You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@karaf.apache.org by Charles Moulliard <cm...@gmail.com> on 2011/01/14 16:22:36 UTC
Issue with camel OSGI Servlet and jetty Security
Hi,
I have deployed successfully camel OSGI Servlet (as mentioned in the
wiki page updated of camel) - 2.6-SNAPSHOT and being able to use it
with a camel
Now I would like to configure jetty using the configuration file
deployed in /etc/jetty.xml like this
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting// DTD
Configure//EN" "http://jetty.mortbay.org/configure.dtd">
<Configure class="org.eclipse.jetty.server.Server">
<!-- =========================================================== -->
<!-- Set connectors -->
<!-- =========================================================== -->
<!-- One of each type! -->
<!-- =========================================================== -->
<!-- Use this connector for many frequently idle connections
and for threadless continuations.
-->
<Call name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.nio.SelectChannelConnector">
<Set name="host"><Property name="jetty.host"/></Set>
<Set name="port"><Property name="jetty.port" default="8282"/></Set>
<Set name="maxIdleTime">300000</Set>
<Set name="Acceptors">2</Set>
<Set name="statsOn">false</Set>
<Set name="confidentialPort">8443</Set>
<Set name="lowResourcesConnections">20000</Set>
<Set name="lowResourcesMaxIdleTime">5000</Set>
</New>
</Arg>
</Call>
<Call name="addBean">
<Arg>
<New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
<Set name="name">karaf</Set>
<Set name="loginModuleName">karaf</Set>
</New>
</Arg>
</Call>
- This option is enable using the following property :
org.ops4j.pax.web.config.file=./etc/jetty.xml
- The security is enable with the JAASLoginService
Unfortunately the client is not authenticated when the browser sends
the request to the Jetty Server and receive well an answer from camel
route.
Any idea is welcome ?
Here is the list of bundles deployed.
[ 240] [Active ] [ ] [ ] [ 60] camel-http
(2.6.0.SNAPSHOT)
[ 241] [Active ] [ ] [ ] [ 60] camel-servlet
(2.6.0.SNAPSHOT)
[ 242] [Active ] [ ] [ ] [ 60] CAMEL :: OSGI ::
Servlet (1.0.0)
[ 248] [Active ] [ ] [Started] [ 60] spring-context.xml (0.0.0)
[ 249] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
Extender - Whiteboard (0.8.2.SNAPSHOT)
[ 250] [Active ] [ ] [ ] [ 60] OPS4J Pax Url -
war:, war-i: (1.2.1)
[ 251] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
Jsp Support (0.8.2.SNAPSHOT)
[ 252] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
Extender - WAR (0.8.2.SNAPSHOT)
[ 253] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
FileInstall Deployer (0.8.2.SNAPSHOT)
[ 254] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
API (0.8.2.SNAPSHOT)
[ 255] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
Service SPI (0.8.2.SNAPSHOT)
[ 256] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
Runtime (0.8.2.SNAPSHOT)
[ 257] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
Jetty (0.8.2.SNAPSHOT)
[ 269] [Active ] [ ] [ ] [ 60] Jetty ::
Utilities (7.2.2.v20101205)
[ 270] [Active ] [ ] [ ] [ 60] Jetty :: Plus
(7.2.2.v20101205)
[ 271] [Active ] [ ] [ ] [ 60] Jetty :: JNDI
Naming (7.2.2.v20101205)
Regards,
Charles Moulliard
Sr. Principal Solution Architect - FuseSource
Apache Committer
Blog : http://cmoulliard.blogspot.com
Twitter : http://twitter.com/cmoulliard
Linkedin : http://www.linkedin.com/in/charlesmoulliard
Skype: cmoulliard
Re: Issue with camel OSGI Servlet and jetty Security
Posted by Charles Moulliard <cm...@gmail.com>.
Sorry Guillaume but I do not take enough time to elaborate
With J2EE applications, we can setup the security in the web.xml file
using the following tags :
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Pages</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>karaf</realm-name>
</login-config>
By adding the following bean configuration in /etc/jetty.xml file of jetty
<Call name="addBean">
<Arg>
<New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
<Set name="name">karaf</Set>
<Set name="loginModuleName">karaf</Set>
<Set name="roleClassNames">
<Array type="java.lang.String">
<Item>org.apache.karaf.jaas.modules.RolePrincipal</Item>
</Array>
</Set>
</New>
</Arg>
</Call>
we can deploy WAR project on Karaf where the security is externalized
from the Servlet that we deploy but will be handle by the Web
Container (Jetty) with Authentication framework (JAAS)
If we can use the same philosophy for OSGI world, that should be great.
This is why I propose to use a Servlet Filter
(http://download.oracle.com/docs/cd/E12840_01/wls/docs103/dvspisec/servlet.html)
to authenticate user with the JAASSecurityProvider of Karaf or a new
one which is more generic.
In a config file we can configure the filter
org.apache.felix.http.whiteboardEnabled = true
org.apache.felix.http.filter.name = 'name of the Filter Authentication Servlet'
org.apache.felix.http.filter.Classname = 'name of the Filter
Authentication Servlet'
org.apache.felix.http.filter.init.param.name = ''path"
org.apache.felix.http.filter.init.param.value = ''/camel/*"
org.apache.felix.http.filter.init.param.name = ''role"
org.apache.felix.http.filter.init.param.value = ''admin"
org.apache.felix.http.filter.init.param.name = ''authentication"
org.apache.felix.http.filter.init.param.value = ''basic"
which will be registered with the OSGI HTTP Service
(http://svn.apache.org/repos/asf/felix/trunk/http/samples/filter/).
Then the camelServlet or any other (CXF, ...) can be deployed on
Karaf/ServiceMix to authenticate users based on JAAS in an independent
way.
Regards,
Charles
On Tue, Feb 15, 2011 at 4:32 PM, Guillaume Nodet <gn...@gmail.com> wrote:
> On Tue, Feb 15, 2011 at 16:08, Charles Moulliard <cm...@gmail.com> wrote:
>> Why don't we use pax-exam whiteboard for doing that (registering the
>> camelServlet + JAASecurity) ?
>
> Well, we could, but that would not work on anything else than pax-web.
> Felix and Equinox both provide their own http service, and i don't
> really see why we would not support those.
>
>> It could be also interesting that we provide a Generic Servlet Filter
>> to work with JAAS of Karaf. In this case, we don't have to create for
>> each servlet that we would like to use its own JAAS SecurityManager +
>> HttpContext?
>
> Not sure to follow. What I had suggested was to improve the
> camel-servlet to better behave when deployed as an OSGi bundle. So
> that would be done only once I think.
> But you're right that the security bits may be different if you want
> to use spring-security or jaas, as it's done in Karaf.
>
> The problem with not using JAAS is that you end up with a lot more
> dependencies and being tie to a given project. Maybe at some point
> we'll need a security abstraction in Camel, not sure though...
>
> I guess if it's too specific to Karaf, we could put an enhanced
> version of camel-servlet into
> http://svn.apache.org/repos/asf/camel/trunk/platforms/karaf/
>
>> On Fri, Jan 14, 2011 at 5:36 PM, Guillaume Nodet <gn...@gmail.com> wrote:
>>> Shouldn't the component be registered automatically using an activator ?
>>> Registering a serlvet is not the standard way in OSGi, it would only work
>>> with pax-web.
>>> So I think registering the servlet directly in the HttpService would allow
>>> you to create your own HttpContext and use it to do the authentication.
>>>
>>> Though forcing the use of JAAS may not be a good idea from a pure Karaf
>>> perspective ...
>>>
>>> On Fri, Jan 14, 2011 at 08:27, Guillaume Nodet <gn...@gmail.com> wrote:
>>>
>>>> Right, see how it's done in Karaf for the web console:
>>>>
>>>> http://svn.apache.org/repos/asf/karaf/trunk/webconsole/branding/src/main/java/org/apache/karaf/webconsole/JaasSecurityProvider.java
>>>>
>>>> That one is called by the HttpContext created by the webconsole in the
>>>> handleSecurity() method:
>>>>
>>>> http://svn.apache.org/repos/asf/felix/trunk/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java
>>>>
>>>> On Fri, Jan 14, 2011 at 07:33, Achim Nierbeck <bc...@googlemail.com>wrote:
>>>>
>>>>> I think for the OSGI Servlets, the OSGi container does the security
>>>>> directly like done with the webconsole plugin. Could you please take a
>>>>> look at it. Never the less I will take a deeper look at this later
>>>>> today :)
>>>>>
>>>>>
>>>>> 2011/1/14 Charles Moulliard <cm...@gmail.com>:
>>>>> > Hi,
>>>>> >
>>>>> > I have deployed successfully camel OSGI Servlet (as mentioned in the
>>>>> > wiki page updated of camel) - 2.6-SNAPSHOT and being able to use it
>>>>> > with a camel
>>>>> >
>>>>> > Now I would like to configure jetty using the configuration file
>>>>> > deployed in /etc/jetty.xml like this
>>>>> >
>>>>> > <?xml version="1.0" encoding="UTF-8"?>
>>>>> > <!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting// DTD
>>>>> > Configure//EN" "http://jetty.mortbay.org/configure.dtd">
>>>>> > <Configure class="org.eclipse.jetty.server.Server">
>>>>> >
>>>>> > <!-- =========================================================== -->
>>>>> > <!-- Set connectors -->
>>>>> > <!-- =========================================================== -->
>>>>> > <!-- One of each type! -->
>>>>> > <!-- =========================================================== -->
>>>>> >
>>>>> > <!-- Use this connector for many frequently idle connections
>>>>> > and for threadless continuations.
>>>>> > -->
>>>>> > <Call name="addConnector">
>>>>> > <Arg>
>>>>> > <New
>>>>> class="org.eclipse.jetty.server.nio.SelectChannelConnector">
>>>>> > <Set name="host"><Property name="jetty.host"/></Set>
>>>>> > <Set name="port"><Property name="jetty.port"
>>>>> default="8282"/></Set>
>>>>> > <Set name="maxIdleTime">300000</Set>
>>>>> > <Set name="Acceptors">2</Set>
>>>>> > <Set name="statsOn">false</Set>
>>>>> > <Set name="confidentialPort">8443</Set>
>>>>> > <Set name="lowResourcesConnections">20000</Set>
>>>>> > <Set name="lowResourcesMaxIdleTime">5000</Set>
>>>>> > </New>
>>>>> > </Arg>
>>>>> > </Call>
>>>>> >
>>>>> > <Call name="addBean">
>>>>> > <Arg>
>>>>> > <New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
>>>>> > <Set name="name">karaf</Set>
>>>>> > <Set name="loginModuleName">karaf</Set>
>>>>> > </New>
>>>>> > </Arg>
>>>>> > </Call>
>>>>> >
>>>>> > - This option is enable using the following property :
>>>>> > org.ops4j.pax.web.config.file=./etc/jetty.xml
>>>>> > - The security is enable with the JAASLoginService
>>>>> >
>>>>> > Unfortunately the client is not authenticated when the browser sends
>>>>> > the request to the Jetty Server and receive well an answer from camel
>>>>> > route.
>>>>> >
>>>>> > Any idea is welcome ?
>>>>> >
>>>>> > Here is the list of bundles deployed.
>>>>> >
>>>>> > [ 240] [Active ] [ ] [ ] [ 60] camel-http
>>>>> > (2.6.0.SNAPSHOT)
>>>>> > [ 241] [Active ] [ ] [ ] [ 60] camel-servlet
>>>>> > (2.6.0.SNAPSHOT)
>>>>> > [ 242] [Active ] [ ] [ ] [ 60] CAMEL :: OSGI ::
>>>>> > Servlet (1.0.0)
>>>>> > [ 248] [Active ] [ ] [Started] [ 60] spring-context.xml
>>>>> (0.0.0)
>>>>> > [ 249] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>>>> > Extender - Whiteboard (0.8.2.SNAPSHOT)
>>>>> > [ 250] [Active ] [ ] [ ] [ 60] OPS4J Pax Url -
>>>>> > war:, war-i: (1.2.1)
>>>>> > [ 251] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>>>> > Jsp Support (0.8.2.SNAPSHOT)
>>>>> > [ 252] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>>>> > Extender - WAR (0.8.2.SNAPSHOT)
>>>>> > [ 253] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>>>> > FileInstall Deployer (0.8.2.SNAPSHOT)
>>>>> > [ 254] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>>>> > API (0.8.2.SNAPSHOT)
>>>>> > [ 255] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>>>> > Service SPI (0.8.2.SNAPSHOT)
>>>>> > [ 256] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>>>> > Runtime (0.8.2.SNAPSHOT)
>>>>> > [ 257] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>>>> > Jetty (0.8.2.SNAPSHOT)
>>>>> > [ 269] [Active ] [ ] [ ] [ 60] Jetty ::
>>>>> > Utilities (7.2.2.v20101205)
>>>>> > [ 270] [Active ] [ ] [ ] [ 60] Jetty :: Plus
>>>>> > (7.2.2.v20101205)
>>>>> > [ 271] [Active ] [ ] [ ] [ 60] Jetty :: JNDI
>>>>> > Naming (7.2.2.v20101205)
>>>>> >
>>>>> >
>>>>> >
>>>>> > Regards,
>>>>> >
>>>>> >
>>>>> > Charles Moulliard
>>>>> >
>>>>> > Sr. Principal Solution Architect - FuseSource
>>>>> > Apache Committer
>>>>> >
>>>>> > Blog : http://cmoulliard.blogspot.com
>>>>> > Twitter : http://twitter.com/cmoulliard
>>>>> > Linkedin : http://www.linkedin.com/in/charlesmoulliard
>>>>> > Skype: cmoulliard
>>>>> >
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Cheers,
>>>> Guillaume Nodet
>>>> ------------------------
>>>> Blog: http://gnodet.blogspot.com/
>>>> ------------------------
>>>> Open Source SOA
>>>> http://fusesource.com
>>>>
>>>>
>>>>
>>>
>>>
>>> --
>>> Cheers,
>>> Guillaume Nodet
>>> ------------------------
>>> Blog: http://gnodet.blogspot.com/
>>> ------------------------
>>> Open Source SOA
>>> http://fusesource.com
>>>
>>
>
>
>
> --
> Cheers,
> Guillaume Nodet
> ------------------------
> Blog: http://gnodet.blogspot.com/
> ------------------------
> Open Source SOA
> http://fusesource.com
>
Re: Issue with camel OSGI Servlet and jetty Security
Posted by Guillaume Nodet <gn...@gmail.com>.
On Tue, Feb 15, 2011 at 16:08, Charles Moulliard <cm...@gmail.com> wrote:
> Why don't we use pax-exam whiteboard for doing that (registering the
> camelServlet + JAASecurity) ?
Well, we could, but that would not work on anything else than pax-web.
Felix and Equinox both provide their own http service, and i don't
really see why we would not support those.
> It could be also interesting that we provide a Generic Servlet Filter
> to work with JAAS of Karaf. In this case, we don't have to create for
> each servlet that we would like to use its own JAAS SecurityManager +
> HttpContext?
Not sure to follow. What I had suggested was to improve the
camel-servlet to better behave when deployed as an OSGi bundle. So
that would be done only once I think.
But you're right that the security bits may be different if you want
to use spring-security or jaas, as it's done in Karaf.
The problem with not using JAAS is that you end up with a lot more
dependencies and being tie to a given project. Maybe at some point
we'll need a security abstraction in Camel, not sure though...
I guess if it's too specific to Karaf, we could put an enhanced
version of camel-servlet into
http://svn.apache.org/repos/asf/camel/trunk/platforms/karaf/
> On Fri, Jan 14, 2011 at 5:36 PM, Guillaume Nodet <gn...@gmail.com> wrote:
>> Shouldn't the component be registered automatically using an activator ?
>> Registering a serlvet is not the standard way in OSGi, it would only work
>> with pax-web.
>> So I think registering the servlet directly in the HttpService would allow
>> you to create your own HttpContext and use it to do the authentication.
>>
>> Though forcing the use of JAAS may not be a good idea from a pure Karaf
>> perspective ...
>>
>> On Fri, Jan 14, 2011 at 08:27, Guillaume Nodet <gn...@gmail.com> wrote:
>>
>>> Right, see how it's done in Karaf for the web console:
>>>
>>> http://svn.apache.org/repos/asf/karaf/trunk/webconsole/branding/src/main/java/org/apache/karaf/webconsole/JaasSecurityProvider.java
>>>
>>> That one is called by the HttpContext created by the webconsole in the
>>> handleSecurity() method:
>>>
>>> http://svn.apache.org/repos/asf/felix/trunk/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java
>>>
>>> On Fri, Jan 14, 2011 at 07:33, Achim Nierbeck <bc...@googlemail.com>wrote:
>>>
>>>> I think for the OSGI Servlets, the OSGi container does the security
>>>> directly like done with the webconsole plugin. Could you please take a
>>>> look at it. Never the less I will take a deeper look at this later
>>>> today :)
>>>>
>>>>
>>>> 2011/1/14 Charles Moulliard <cm...@gmail.com>:
>>>> > Hi,
>>>> >
>>>> > I have deployed successfully camel OSGI Servlet (as mentioned in the
>>>> > wiki page updated of camel) - 2.6-SNAPSHOT and being able to use it
>>>> > with a camel
>>>> >
>>>> > Now I would like to configure jetty using the configuration file
>>>> > deployed in /etc/jetty.xml like this
>>>> >
>>>> > <?xml version="1.0" encoding="UTF-8"?>
>>>> > <!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting// DTD
>>>> > Configure//EN" "http://jetty.mortbay.org/configure.dtd">
>>>> > <Configure class="org.eclipse.jetty.server.Server">
>>>> >
>>>> > <!-- =========================================================== -->
>>>> > <!-- Set connectors -->
>>>> > <!-- =========================================================== -->
>>>> > <!-- One of each type! -->
>>>> > <!-- =========================================================== -->
>>>> >
>>>> > <!-- Use this connector for many frequently idle connections
>>>> > and for threadless continuations.
>>>> > -->
>>>> > <Call name="addConnector">
>>>> > <Arg>
>>>> > <New
>>>> class="org.eclipse.jetty.server.nio.SelectChannelConnector">
>>>> > <Set name="host"><Property name="jetty.host"/></Set>
>>>> > <Set name="port"><Property name="jetty.port"
>>>> default="8282"/></Set>
>>>> > <Set name="maxIdleTime">300000</Set>
>>>> > <Set name="Acceptors">2</Set>
>>>> > <Set name="statsOn">false</Set>
>>>> > <Set name="confidentialPort">8443</Set>
>>>> > <Set name="lowResourcesConnections">20000</Set>
>>>> > <Set name="lowResourcesMaxIdleTime">5000</Set>
>>>> > </New>
>>>> > </Arg>
>>>> > </Call>
>>>> >
>>>> > <Call name="addBean">
>>>> > <Arg>
>>>> > <New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
>>>> > <Set name="name">karaf</Set>
>>>> > <Set name="loginModuleName">karaf</Set>
>>>> > </New>
>>>> > </Arg>
>>>> > </Call>
>>>> >
>>>> > - This option is enable using the following property :
>>>> > org.ops4j.pax.web.config.file=./etc/jetty.xml
>>>> > - The security is enable with the JAASLoginService
>>>> >
>>>> > Unfortunately the client is not authenticated when the browser sends
>>>> > the request to the Jetty Server and receive well an answer from camel
>>>> > route.
>>>> >
>>>> > Any idea is welcome ?
>>>> >
>>>> > Here is the list of bundles deployed.
>>>> >
>>>> > [ 240] [Active ] [ ] [ ] [ 60] camel-http
>>>> > (2.6.0.SNAPSHOT)
>>>> > [ 241] [Active ] [ ] [ ] [ 60] camel-servlet
>>>> > (2.6.0.SNAPSHOT)
>>>> > [ 242] [Active ] [ ] [ ] [ 60] CAMEL :: OSGI ::
>>>> > Servlet (1.0.0)
>>>> > [ 248] [Active ] [ ] [Started] [ 60] spring-context.xml
>>>> (0.0.0)
>>>> > [ 249] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>>> > Extender - Whiteboard (0.8.2.SNAPSHOT)
>>>> > [ 250] [Active ] [ ] [ ] [ 60] OPS4J Pax Url -
>>>> > war:, war-i: (1.2.1)
>>>> > [ 251] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>>> > Jsp Support (0.8.2.SNAPSHOT)
>>>> > [ 252] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>>> > Extender - WAR (0.8.2.SNAPSHOT)
>>>> > [ 253] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>>> > FileInstall Deployer (0.8.2.SNAPSHOT)
>>>> > [ 254] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>>> > API (0.8.2.SNAPSHOT)
>>>> > [ 255] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>>> > Service SPI (0.8.2.SNAPSHOT)
>>>> > [ 256] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>>> > Runtime (0.8.2.SNAPSHOT)
>>>> > [ 257] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>>> > Jetty (0.8.2.SNAPSHOT)
>>>> > [ 269] [Active ] [ ] [ ] [ 60] Jetty ::
>>>> > Utilities (7.2.2.v20101205)
>>>> > [ 270] [Active ] [ ] [ ] [ 60] Jetty :: Plus
>>>> > (7.2.2.v20101205)
>>>> > [ 271] [Active ] [ ] [ ] [ 60] Jetty :: JNDI
>>>> > Naming (7.2.2.v20101205)
>>>> >
>>>> >
>>>> >
>>>> > Regards,
>>>> >
>>>> >
>>>> > Charles Moulliard
>>>> >
>>>> > Sr. Principal Solution Architect - FuseSource
>>>> > Apache Committer
>>>> >
>>>> > Blog : http://cmoulliard.blogspot.com
>>>> > Twitter : http://twitter.com/cmoulliard
>>>> > Linkedin : http://www.linkedin.com/in/charlesmoulliard
>>>> > Skype: cmoulliard
>>>> >
>>>>
>>>
>>>
>>>
>>> --
>>> Cheers,
>>> Guillaume Nodet
>>> ------------------------
>>> Blog: http://gnodet.blogspot.com/
>>> ------------------------
>>> Open Source SOA
>>> http://fusesource.com
>>>
>>>
>>>
>>
>>
>> --
>> Cheers,
>> Guillaume Nodet
>> ------------------------
>> Blog: http://gnodet.blogspot.com/
>> ------------------------
>> Open Source SOA
>> http://fusesource.com
>>
>
--
Cheers,
Guillaume Nodet
------------------------
Blog: http://gnodet.blogspot.com/
------------------------
Open Source SOA
http://fusesource.com
Re: Issue with camel OSGI Servlet and jetty Security
Posted by Charles Moulliard <cm...@gmail.com>.
Why don't we use pax-exam whiteboard for doing that (registering the
camelServlet + JAASecurity) ?
It could be also interesting that we provide a Generic Servlet Filter
to work with JAAS of Karaf. In this case, we don't have to create for
each servlet that we would like to use its own JAAS SecurityManager +
HttpContext?
On Fri, Jan 14, 2011 at 5:36 PM, Guillaume Nodet <gn...@gmail.com> wrote:
> Shouldn't the component be registered automatically using an activator ?
> Registering a serlvet is not the standard way in OSGi, it would only work
> with pax-web.
> So I think registering the servlet directly in the HttpService would allow
> you to create your own HttpContext and use it to do the authentication.
>
> Though forcing the use of JAAS may not be a good idea from a pure Karaf
> perspective ...
>
> On Fri, Jan 14, 2011 at 08:27, Guillaume Nodet <gn...@gmail.com> wrote:
>
>> Right, see how it's done in Karaf for the web console:
>>
>> http://svn.apache.org/repos/asf/karaf/trunk/webconsole/branding/src/main/java/org/apache/karaf/webconsole/JaasSecurityProvider.java
>>
>> That one is called by the HttpContext created by the webconsole in the
>> handleSecurity() method:
>>
>> http://svn.apache.org/repos/asf/felix/trunk/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java
>>
>> On Fri, Jan 14, 2011 at 07:33, Achim Nierbeck <bc...@googlemail.com>wrote:
>>
>>> I think for the OSGI Servlets, the OSGi container does the security
>>> directly like done with the webconsole plugin. Could you please take a
>>> look at it. Never the less I will take a deeper look at this later
>>> today :)
>>>
>>>
>>> 2011/1/14 Charles Moulliard <cm...@gmail.com>:
>>> > Hi,
>>> >
>>> > I have deployed successfully camel OSGI Servlet (as mentioned in the
>>> > wiki page updated of camel) - 2.6-SNAPSHOT and being able to use it
>>> > with a camel
>>> >
>>> > Now I would like to configure jetty using the configuration file
>>> > deployed in /etc/jetty.xml like this
>>> >
>>> > <?xml version="1.0" encoding="UTF-8"?>
>>> > <!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting// DTD
>>> > Configure//EN" "http://jetty.mortbay.org/configure.dtd">
>>> > <Configure class="org.eclipse.jetty.server.Server">
>>> >
>>> > <!-- =========================================================== -->
>>> > <!-- Set connectors -->
>>> > <!-- =========================================================== -->
>>> > <!-- One of each type! -->
>>> > <!-- =========================================================== -->
>>> >
>>> > <!-- Use this connector for many frequently idle connections
>>> > and for threadless continuations.
>>> > -->
>>> > <Call name="addConnector">
>>> > <Arg>
>>> > <New
>>> class="org.eclipse.jetty.server.nio.SelectChannelConnector">
>>> > <Set name="host"><Property name="jetty.host"/></Set>
>>> > <Set name="port"><Property name="jetty.port"
>>> default="8282"/></Set>
>>> > <Set name="maxIdleTime">300000</Set>
>>> > <Set name="Acceptors">2</Set>
>>> > <Set name="statsOn">false</Set>
>>> > <Set name="confidentialPort">8443</Set>
>>> > <Set name="lowResourcesConnections">20000</Set>
>>> > <Set name="lowResourcesMaxIdleTime">5000</Set>
>>> > </New>
>>> > </Arg>
>>> > </Call>
>>> >
>>> > <Call name="addBean">
>>> > <Arg>
>>> > <New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
>>> > <Set name="name">karaf</Set>
>>> > <Set name="loginModuleName">karaf</Set>
>>> > </New>
>>> > </Arg>
>>> > </Call>
>>> >
>>> > - This option is enable using the following property :
>>> > org.ops4j.pax.web.config.file=./etc/jetty.xml
>>> > - The security is enable with the JAASLoginService
>>> >
>>> > Unfortunately the client is not authenticated when the browser sends
>>> > the request to the Jetty Server and receive well an answer from camel
>>> > route.
>>> >
>>> > Any idea is welcome ?
>>> >
>>> > Here is the list of bundles deployed.
>>> >
>>> > [ 240] [Active ] [ ] [ ] [ 60] camel-http
>>> > (2.6.0.SNAPSHOT)
>>> > [ 241] [Active ] [ ] [ ] [ 60] camel-servlet
>>> > (2.6.0.SNAPSHOT)
>>> > [ 242] [Active ] [ ] [ ] [ 60] CAMEL :: OSGI ::
>>> > Servlet (1.0.0)
>>> > [ 248] [Active ] [ ] [Started] [ 60] spring-context.xml
>>> (0.0.0)
>>> > [ 249] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>> > Extender - Whiteboard (0.8.2.SNAPSHOT)
>>> > [ 250] [Active ] [ ] [ ] [ 60] OPS4J Pax Url -
>>> > war:, war-i: (1.2.1)
>>> > [ 251] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>> > Jsp Support (0.8.2.SNAPSHOT)
>>> > [ 252] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>> > Extender - WAR (0.8.2.SNAPSHOT)
>>> > [ 253] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>> > FileInstall Deployer (0.8.2.SNAPSHOT)
>>> > [ 254] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>> > API (0.8.2.SNAPSHOT)
>>> > [ 255] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>> > Service SPI (0.8.2.SNAPSHOT)
>>> > [ 256] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>> > Runtime (0.8.2.SNAPSHOT)
>>> > [ 257] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>>> > Jetty (0.8.2.SNAPSHOT)
>>> > [ 269] [Active ] [ ] [ ] [ 60] Jetty ::
>>> > Utilities (7.2.2.v20101205)
>>> > [ 270] [Active ] [ ] [ ] [ 60] Jetty :: Plus
>>> > (7.2.2.v20101205)
>>> > [ 271] [Active ] [ ] [ ] [ 60] Jetty :: JNDI
>>> > Naming (7.2.2.v20101205)
>>> >
>>> >
>>> >
>>> > Regards,
>>> >
>>> >
>>> > Charles Moulliard
>>> >
>>> > Sr. Principal Solution Architect - FuseSource
>>> > Apache Committer
>>> >
>>> > Blog : http://cmoulliard.blogspot.com
>>> > Twitter : http://twitter.com/cmoulliard
>>> > Linkedin : http://www.linkedin.com/in/charlesmoulliard
>>> > Skype: cmoulliard
>>> >
>>>
>>
>>
>>
>> --
>> Cheers,
>> Guillaume Nodet
>> ------------------------
>> Blog: http://gnodet.blogspot.com/
>> ------------------------
>> Open Source SOA
>> http://fusesource.com
>>
>>
>>
>
>
> --
> Cheers,
> Guillaume Nodet
> ------------------------
> Blog: http://gnodet.blogspot.com/
> ------------------------
> Open Source SOA
> http://fusesource.com
>
Re: Issue with camel OSGI Servlet and jetty Security
Posted by Guillaume Nodet <gn...@gmail.com>.
Shouldn't the component be registered automatically using an activator ?
Registering a serlvet is not the standard way in OSGi, it would only work
with pax-web.
So I think registering the servlet directly in the HttpService would allow
you to create your own HttpContext and use it to do the authentication.
Though forcing the use of JAAS may not be a good idea from a pure Karaf
perspective ...
On Fri, Jan 14, 2011 at 08:27, Guillaume Nodet <gn...@gmail.com> wrote:
> Right, see how it's done in Karaf for the web console:
>
> http://svn.apache.org/repos/asf/karaf/trunk/webconsole/branding/src/main/java/org/apache/karaf/webconsole/JaasSecurityProvider.java
>
> That one is called by the HttpContext created by the webconsole in the
> handleSecurity() method:
>
> http://svn.apache.org/repos/asf/felix/trunk/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java
>
> On Fri, Jan 14, 2011 at 07:33, Achim Nierbeck <bc...@googlemail.com>wrote:
>
>> I think for the OSGI Servlets, the OSGi container does the security
>> directly like done with the webconsole plugin. Could you please take a
>> look at it. Never the less I will take a deeper look at this later
>> today :)
>>
>>
>> 2011/1/14 Charles Moulliard <cm...@gmail.com>:
>> > Hi,
>> >
>> > I have deployed successfully camel OSGI Servlet (as mentioned in the
>> > wiki page updated of camel) - 2.6-SNAPSHOT and being able to use it
>> > with a camel
>> >
>> > Now I would like to configure jetty using the configuration file
>> > deployed in /etc/jetty.xml like this
>> >
>> > <?xml version="1.0" encoding="UTF-8"?>
>> > <!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting// DTD
>> > Configure//EN" "http://jetty.mortbay.org/configure.dtd">
>> > <Configure class="org.eclipse.jetty.server.Server">
>> >
>> > <!-- =========================================================== -->
>> > <!-- Set connectors -->
>> > <!-- =========================================================== -->
>> > <!-- One of each type! -->
>> > <!-- =========================================================== -->
>> >
>> > <!-- Use this connector for many frequently idle connections
>> > and for threadless continuations.
