You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@karaf.apache.org by Paul Spencer <pa...@mindspring.com> on 2021/03/01 15:45:14 UTC
How to return HTTP Response Code 401 from call to REST service?
Karaf 4.2.10
CXF 3.4.2
I would like my RESTFUL server to return HTTP Response Code 401 when the basic authorization fails. Instead HTTP Response Code 500 is being returned.
I have found a couple of CXF Jira that described the issue for SOAP transactions, but they are marked as fixed.
https://issues.apache.org/jira/browse/CXF-6786
https://issues.apache.org/jira/browse/CXF-5940
What do I need to change?
***
* Realm list
***
karaf@root()> jaas:realm-list
Index │ Realm Name │ Login Module Class Name
──────┼────────────┼───────────────────────────────────────────────────────────────
1 │ karaf │ org.apache.karaf.jaas.modules.properties.PropertiesLoginModule
2 │ karaf │ org.apache.karaf.jaas.modules.publickey.PublickeyLoginModule
3 │ karaf │ org.apache.karaf.jaas.modules.audit.FileAuditLoginModule
4 │ karaf │ org.apache.karaf.jaas.modules.audit.LogAuditLoginModule
5 │ karaf │ org.apache.karaf.jaas.modules.audit.EventAdminAuditLoginModule
karaf@root()>
***
* Code Snippet
***
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import org.apache.cxf.feature.Features;
@Features(features = { "org.apache.cxf.feature.LoggingFeature",
"org.apache.cxf.interceptor.security.JAASAuthenticationFeature" })
public class SecureServiceRequest {
@GET
@Produces(MediaType.APPLICATION_JSON)
@Path("/{id}")
public Booking get(@PathParam("id") long id) {
return new Booking(id);
}
}
***
* Request with validation crudentials
***
~ paul$ curl -v -X GET http://localhost:8181/cxf/secure/1 -u karaf:karaf
Note: Unnecessary use of -X or --request, GET is already inferred.
* Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 8181 (#0)
* Server auth using Basic with user 'karaf'
> GET /cxf/secure/1 HTTP/1.1
> Host: localhost:8181
> Authorization: Basic a2FyYWY6a2FyYWY=
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Content-Type: application/json
< Date: Mon, 01 Mar 2021 15:21:44 GMT
< Transfer-Encoding: chunked
< Server: Jetty(9.4.31.v20200723)
<
* Connection #0 to host localhost left intact
{"id":1}
***
* Request with invalidation crudentials
***
~ paul$ curl -v -X GET http://localhost:8181/cxf/secure/1 -u karaf:badpwd
Note: Unnecessary use of -X or --request, GET is already inferred.
* Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 8181 (#0)
* Server auth using Basic with user 'karaf'
> GET /cxf/secure/1 HTTP/1.1
> Host: localhost:8181
> Authorization: Basic a2FyYWY6YmFkcHdk
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 500 Server Error
< Transfer-Encoding: chunked
< Server: Jetty(9.4.31.v20200723)
<
* Connection #0 to host localhost left intact
<ns1:XMLFault xmlns:ns1="http://cxf.apache.org/bindings/xformat"><ns1:faultstring xmlns:ns1="http://cxf.apache.org/bindings/xformat">org.apache.cxf.interceptor.security.AuthenticationException: Authentication failed: login failed</ns1:faultstring></ns1:XMLFault>
***
* Log file
***
ID: 20
Address: http://localhost:8181/cxf/secure/1
Http-Method: GET
Content-Type:
Headers: {Accept=[*/*], Authorization=[Basic a2FyYWY6YmFkcHdk], Content-Type=[null], Host=[localhost:8181], User-Agent=[curl/7.54.0]}
--------------------------------------
10:21:55.197 INFO [qtp675143802-107] Unsupported callback type org.apache.karaf.jaas.modules.publickey.PublickeyCallback
10:21:55.199 INFO [qtp675143802-107] FAULT_IN
Address: http://localhost:8181/cxf/secure/1
HttpMethod: GET
ExchangeId: a3c911a4-028c-4db1-aebe-c5097f9bbaa5
Headers: {Authorization=Basic a2FyYWY6YmFkcHdk, Accept=*/*, User-Agent=curl/7.54.0, Host=localhost:8181}
10:21:55.200 WARN [qtp675143802-107] Interceptor for {http://rs.example.com/}SecureServiceRequest has thrown exception, unwinding now
org.apache.cxf.interceptor.security.AuthenticationException: Authentication failed: login failed
at org.apache.cxf.interceptor.security.JAASLoginInterceptor.handleMessage(JAASLoginInterceptor.java:166) ~[!/:3.4.2]
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308) ~[!/:3.4.2]
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) ~[!/:3.4.2]
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:265) ~[!/:3.4.2]
at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234) ~[!/:3.4.2]
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208) ~[!/:3.4.2]
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160) ~[!/:3.4.2]
at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:225) ~[!/:3.4.2]
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:298) ~[!/:3.4.2]
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(AbstractHTTPServlet.java:222) ~[!/:3.4.2]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) ~[!/:3.1.0]
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:273) ~[!/:3.4.2]
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:763) ~[!/:9.4.31.v20200723]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1651) ~[!/:9.4.31.v20200723]
at org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:226) ~[!/:9.4.31.v20200723]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1638) ~[!/:9.4.31.v20200723]
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:567) ~[!/:9.4.31.v20200723]
at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:71) ~[!/:?]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) ~[!/:9.4.31.v20200723]
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:602) ~[!/:9.4.31.v20200723]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) ~[!/:9.4.31.v20200723]
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235) ~[!/:9.4.31.v20200723]
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1610) ~[!/:9.4.31.v20200723]
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) ~[!/:9.4.31.v20200723]
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1377) ~[!/:9.4.31.v20200723]
at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:298) ~[!/:?]
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) ~[!/:9.4.31.v20200723]
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:507) ~[!/:9.4.31.v20200723]
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1580) ~[!/:9.4.31.v20200723]
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) ~[!/:9.4.31.v20200723]
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1292) ~[!/:9.4.31.v20200723]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) ~[!/:9.4.31.v20200723]
at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:82) ~[!/:?]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) ~[!/:9.4.31.v20200723]
at org.eclipse.jetty.server.Server.handle(Server.java:501) ~[!/:9.4.31.v20200723]
at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:383) ~[!/:9.4.31.v20200723]
at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:556) [!/:9.4.31.v20200723]
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:375) [!/:9.4.31.v20200723]
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:273) [!/:9.4.31.v20200723]
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) [!/:9.4.31.v20200723]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) [!/:9.4.31.v20200723]
at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104) [!/:9.4.31.v20200723]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:336) [!/:9.4.31.v20200723]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:313) [!/:9.4.31.v20200723]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:171) [!/:9.4.31.v20200723]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:129) [!/:9.4.31.v20200723]
at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:375) [!/:9.4.31.v20200723]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:806) [!/:9.4.31.v20200723]
at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:938) [!/:9.4.31.v20200723]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_172]
Caused by: javax.security.auth.login.FailedLoginException: login failed
at org.apache.karaf.jaas.modules.properties.PropertiesLoginModule.login(PropertiesLoginModule.java:129) ~[?:?]
at org.apache.karaf.jaas.boot.ProxyLoginModule.login(ProxyLoginModule.java:83) ~[org.apache.karaf.jaas.boot-4.2.10.jar:?]
at sun.reflect.GeneratedMethodAccessor37.invoke(Unknown Source) ~[?:?]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_172]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_172]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755) ~[?:1.8.0_172]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) ~[?:1.8.0_172]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) ~[?:1.8.0_172]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) ~[?:1.8.0_172]
at java.security.AccessController.doPrivileged(Native Method) ~[?:1.8.0_172]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) ~[?:1.8.0_172]
at javax.security.auth.login.LoginContext.login(LoginContext.java:587) ~[?:1.8.0_172]
at org.apache.cxf.interceptor.security.JAASLoginInterceptor.handleMessage(JAASLoginInterceptor.java:140) ~[!/:3.4.2]
... 49 more
10:21:55.206 INFO [qtp675143802-107] FAULT_OUT
ResponseCode: 500
ExchangeId: a3c911a4-028c-4db1-aebe-c5097f9bbaa5
Headers: {}
Payload: <ns1:XMLFault xmlns:ns1="http://cxf.apache.org/bindings/xformat"><ns1:faultstring xmlns:ns1="http://cxf.apache.org/bindings/xformat">org.apache.cxf.interceptor.security.AuthenticationException: Authentication failed: login failed</ns1:faultstring></ns1:XMLFault>
Paul Spencer