You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@camel.apache.org by "Charles Moulliard (JIRA)" <ji...@apache.org> on 2013/01/10 18:36:15 UTC
[jira] [Updated] (CAMEL-5952) Even if we retrieve a
javax.security.auth.Subject from Exchange message, the authentication fails
[ https://issues.apache.org/jira/browse/CAMEL-5952?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Charles Moulliard updated CAMEL-5952:
-------------------------------------
Attachment: Screen Shot 2013-01-10 at 18.20.48.png
> Even if we retrieve a javax.security.auth.Subject from Exchange message, the authentication fails
> -------------------------------------------------------------------------------------------------
>
> Key: CAMEL-5952
> URL: https://issues.apache.org/jira/browse/CAMEL-5952
> Project: Camel
> Issue Type: Bug
> Affects Versions: 2.11.0
> Environment: camel-spring-security
> Reporter: Charles Moulliard
> Attachments: Screen Shot 2013-01-10 at 18.20.48.png
>
>
> When we would like to authenticate a user using camel-spring-security & camel-cxf, we get the following message even if we have been able to retrieve a Subject from CamelExchange (see screenshot).
> {code}
> Class SpringSecurityPolicyAutorization
> ...
> protected Authentication getAuthentication(Message message) {
> Subject subject = message.getHeader(Exchange.AUTHENTICATION, Subject.class); // NOT NULL - SEE SCREENSHOT
> Authentication answer = null;
> if (subject != null) {
> answer = getAuthenticationAdapter().toAuthentication(subject);
> }
>
> // ANSWER IS NULL as the following code return null in DefaultAuthenticationAdapter
> public Authentication toAuthentication(Subject subject) {
> if (subject == null || subject.getPrincipals().size() == 0) {
> return null;
> }
> Set<Authentication> authentications = subject.getPrincipals(Authentication.class);
>
> // IN OUR CASE, the Set size is equal to zero
> if (authentications.size() > 0) {
> // just return the first one
> return authentications.iterator().next();
> } else {
> return convertToAuthentication(subject);
> }
> }
> /**
> * You can add the customer convert code here
> */
> protected Authentication convertToAuthentication(Subject subject) {
> return null;
> }
> {code}
> Camel Route Config
> {code}
> <?xml version="1.0" encoding="UTF-8"?>
> <beans xmlns="http://www.springframework.org/schema/beans"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:cxf="http://camel.apache.org/schema/cxf"
> xmlns:spring-security="http://www.springframework.org/schema/security"
> xsi:schemaLocation="
> http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans.xsd
> http://www.springframework.org/schema/security
> http://www.springframework.org/schema/security/spring-security.xsd
> http://camel.apache.org/schema/spring
> http://camel.apache.org/schema/spring/camel-spring.xsd
> http://camel.apache.org/schema/spring-security
> http://camel.apache.org/schema/spring-security/camel-spring-security.xsd
> http://camel.apache.org/schema/cxf
> http://camel.apache.org/schema/cxf/camel-cxf.xsd">
> <bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
> <property name="allowIfAllAbstainDecisions" value="true"/>
> <property name="decisionVoters">
> <list>
> <bean class="org.springframework.security.access.vote.RoleVoter"/>
> </list>
> </property>
> </bean>
> <spring-security:authentication-manager alias="authenticationManager">
> <spring-security:authentication-provider user-service-ref="userDetailsService"/>
> </spring-security:authentication-manager>
> <spring-security:user-service id="userDetailsService">
> <spring-security:user name="jim" password="jimspassword" authorities="ROLE_USER, ROLE_ADMIN"/>
> <spring-security:user name="charles" password="charlespassword" authorities="ROLE_USER, ROLE_ADMIN"/>
> <spring-security:user name="bob" password="bobspassword" authorities="ROLE_USER"/>
> </spring-security:user-service>
> <authorizationPolicy id="admin" access="ROLE_ADMIN"
> authenticationManager="authenticationManager"
> accessDecisionManager="accessDecisionManager"
> xmlns="http://camel.apache.org/schema/spring-security"/>
> <cxf:cxfEndpoint id="WS"
> address="http://localhost:9090/training/WebService"
> serviceClass="com.fusesource.training.CustomerService">
> <cxf:outInterceptors>
> <ref bean="loggingOutInterceptor"/>
> </cxf:outInterceptors>
> <cxf:inInterceptors>
> <ref bean="loggingInInterceptor"/>
> <ref bean="wss4jInInterceptor"/>
> </cxf:inInterceptors>
> </cxf:cxfEndpoint>
> <bean id="loggingOutInterceptor" class="org.apache.cxf.interceptor.LoggingOutInterceptor"/>
> <bean id="loggingInInterceptor" class="org.apache.cxf.interceptor.LoggingInInterceptor"/>
> <bean id="wss4jInInterceptor" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
> <constructor-arg>
> <map>
> <entry key="action" value="UsernameToken Timestamp"/>
> <entry key="passwordType" value="PasswordDigest"/>
> <entry key="passwordCallbackClass" value="com.fusesource.training.camel.UTPasswordCallback"/>
> </map>
> </constructor-arg>
> </bean>
> <camelContext trace="false" xmlns="http://camel.apache.org/schema/spring">
> <route id="cxf-to-client">
> <from uri="cxf:bean:WS"/>
> <policy ref="admin">
> <log message=">>> SOAP Action : ${in.header.SOAPAction}"/>
> </policy>
> </route>
> </camelContext>
> </beans>
> {code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira