You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@camel.apache.org by punisher <pu...@hotmail.it> on 2011/06/13 18:04:51 UTC
Camel-Jetty JAAS Ldap
Hi,
I'm using camel-jetty to run a server using a camel route
I need to add an ldap authentication (ApacheDS) to access to the service
I've something like this:
<from uri="jetty:http://0.0.0.0:7080/myservice?handlers=securityHandler"/>
in my spring application context I have:
<bean id="loginService"
class="org.eclipse.jetty.plus.jaas.JAASLoginService">
<property name="name" value="ldap"/>
<property name="loginModuleName" value="ldaploginmodule"/>
<property name="roleClassNames">
<list>
<value>org.apache.karaf.jaas.modules.RolePrincipal</value>
</list>
</property>
<property name="identityService" ref="identityService" />
</bean>
<bean id="identityService"
class="org.eclipse.jetty.security.DefaultIdentityService" />
<bean id="constraint"
class="org.eclipse.jetty.http.security.Constraint">
<property name="name" value="BASIC"/>
<property name="roles" value="system"/>
<property name="authenticate" value="true"/>
</bean>
<bean id="constraintMapping"
class="org.eclipse.jetty.security.ConstraintMapping">
<property name="constraint" ref="constraint"/>
<property name="pathSpec" value="/*"/>
</bean>
<bean id="securityHandler"
class="org.eclipse.jetty.security.ConstraintSecurityHandler">
<property name="authenticator">
<bean
class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
</property>
<property name="constraintMappings">
<list>
<ref bean="constraintMapping"/>
</list>
</property>
<property name="loginService" ref="loginService"/>
<property name="strict" value="false"/>
</bean>
I used this vm argument (the absolute path is for a test... to be sure that
the path is correct):
-Djava.security.auth.login.config="C:/config/ldap-loginModule.conf"
and the .conf file contains:
ldaploginmodule {
org.eclipse.jetty.server.server.plus.jaas.spi.LdapLoginModule required
debug="true"
useLdaps="false"
contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
hostname="localhost"
port="10389"
bindDn="cn=Directory Manager"
bindPassword="directory"
authenticationMethod="simple"
forceBindingLogin="false"
userBaseDn="ou=xxx,dc=xxx,dc=xxx"
userRdnAttribute="uid"
userIdAttribute="uid"
userPasswordAttribute="userPassword"
userObjectClass="inetOrgPerson"
roleBaseDn="ou=xxx,dc=xxx,dc=xxx"
roleNameAttribute="cn"
roleMemberAttribute="uniqueMember"
roleObjectClass="groupOfUniqueNames";
};
When I try to open the page "myservice" I show the login form but when I
click on the Ok button my console shows this message:
WARN | EXCEPTION
javax.security.auth.login.LoginException: No LoginModule configured for
ldaploginmodule
at javax.security.auth.login.LoginContext.init(LoginContext.java:256)
at javax.security.auth.login.LoginContext.<init>(LoginContext.java:367)
at javax.security.auth.login.LoginContext.<init>(LoginContext.java:444)
at
org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:201)
at
org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:75)
at
org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:416)
at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:113)
at org.eclipse.jetty.server.Server.handle(Server.java:351)
at
org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:594)
at
org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:1042)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:549)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:211)
at org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:424)
at
org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:506)
at
org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:436)
at java.lang.Thread.run(Thread.java:619)
could you help me to solve the problem?
Thanks in advance,
--
View this message in context: http://camel.465427.n5.nabble.com/Camel-Jetty-JAAS-Ldap-tp4484886p4484886.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Camel-Jetty JAAS Ldap
Posted by punisher <pu...@hotmail.it>.
I'm not using Karaf
The problem was the parameter string
-Djavax.security.auth.login.config
and not
-Djava.security.auth.login.config
but now I have another error:
Caused by: java.io.IOException: Unable to locate a login configuration
at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:250)
at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:91)
... 80 more
--
View this message in context: http://camel.465427.n5.nabble.com/Camel-Jetty-JAAS-Ldap-tp4484886p4490538.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Camel-Jetty JAAS Ldap
Posted by Charles Moulliard <cm...@gmail.com>.
Hi,
LoginModuleName must be equal to --> ldap ans as you are deploying
your project on Karaf, the ldap realm must be defined as a blueprint
file that you can deploy in 'deploy' directory
1) Blueprint file
<?xml version="1.0" encoding="UTF-8"?>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:jaas="http://karaf.apache.org/xmlns/jaas/v1.0.0"
xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0">
<jaas:config name="ldap">
<!-- -->
<jaas:module
className="org.apache.karaf.jaas.modules.ldap.LDAPLoginModule"
flags="required">
initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory
connection.url=ldap://[127.0.0.1]:389
connection.username=cn=admin,dc=fusesource,dc=com
connection.password=secret
authentication=simple
user.base.dn=ou=user,ou=applications,dc=fusesource,dc=com
user.filter=(cn=%u)
user.search.subtree=true
role.base.dn=ou=group,ou=applications,dc=fusesource,dc=com
role.name.attribute=cn
role.filter=(member:=uid=%u)
role.search.subtree=true
</jaas:module>
</jaas:config>
</blueprint>
2) Camel secure endpoint
<bean id="loginService"
class="org.eclipse.jetty.plus.jaas.JAASLoginService">
<property name="name" value="ldap"/>
<property name="loginModuleName" value="ldap"/>
<property name="roleClassNames">
<list>
<value>org.apache.karaf.jaas.modules.RolePrincipal</value>
</list>
</property>
</bean>
<bean id="identityService"
class="org.eclipse.jetty.security.DefaultIdentityService"/>
<bean id="constraint" class="org.eclipse.jetty.http.security.Constraint">
<property name="name" value="BASIC"/>
<property name="roles" value="admin"/>
<property name="authenticate" value="true"/>
</bean>
<bean id="constraintMapping"
class="org.eclipse.jetty.security.ConstraintMapping">
<property name="constraint" ref="constraint"/>
<property name="pathSpec" value="/*"/>
</bean>
<bean id="securityHandler"
class="org.eclipse.jetty.security.ConstraintSecurityHandler">
<property name="authenticator">
<bean
class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
</property>
<property name="constraintMappings">
<list>
<ref bean="constraintMapping"/>
</list>
</property>
<property name="loginService" ref="loginService"/>
<property name="strict" value="false"/>
<property name="identityService" ref="identityService"/>
</bean>
<camelContext trace="true" xmlns="http://camel.apache.org/schema/spring">
<route>
<from
uri="jetty:http://0.0.0.0:8282/services?handlers=securityHandler&matchOnUriPrefix=true"/>
Regards,
Charles Moulliard
Apache Committer
Blog : http://cmoulliard.blogspot.com
Twitter : http://twitter.com/cmoulliard
Linkedin : http://www.linkedin.com/in/charlesmoulliard
Skype: cmoulliard
On Tue, Jun 14, 2011 at 5:21 AM, Willem Jiang <wi...@gmail.com> wrote:
> Hi,
>
> It looks like the camel application have trouble to load the configure file.
> Can you double check the configure file?
>
> Willem
>
> On 6/14/11 12:04 AM, punisher wrote:
>>
>> Hi,
>>
>> I'm using camel-jetty to run a server using a camel route
>> I need to add an ldap authentication (ApacheDS) to access to the service
>>
>> I've something like this:
>> <from
>> uri="jetty:http://0.0.0.0:7080/myservice?handlers=securityHandler"/>
>>
>>
>> in my spring application context I have:
>>
>>
>> <bean id="loginService"
>> class="org.eclipse.jetty.plus.jaas.JAASLoginService">
>> <property name="name" value="ldap"/>
>> <property name="loginModuleName" value="ldaploginmodule"/>
>> <property name="roleClassNames">
>> <list>
>> <value>org.apache.karaf.jaas.modules.RolePrincipal</value>
>> </list>
>> </property>
>> <property name="identityService" ref="identityService" />
>> </bean>
>>
>>
>> <bean id="identityService"
>> class="org.eclipse.jetty.security.DefaultIdentityService" />
>>
>> <bean id="constraint"
>> class="org.eclipse.jetty.http.security.Constraint">
>> <property name="name" value="BASIC"/>
>> <property name="roles" value="system"/>
>> <property name="authenticate" value="true"/>
>> </bean>
>>
>> <bean id="constraintMapping"
>> class="org.eclipse.jetty.security.ConstraintMapping">
>> <property name="constraint" ref="constraint"/>
>> <property name="pathSpec" value="/*"/>
>> </bean>
>>
>> <bean id="securityHandler"
>> class="org.eclipse.jetty.security.ConstraintSecurityHandler">
>> <property name="authenticator">
>> <bean
>> class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
>> </property>
>> <property name="constraintMappings">
>> <list>
>> <ref bean="constraintMapping"/>
>> </list>
>> </property>
>> <property name="loginService" ref="loginService"/>
>> <property name="strict" value="false"/>
>> </bean>
>>
>>
>>
>>
>> I used this vm argument (the absolute path is for a test... to be sure
>> that
>> the path is correct):
>> -Djava.security.auth.login.config="C:/config/ldap-loginModule.conf"
>>
>> and the .conf file contains:
>>
>> ldaploginmodule {
>> org.eclipse.jetty.server.server.plus.jaas.spi.LdapLoginModule required
>> debug="true"
>> useLdaps="false"
>> contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
>> hostname="localhost"
>> port="10389"
>> bindDn="cn=Directory Manager"
>> bindPassword="directory"
>> authenticationMethod="simple"
>> forceBindingLogin="false"
>> userBaseDn="ou=xxx,dc=xxx,dc=xxx"
>> userRdnAttribute="uid"
>> userIdAttribute="uid"
>> userPasswordAttribute="userPassword"
>> userObjectClass="inetOrgPerson"
>> roleBaseDn="ou=xxx,dc=xxx,dc=xxx"
>> roleNameAttribute="cn"
>> roleMemberAttribute="uniqueMember"
>> roleObjectClass="groupOfUniqueNames";
>> };
>>
>>
>> When I try to open the page "myservice" I show the login form but when I
>> click on the Ok button my console shows this message:
>>
>>
>> WARN | EXCEPTION
>> javax.security.auth.login.LoginException: No LoginModule configured for
>> ldaploginmodule
>> at
>> javax.security.auth.login.LoginContext.init(LoginContext.java:256)
>> at
>> javax.security.auth.login.LoginContext.<init>(LoginContext.java:367)
>> at
>> javax.security.auth.login.LoginContext.<init>(LoginContext.java:444)
>> at
>>
>> org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:201)
>> at
>>
>> org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:75)
>> at
>>
>> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:416)
>> at
>>
>> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:113)
>> at org.eclipse.jetty.server.Server.handle(Server.java:351)
>> at
>>
>> org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:594)
>> at
>>
>> org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:1042)
>> at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:549)
>> at
>> org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:211)
>> at
>> org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:424)
>> at
>>
>> org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:506)
>> at
>>
>> org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:436)
>> at java.lang.Thread.run(Thread.java:619)
>>
>>
>>
>> could you help me to solve the problem?
>>
>> Thanks in advance,
>>
>>
>>
>> --
>> View this message in context:
>> http://camel.465427.n5.nabble.com/Camel-Jetty-JAAS-Ldap-tp4484886p4484886.html
>> Sent from the Camel - Users mailing list archive at Nabble.com.
>>
>
>
> --
> Willem
> ----------------------------------
> FuseSource
> Web: http://www.fusesource.com
> Blog: http://willemjiang.blogspot.com (English)
> http://jnn.javaeye.com (Chinese)
> Twitter: willemjiang
> Weibo: willemjiang
>
Re: Camel-Jetty JAAS Ldap
Posted by Willem Jiang <wi...@gmail.com>.
Hi,
It looks like the camel application have trouble to load the configure file.
Can you double check the configure file?