>> > -->
>> > <Call name="addConnector">
>> > <Arg>
>> > <New
>> class="org.eclipse.jetty.server.nio.SelectChannelConnector">
>> > <Set name="host"><Property name="jetty.host"/></Set>
>> > <Set name="port"><Property name="jetty.port"
>> default="8282"/></Set>
>> > <Set name="maxIdleTime">300000</Set>
>> > <Set name="Acceptors">2</Set>
>> > <Set name="statsOn">false</Set>
>> > <Set name="confidentialPort">8443</Set>
>> > <Set name="lowResourcesConnections">20000</Set>
>> > <Set name="lowResourcesMaxIdleTime">5000</Set>
>> > </New>
>> > </Arg>
>> > </Call>
>> >
>> > <Call name="addBean">
>> > <Arg>
>> > <New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
>> > <Set name="name">karaf</Set>
>> > <Set name="loginModuleName">karaf</Set>
>> > </New>
>> > </Arg>
>> > </Call>
>> >
>> > - This option is enable using the following property :
>> > org.ops4j.pax.web.config.file=./etc/jetty.xml
>> > - The security is enable with the JAASLoginService
>> >
>> > Unfortunately the client is not authenticated when the browser sends
>> > the request to the Jetty Server and receive well an answer from camel
>> > route.
>> >
>> > Any idea is welcome ?
>> >
>> > Here is the list of bundles deployed.
>> >
>> > [ 240] [Active ] [ ] [ ] [ 60] camel-http
>> > (2.6.0.SNAPSHOT)
>> > [ 241] [Active ] [ ] [ ] [ 60] camel-servlet
>> > (2.6.0.SNAPSHOT)
>> > [ 242] [Active ] [ ] [ ] [ 60] CAMEL :: OSGI ::
>> > Servlet (1.0.0)
>> > [ 248] [Active ] [ ] [Started] [ 60] spring-context.xml
>> (0.0.0)
>> > [ 249] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>> > Extender - Whiteboard (0.8.2.SNAPSHOT)
>> > [ 250] [Active ] [ ] [ ] [ 60] OPS4J Pax Url -
>> > war:, war-i: (1.2.1)
>> > [ 251] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>> > Jsp Support (0.8.2.SNAPSHOT)
>> > [ 252] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>> > Extender - WAR (0.8.2.SNAPSHOT)
>> > [ 253] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>> > FileInstall Deployer (0.8.2.SNAPSHOT)
>> > [ 254] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>> > API (0.8.2.SNAPSHOT)
>> > [ 255] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>> > Service SPI (0.8.2.SNAPSHOT)
>> > [ 256] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>> > Runtime (0.8.2.SNAPSHOT)
>> > [ 257] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
>> > Jetty (0.8.2.SNAPSHOT)
>> > [ 269] [Active ] [ ] [ ] [ 60] Jetty ::
>> > Utilities (7.2.2.v20101205)
>> > [ 270] [Active ] [ ] [ ] [ 60] Jetty :: Plus
>> > (7.2.2.v20101205)
>> > [ 271] [Active ] [ ] [ ] [ 60] Jetty :: JNDI
>> > Naming (7.2.2.v20101205)
>> >
>> >
>> >
>> > Regards,
>> >
>> >
>> > Charles Moulliard
>> >
>> > Sr. Principal Solution Architect - FuseSource
>> > Apache Committer
>> >
>> > Blog : http://cmoulliard.blogspot.com
>> > Twitter : http://twitter.com/cmoulliard
>> > Linkedin : http://www.linkedin.com/in/charlesmoulliard
>> > Skype: cmoulliard
>> >
>>
>
>
>
> --
> Cheers,
> Guillaume Nodet
> ------------------------
> Blog: http://gnodet.blogspot.com/
> ------------------------
> Open Source SOA
> http://fusesource.com
>
>
>
--
Cheers,
Guillaume Nodet
------------------------
Blog: http://gnodet.blogspot.com/
------------------------
Open Source SOA
http://fusesource.com
Re: Issue with camel OSGI Servlet and jetty Security
Posted by Guillaume Nodet <gn...@gmail.com>.
Right, see how it's done in Karaf for the web console:
http://svn.apache.org/repos/asf/karaf/trunk/webconsole/branding/src/main/java/org/apache/karaf/webconsole/JaasSecurityProvider.java
That one is called by the HttpContext created by the webconsole in the
handleSecurity() method:
http://svn.apache.org/repos/asf/felix/trunk/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java
On Fri, Jan 14, 2011 at 07:33, Achim Nierbeck <bc...@googlemail.com>wrote:
> I think for the OSGI Servlets, the OSGi container does the security
> directly like done with the webconsole plugin. Could you please take a
> look at it. Never the less I will take a deeper look at this later
> today :)
>
>
> 2011/1/14 Charles Moulliard <cm...@gmail.com>:
> > Hi,
> >
> > I have deployed successfully camel OSGI Servlet (as mentioned in the
> > wiki page updated of camel) - 2.6-SNAPSHOT and being able to use it
> > with a camel
> >
> > Now I would like to configure jetty using the configuration file
> > deployed in /etc/jetty.xml like this
> >
> > <?xml version="1.0" encoding="UTF-8"?>
> > <!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting// DTD
> > Configure//EN" "http://jetty.mortbay.org/configure.dtd">
> > <Configure class="org.eclipse.jetty.server.Server">
> >
> > <!-- =========================================================== -->
> > <!-- Set connectors -->
> > <!-- =========================================================== -->
> > <!-- One of each type! -->
> > <!-- =========================================================== -->
> >
> > <!-- Use this connector for many frequently idle connections
> > and for threadless continuations.
