.http:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:214)[48:org.eclipse.jetty.http:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:411)[52:org.eclipse.jetty.server:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:535)[47:org.eclipse.jetty.io:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:40)[47:org.eclipse.jetty.io:7.4.2.v20110526]
>> at
>> org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:529)[46:org.eclipse.jetty.util:7.4.2.v20110526]
>> at java.lang.Thread.run(Thread.java:680)[:1.6.0_26]
>>
>> Any easy way to get around this?
>>
>> thanks in advance,
>> Gareth
>>
>>
>> --
>> View this message in context: http://karaf.922171.n3.nabble.com/Mixing-Jetty-Security-and-Spring-Security-In-Karaf-tp3202093p3202093.html
>> Sent from the Karaf - User mailing list archive at Nabble.com.
>>
>
>
>
> --
> --
> *Achim Nierbeck*
>
>
> Apache Karaf <http://karaf.apache.org/> Committer & PMC
> OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/>
> Committer & Project Lead
> blog <http://notizblog.nierbeck.de/>
>
--
--
*Achim Nierbeck*
Apache Karaf <http://karaf.apache.org/> Committer & PMC
OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/>
Committer & Project Lead
blog <http://notizblog.nierbeck.de/>
Re: Mixing Jetty Security and Spring Security In Karaf
Posted by Achim Nierbeck <bc...@googlemail.com>.
Hi Gareth,
this is probably more Pax-Web related I guess I have to see into this.
Could you please open an issue on Karaf and Pax Web so I can keep
track on this :-)
thanx, Achim
2011/7/27 Gareth <ga...@gmail.com>:
> Hello,
>
> I started playing with Spring Security in a wab I installed to Karaf. I got
> it working (with some kludges -> I currently need to include all the spring
> and spring-security jars in my war for spring to see the spring security
> namespace) which is great.
>
> I did see some weird behavior though. Once I login, and a session is
> created, subsequent requests to the same web application are intercepted by
> the jetty security (which is used by the karaf console). My web application
> still works, but jetty complains my spring security user doesn't exist (as
> only spring security, not jetty, knows about this user):
>
> 21:23:23,606 | WARN | 37-65 - /sst/sst | log |
> .eclipse.jetty.util.log.Slf4jLog 50 | 46 - org.eclipse.jetty.util -
> 7.4.2.v20110526 | EXCEPTION
> javax.security.auth.login.FailedLoginException: User rod does not exist
> at
> org.apache.karaf.jaas.modules.properties.PropertiesLoginModule.login(PropertiesLoginModule.java:98)
> at
> org.apache.karaf.jaas.boot.ProxyLoginModule.login(ProxyLoginModule.java:83)[karaf-jaas-boot.jar:]
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.6.0_26]
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[:1.6.0_26]
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0_26]
> at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0_26]
> at
> javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)[:1.6.0_26]
> at
> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)[:1.6.0_26]
> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
> at java.security.AccessController.doPrivileged(Native Method)[:1.6.0_26]
> at
> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)[:1.6.0_26]
> at
> javax.security.auth.login.LoginContext.login(LoginContext.java:579)[:1.6.0_26]
> at
> org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:203)[59:org.eclipse.jetty.plus:7.4.2.v20110526]
> at
> org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:77)[53:org.eclipse.jetty.security:7.4.2.v20110526]
> at
> org.eclipse.jetty.security.authentication.DeferredAuthentication.authenticate(DeferredAuthentication.java:100)[53:org.eclipse.jetty.security:7.4.2.v20110526]
> at
> org.eclipse.jetty.server.Request.getAuthType(Request.java:353)[52:org.eclipse.jetty.server:7.4.2.v20110526]
> at
> javax.servlet.http.HttpServletRequestWrapper.getAuthType(HttpServletRequestWrapper.java:59)[43:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
> at
> javax.servlet.http.HttpServletRequestWrapper.getAuthType(HttpServletRequestWrapper.java:59)[43:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
> at
> com.antennasoftware.sst.SSTServlet.service(SSTServlet.java:36)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> javax.servlet.http.HttpServlet.service(HttpServlet.java:806)[43:org.apache.geronimo.specs.geronimo-servlet_2.5_spec:1.1.2]
> at
> org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:538)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1352)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:368)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:169)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)[688:com.antennasoftware.spring-security-test:1.0.0]
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
> at
> org.ops4j.pax.web.service.internal.WelcomeFilesFilter.doFilter(WelcomeFilesFilter.java:169)[62:org.ops4j.pax.web.pax-web-runtime:1.0.4]
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
> at
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:476)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
> at
> org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:70)[63:org.ops4j.pax.web.pax-web-jetty:1.0.4]
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119)[52:org.eclipse.jetty.server:7.4.2.v20110526]
> at
> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:480)[53:org.eclipse.jetty.security:7.4.2.v20110526]
> at
> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:225)[52:org.eclipse.jetty.server:7.4.2.v20110526]
> at
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:937)[52:org.eclipse.jetty.server:7.4.2.v20110526]
> at
> org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:116)[63:org.ops4j.pax.web.pax-web-jetty:1.0.4]
> at
> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:406)[54:org.eclipse.jetty.servlet:7.4.2.v20110526]
> at
> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:183)[52:org.eclipse.jetty.server:7.4.2.v20110526]
> at
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:871)[52:org.eclipse.jetty.server:7.4.2.v20110526]
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)[52:org.eclipse.jetty.server:7.4.2.v20110526]
> at
> org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:72)[63:org.ops4j.pax.web.pax-web-jetty:1.0.4]
> at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)[52:org.eclipse.jetty.server:7.4.2.v20110526]
> at
> org.eclipse.jetty.server.Server.handle(Server.java:342)[52:org.eclipse.jetty.server:7.4.2.v20110526]
> at
> org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:589)[52:org.eclipse.jetty.server:7.4.2.v20110526]
> at
> org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:1048)[52:org.eclipse.jetty.server:7.4.2.v20110526]
> at
> org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:601)[48:org.eclipse.jetty.http:7.4.2.v20110526]
> at
> org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:214)[48:org.eclipse.jetty.http:7.4.2.v20110526]
> at
> org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:411)[52:org.eclipse.jetty.server:7.4.2.v20110526]
> at
> org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:535)[47:org.eclipse.jetty.io:7.4.2.v20110526]
> at
> org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:40)[47:org.eclipse.jetty.io:7.4.2.v20110526]
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:529)[46:org.eclipse.jetty.util:7.4.2.v20110526]
> at java.lang.Thread.run(Thread.java:680)[:1.6.0_26]
>
> Any easy way to get around this?
>
> thanks in advance,
> Gareth
>
>
> --
> View this message in context: http://karaf.922171.n3.nabble.com/Mixing-Jetty-Security-and-Spring-Security-In-Karaf-tp3202093p3202093.html
> Sent from the Karaf - User mailing list archive at Nabble.com.
>
--
--
*Achim Nierbeck*
Apache Karaf <http://karaf.apache.org/> Committer & PMC
OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/>
Committer & Project Lead
blog <http://notizblog.nierbeck.de/>