You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@camel.apache.org by long <lo...@med.umich.edu> on 2014/07/23 17:31:11 UTC

How to create a ldap restletRealm to manage restlet route authentication using LDAP

I have a Camel application which using camel-restlet for web service calls. 
now I want to add ldap authentication for restlet calls.  tried couple of
options with camel-restlet realm,  LdapVerifier using
ChallengeAuthenticator.  can not make it work!  need help?  Thanks

I am able to add LDAP authentication to restlet by using LDAP SecretVerifer. 
but if the restlet call is wrapped by Camel route (using
org.apache.camel.component.restlet.MethodBasedRoute). The SecretVerifer did
not triggered.

Here are some codes and config:
web.xml:

    <servlet>
      <servlet-name>RestletServlet</servlet-name>
     
<servlet-class>org.restlet.ext.spring.SpringServerServlet</servlet-class>
      <init-param>
        <param-name>org.restlet.component</param-name>
        <param-value>RestletComponent</param-value>
      </init-param>
  	</servlet>
    <servlet-mapping>
      <servlet-name>RestletServlet</servlet-name>
      <url-pattern>/*</url-pattern>
    </servlet-mapping>

CamelContext.xml

    <bean id="RestletComponent" class="org.restlet.Component">
        <property name="defaultHost" ref="defaultHost" />
    </bean>
    
    <bean id="challengeAuthenticator"
class="org.restlet.security.ChallengeAuthenticator">
        <constructor-arg><null /></constructor-arg>
        
        <constructor-arg value="#{
T(org.restlet.data.ChallengeScheme).HTTP_BASIC }" />
        <constructor-arg value="restletRealm" />
        <property name="verifier" ref="ldapVerifer" />
         <property name="next" ref="application" /> 
    </bean>
    
    <bean id="defaultHost" class="org.restlet.ext.spring.SpringHost">
        <constructor-arg ref="RestletComponent" />
        <property name="defaultAttachment" ref="challengeAuthenticator" />
    </bean>
    
    
    <bean id="application" class="org.restlet.Application">
        
        <property name="inboundRoot" ref="router" />
    </bean>


    
    <bean id="router" class="org.restlet.ext.spring.SpringRouter">
        <property name="attachments">
            <map>
                <entry key="/user/{name}">
	                 <bean class="org.restlet.ext.spring.SpringFinder">
	                    <lookup-method name="create" bean="userServerResource"
/>
	                </bean>
                </entry>
            </map>
        </property>
    </bean>

    <bean id="RestletComponentService" 
class="org.apache.camel.component.restlet.RestletComponent">
    <constructor-arg ref="RestletComponent" />
    </bean>

LdapVerifer.java

    @Service(value="ldapVerifer")
    public class LdapVerifer extends SecretVerifier {

	@Autowired
	private AuthenticationManager authenticationManager;
	
	private static final Logger logger = LoggerFactory
			.getLogger(LdapVerifer.class);
	
	@Override
	public int verify(String userName, char[] password) 
	{
		
		logger.debug("Start authenticating login user : " + userName);
		long startTime = System.currentTimeMillis();
		
		StringBuffer pd = new StringBuffer();
	
		for(int i = 0; i < password.length; i++){
		    pd.append(password[i]);
		}
		try {
	        Authentication authenticate =
authenticationManager.authenticate(new   
UsernamePasswordAuthenticationToken(userName, pd.toString()));
	        if (authenticate.isAuthenticated()) 
	        {
	           
SecurityContextHolder.getContext().setAuthentication(authenticate);
	            long endTime = System.currentTimeMillis();
	   		 	logger.debug ("Authentication for login user " + userName + "
succeed. the    process time is: "  + (endTime - startTime) + "
milliseconds");
	   		 	return RESULT_VALID;
	        }
	    }
	    catch (AuthenticationException e) 
	    {
	    	logger.error("Failed to authenticate login user: " + userName, e);
	    }
		return RESULT_VALID;
    }


Here is the output for restlet routings:

    Jul 23, 2014 10:05:44 AM org.apache.catalina.core.ApplicationContext log
    INFO: RestletServlet: [Restlet] Attaching restlet:     
org.restlet.security.ChallengeAuthenticator@1ee53046 to URI: /medbus
    Jul 23, 2014 10:05:44 AM org.apache.catalina.core.ApplicationContext log
    INFO: RestletServlet: [Restlet] Attaching restlet: 
org.apache.camel.component.restlet.MethodBasedRouter@6f52bffd to URI:
/medbus/wf/query/{id}/{includeResult}
    Jul 23, 2014 10:05:44 AM org.apache.catalina.core.ApplicationContext log
    INFO: RestletServlet: [Restlet] Attaching restlet:
org.apache.camel.component.restlet.MethodBasedRouter@681b8815 to URI:
/medbus/wf/query
    Jul 23, 2014 10:05:44 AM org.apache.catalina.core.ApplicationContext log
    INFO: RestletServlet: [Restlet] Attaching restlet:
org.apache.camel.component.restlet.MethodBasedRouter@34717fcf to URI:
/medbus/wf/reprocess/{id}


if you access URI not in camel routes,  the Ldap authentication was kicked
in,  but if you access the URI in the camel routes.  ldap authentication was
not triggered at all .
for example,  if you call /medbus/user/name, it works fine, but if you
call/medbus/wf/query,  no authentication.  

Thanks in advance!



--
View this message in context: http://camel.465427.n5.nabble.com/How-to-create-a-ldap-restletRealm-to-manage-restlet-route-authentication-using-LDAP-tp5754308.html
Sent from the Camel - Users mailing list archive at Nabble.com.