> > -->
> > <Call name="addConnector">
> > <Arg>
> > <New
> class="org.eclipse.jetty.server.nio.SelectChannelConnector">
> > <Set name="host"><Property name="jetty.host"/></Set>
> > <Set name="port"><Property name="jetty.port"
> default="8282"/></Set>
> > <Set name="maxIdleTime">300000</Set>
> > <Set name="Acceptors">2</Set>
> > <Set name="statsOn">false</Set>
> > <Set name="confidentialPort">8443</Set>
> > <Set name="lowResourcesConnections">20000</Set>
> > <Set name="lowResourcesMaxIdleTime">5000</Set>
> > </New>
> > </Arg>
> > </Call>
> >
> > <Call name="addBean">
> > <Arg>
> > <New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
> > <Set name="name">karaf</Set>
> > <Set name="loginModuleName">karaf</Set>
> > </New>
> > </Arg>
> > </Call>
> >
> > - This option is enable using the following property :
> > org.ops4j.pax.web.config.file=./etc/jetty.xml
> > - The security is enable with the JAASLoginService
> >
> > Unfortunately the client is not authenticated when the browser sends
> > the request to the Jetty Server and receive well an answer from camel
> > route.
> >
> > Any idea is welcome ?
> >
> > Here is the list of bundles deployed.
> >
> > [ 240] [Active ] [ ] [ ] [ 60] camel-http
> > (2.6.0.SNAPSHOT)
> > [ 241] [Active ] [ ] [ ] [ 60] camel-servlet
> > (2.6.0.SNAPSHOT)
> > [ 242] [Active ] [ ] [ ] [ 60] CAMEL :: OSGI ::
> > Servlet (1.0.0)
> > [ 248] [Active ] [ ] [Started] [ 60] spring-context.xml
> (0.0.0)
> > [ 249] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> > Extender - Whiteboard (0.8.2.SNAPSHOT)
> > [ 250] [Active ] [ ] [ ] [ 60] OPS4J Pax Url -
> > war:, war-i: (1.2.1)
> > [ 251] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> > Jsp Support (0.8.2.SNAPSHOT)
> > [ 252] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> > Extender - WAR (0.8.2.SNAPSHOT)
> > [ 253] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> > FileInstall Deployer (0.8.2.SNAPSHOT)
> > [ 254] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> > API (0.8.2.SNAPSHOT)
> > [ 255] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> > Service SPI (0.8.2.SNAPSHOT)
> > [ 256] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> > Runtime (0.8.2.SNAPSHOT)
> > [ 257] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> > Jetty (0.8.2.SNAPSHOT)
> > [ 269] [Active ] [ ] [ ] [ 60] Jetty ::
> > Utilities (7.2.2.v20101205)
> > [ 270] [Active ] [ ] [ ] [ 60] Jetty :: Plus
> > (7.2.2.v20101205)
> > [ 271] [Active ] [ ] [ ] [ 60] Jetty :: JNDI
> > Naming (7.2.2.v20101205)
> >
> >
> >
> > Regards,
> >
> >
> > Charles Moulliard
> >
> > Sr. Principal Solution Architect - FuseSource
> > Apache Committer
> >
> > Blog : http://cmoulliard.blogspot.com
> > Twitter : http://twitter.com/cmoulliard
> > Linkedin : http://www.linkedin.com/in/charlesmoulliard
> > Skype: cmoulliard
> >
>
--
Cheers,
Guillaume Nodet
------------------------
Blog: http://gnodet.blogspot.com/
------------------------
Open Source SOA
http://fusesource.com
Re: Issue with camel OSGI Servlet and jetty Security
Posted by Guillaume Nodet <gn...@gmail.com>.
Right, see how it's done in Karaf for the web console:
http://svn.apache.org/repos/asf/karaf/trunk/webconsole/branding/src/main/java/org/apache/karaf/webconsole/JaasSecurityProvider.java
That one is called by the HttpContext created by the webconsole in the
handleSecurity() method:
http://svn.apache.org/repos/asf/felix/trunk/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java
On Fri, Jan 14, 2011 at 07:33, Achim Nierbeck <bc...@googlemail.com>wrote:
> I think for the OSGI Servlets, the OSGi container does the security
> directly like done with the webconsole plugin. Could you please take a
> look at it. Never the less I will take a deeper look at this later
> today :)
>
>
> 2011/1/14 Charles Moulliard <cm...@gmail.com>:
> > Hi,
> >
> > I have deployed successfully camel OSGI Servlet (as mentioned in the
> > wiki page updated of camel) - 2.6-SNAPSHOT and being able to use it
> > with a camel
> >
> > Now I would like to configure jetty using the configuration file
> > deployed in /etc/jetty.xml like this
> >
> > <?xml version="1.0" encoding="UTF-8"?>
> > <!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting// DTD
> > Configure//EN" "http://jetty.mortbay.org/configure.dtd">
> > <Configure class="org.eclipse.jetty.server.Server">
> >
> > <!-- =========================================================== -->
> > <!-- Set connectors -->
> > <!-- =========================================================== -->
> > <!-- One of each type! -->
> > <!-- =========================================================== -->
> >
> > <!-- Use this connector for many frequently idle connections
> > and for threadless continuations.
> > -->
> > <Call name="addConnector">
> > <Arg>
> > <New
> class="org.eclipse.jetty.server.nio.SelectChannelConnector">
> > <Set name="host"><Property name="jetty.host"/></Set>
> > <Set name="port"><Property name="jetty.port"
> default="8282"/></Set>
> > <Set name="maxIdleTime">300000</Set>
> > <Set name="Acceptors">2</Set>
> > <Set name="statsOn">false</Set>
> > <Set name="confidentialPort">8443</Set>
> > <Set name="lowResourcesConnections">20000</Set>
> > <Set name="lowResourcesMaxIdleTime">5000</Set>
> > </New>
> > </Arg>
> > </Call>
> >
> > <Call name="addBean">
> > <Arg>
> > <New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
> > <Set name="name">karaf</Set>
> > <Set name="loginModuleName">karaf</Set>
> > </New>
> > </Arg>
> > </Call>
> >
> > - This option is enable using the following property :
> > org.ops4j.pax.web.config.file=./etc/jetty.xml
> > - The security is enable with the JAASLoginService
> >
> > Unfortunately the client is not authenticated when the browser sends
> > the request to the Jetty Server and receive well an answer from camel
> > route.
> >
> > Any idea is welcome ?
> >
> > Here is the list of bundles deployed.