Willem
On 6/14/11 12:04 AM, punisher wrote:
> Hi,
>
> I'm using camel-jetty to run a server using a camel route
> I need to add an ldap authentication (ApacheDS) to access to the service
>
> I've something like this:
> <from uri="jetty:http://0.0.0.0:7080/myservice?handlers=securityHandler"/>
>
>
> in my spring application context I have:
>
>
> <bean id="loginService"
> class="org.eclipse.jetty.plus.jaas.JAASLoginService">
> <property name="name" value="ldap"/>
> <property name="loginModuleName" value="ldaploginmodule"/>
> <property name="roleClassNames">
> <list>
> <value>org.apache.karaf.jaas.modules.RolePrincipal</value>
> </list>
> </property>
> <property name="identityService" ref="identityService" />
> </bean>
>
>
> <bean id="identityService"
> class="org.eclipse.jetty.security.DefaultIdentityService" />
>
> <bean id="constraint"
> class="org.eclipse.jetty.http.security.Constraint">
> <property name="name" value="BASIC"/>
> <property name="roles" value="system"/>
> <property name="authenticate" value="true"/>
> </bean>
>
> <bean id="constraintMapping"
> class="org.eclipse.jetty.security.ConstraintMapping">
> <property name="constraint" ref="constraint"/>
> <property name="pathSpec" value="/*"/>
> </bean>
>
> <bean id="securityHandler"
> class="org.eclipse.jetty.security.ConstraintSecurityHandler">
> <property name="authenticator">
> <bean
> class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
> </property>
> <property name="constraintMappings">
> <list>
> <ref bean="constraintMapping"/>
> </list>
> </property>
> <property name="loginService" ref="loginService"/>
> <property name="strict" value="false"/>
> </bean>
>
>
>
>
> I used this vm argument (the absolute path is for a test... to be sure that
> the path is correct):
> -Djava.security.auth.login.config="C:/config/ldap-loginModule.conf"
>
> and the .conf file contains:
>
> ldaploginmodule {
> org.eclipse.jetty.server.server.plus.jaas.spi.LdapLoginModule required
> debug="true"
> useLdaps="false"
> contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
> hostname="localhost"
> port="10389"
> bindDn="cn=Directory Manager"
> bindPassword="directory"
> authenticationMethod="simple"
> forceBindingLogin="false"
> userBaseDn="ou=xxx,dc=xxx,dc=xxx"
> userRdnAttribute="uid"
> userIdAttribute="uid"
> userPasswordAttribute="userPassword"
> userObjectClass="inetOrgPerson"
> roleBaseDn="ou=xxx,dc=xxx,dc=xxx"
> roleNameAttribute="cn"
> roleMemberAttribute="uniqueMember"
> roleObjectClass="groupOfUniqueNames";
> };
>
>
> When I try to open the page "myservice" I show the login form but when I
> click on the Ok button my console shows this message:
>
>
> WARN | EXCEPTION
> javax.security.auth.login.LoginException: No LoginModule configured for
> ldaploginmodule
> at javax.security.auth.login.LoginContext.init(LoginContext.java:256)
> at javax.security.auth.login.LoginContext.<init>(LoginContext.java:367)
> at javax.security.auth.login.LoginContext.<init>(LoginContext.java:444)
> at
> org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:201)
> at
> org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:75)
> at
> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:416)
> at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:113)
> at org.eclipse.jetty.server.Server.handle(Server.java:351)
> at
> org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:594)
> at
> org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:1042)
> at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:549)
> at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:211)
> at org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:424)
> at
> org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:506)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:436)
> at java.lang.Thread.run(Thread.java:619)
>
>
>
> could you help me to solve the problem?
>
> Thanks in advance,
>
>
>
> --
> View this message in context: http://camel.465427.n5.nabble.com/Camel-Jetty-JAAS-Ldap-tp4484886p4484886.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
--
Willem
----------------------------------
FuseSource
Web: http://www.fusesource.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.javaeye.com (Chinese)
Twitter: willemjiang
Weibo: willemjiang