> >
> > [ 240] [Active ] [ ] [ ] [ 60] camel-http
> > (2.6.0.SNAPSHOT)
> > [ 241] [Active ] [ ] [ ] [ 60] camel-servlet
> > (2.6.0.SNAPSHOT)
> > [ 242] [Active ] [ ] [ ] [ 60] CAMEL :: OSGI ::
> > Servlet (1.0.0)
> > [ 248] [Active ] [ ] [Started] [ 60] spring-context.xml
> (0.0.0)
> > [ 249] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> > Extender - Whiteboard (0.8.2.SNAPSHOT)
> > [ 250] [Active ] [ ] [ ] [ 60] OPS4J Pax Url -
> > war:, war-i: (1.2.1)
> > [ 251] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> > Jsp Support (0.8.2.SNAPSHOT)
> > [ 252] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> > Extender - WAR (0.8.2.SNAPSHOT)
> > [ 253] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> > FileInstall Deployer (0.8.2.SNAPSHOT)
> > [ 254] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> > API (0.8.2.SNAPSHOT)
> > [ 255] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> > Service SPI (0.8.2.SNAPSHOT)
> > [ 256] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> > Runtime (0.8.2.SNAPSHOT)
> > [ 257] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> > Jetty (0.8.2.SNAPSHOT)
> > [ 269] [Active ] [ ] [ ] [ 60] Jetty ::
> > Utilities (7.2.2.v20101205)
> > [ 270] [Active ] [ ] [ ] [ 60] Jetty :: Plus
> > (7.2.2.v20101205)
> > [ 271] [Active ] [ ] [ ] [ 60] Jetty :: JNDI
> > Naming (7.2.2.v20101205)
> >
> >
> >
> > Regards,
> >
> >
> > Charles Moulliard
> >
> > Sr. Principal Solution Architect - FuseSource
> > Apache Committer
> >
> > Blog : http://cmoulliard.blogspot.com
> > Twitter : http://twitter.com/cmoulliard
> > Linkedin : http://www.linkedin.com/in/charlesmoulliard
> > Skype: cmoulliard
> >
>
--
Cheers,
Guillaume Nodet
------------------------
Blog: http://gnodet.blogspot.com/
------------------------
Open Source SOA
http://fusesource.com
Re: Issue with camel OSGI Servlet and jetty Security
Posted by Achim Nierbeck <bc...@googlemail.com>.
I think for the OSGI Servlets, the OSGi container does the security
directly like done with the webconsole plugin. Could you please take a
look at it. Never the less I will take a deeper look at this later
today :)
2011/1/14 Charles Moulliard <cm...@gmail.com>:
> Hi,
>
> I have deployed successfully camel OSGI Servlet (as mentioned in the
> wiki page updated of camel) - 2.6-SNAPSHOT and being able to use it
> with a camel
>
> Now I would like to configure jetty using the configuration file
> deployed in /etc/jetty.xml like this
>
> <?xml version="1.0" encoding="UTF-8"?>
> <!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting// DTD
> Configure//EN" "http://jetty.mortbay.org/configure.dtd">
> <Configure class="org.eclipse.jetty.server.Server">
>
> <!-- =========================================================== -->
> <!-- Set connectors -->
> <!-- =========================================================== -->
> <!-- One of each type! -->
> <!-- =========================================================== -->
>
> <!-- Use this connector for many frequently idle connections
> and for threadless continuations.
> -->
> <Call name="addConnector">
> <Arg>
> <New class="org.eclipse.jetty.server.nio.SelectChannelConnector">
> <Set name="host"><Property name="jetty.host"/></Set>
> <Set name="port"><Property name="jetty.port" default="8282"/></Set>
> <Set name="maxIdleTime">300000</Set>
> <Set name="Acceptors">2</Set>
> <Set name="statsOn">false</Set>
> <Set name="confidentialPort">8443</Set>
> <Set name="lowResourcesConnections">20000</Set>
> <Set name="lowResourcesMaxIdleTime">5000</Set>
> </New>
> </Arg>
> </Call>
>
> <Call name="addBean">
> <Arg>
> <New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
> <Set name="name">karaf</Set>
> <Set name="loginModuleName">karaf</Set>
> </New>
> </Arg>
> </Call>
>
> - This option is enable using the following property :
> org.ops4j.pax.web.config.file=./etc/jetty.xml
> - The security is enable with the JAASLoginService
>
> Unfortunately the client is not authenticated when the browser sends
> the request to the Jetty Server and receive well an answer from camel
> route.
>
> Any idea is welcome ?
>
> Here is the list of bundles deployed.
>
> [ 240] [Active ] [ ] [ ] [ 60] camel-http
> (2.6.0.SNAPSHOT)
> [ 241] [Active ] [ ] [ ] [ 60] camel-servlet
> (2.6.0.SNAPSHOT)
> [ 242] [Active ] [ ] [ ] [ 60] CAMEL :: OSGI ::
> Servlet (1.0.0)
> [ 248] [Active ] [ ] [Started] [ 60] spring-context.xml (0.0.0)
> [ 249] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> Extender - Whiteboard (0.8.2.SNAPSHOT)
> [ 250] [Active ] [ ] [ ] [ 60] OPS4J Pax Url -
> war:, war-i: (1.2.1)
> [ 251] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> Jsp Support (0.8.2.SNAPSHOT)
> [ 252] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> Extender - WAR (0.8.2.SNAPSHOT)
> [ 253] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> FileInstall Deployer (0.8.2.SNAPSHOT)
> [ 254] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> API (0.8.2.SNAPSHOT)
> [ 255] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> Service SPI (0.8.2.SNAPSHOT)
> [ 256] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> Runtime (0.8.2.SNAPSHOT)
> [ 257] [Active ] [ ] [ ] [ 60] OPS4J Pax Web -
> Jetty (0.8.2.SNAPSHOT)
> [ 269] [Active ] [ ] [ ] [ 60] Jetty ::
> Utilities (7.2.2.v20101205)
> [ 270] [Active ] [ ] [ ] [ 60] Jetty :: Plus
> (7.2.2.v20101205)
> [ 271] [Active ] [ ] [ ] [ 60] Jetty :: JNDI
> Naming (7.2.2.v20101205)
>
>
>
> Regards,
>
>
> Charles Moulliard
>
> Sr. Principal Solution Architect - FuseSource
> Apache Committer
>
> Blog : http://cmoulliard.blogspot.com
> Twitter : http://twitter.com/cmoulliard
> Linkedin : http://www.linkedin.com/in/charlesmoulliard
> Skype: cmoulliard
>