Quantcast
Camel Camel - Users

camel-cxf and HTTP BASIC authentication

classic Classic list List threaded Threaded
8 messages Options
Christian Mueller
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate
star

camel-cxf and HTTP BASIC authentication

Christian Mueller
We are in the process of migrating an existing project to Camel.
One of the requirements is to support HTTP BASIC authentication.
What's the (easiest) way to do this?

I thought this could be done by configuring Jetty (in jetty.xml) but didn't
found an example which doesn't use a web.xml file to fulfill this.
Afterwards, I was looking for an CXF (Inbound) Interceptor to do it. Again
without look. :-(
Is it really required to write my own Interceptor to support this standard?

We are using ServiceMix 4.4.1 with Camel 2.8.0.

Thanks in advance,
Christian
ychawla
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate
star

Re: camel-cxf and HTTP BASIC authentication

ychawla
Hi Christian,
What about adding an HTTP Conduit to your CXF bean?

http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html

Is your requirement for inbound or outbound HTTP basic auth?  Depending on your container, you might be able to do this at the Apache HTTPD or Tomcat layer as well.

Thanks,
Yogesh
ychawla
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate
star

Re: camel-cxf and HTTP BASIC authentication

ychawla
Just re-read your message and you have a ServiceMix requirement so Tomcat and Apache HTTPD wouldn't work.

I saw some blog entries that talks about an interceptor based approach that might help:

http://chrisdail.com/2008/03/31/apache-cxf-with-http-basic-authentication/
http://chrisdail.com/2008/08/13/http-basic-authentication-with-apache-cxf-revisited/

Thanks,
Yogesh

Christian Mueller
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate
star

Re: camel-cxf and HTTP BASIC authentication

Christian Mueller
In reply to this post by ychawla
Thanks Yogesh for taking time for my question.

The information in [1] only helps for the client site (unit testing), but I
have to provide this service (the server part).
The information in [2] and [3] are useful how to implement such kind of CXF
interceptor, but I still hope there is an existing solution in CXF or Jetty
which doesn't force me to implement this. May be only a simple
PasswordCallback or so...

[1]
http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
[2]
http://chrisdail.com/2008/03/31/apache-cxf-with-http-basic-authentication/
[3]
http://chrisdail.com/2008/08/13/http-basic-authentication-with-apache-cxf-revisited/

Best,
Christian

On Tue, Jul 17, 2012 at 9:45 PM, ychawla <[hidden email]>wrote:

> Hi Christian,
> What about adding an HTTP Conduit to your CXF bean?
>
> http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
>
> Is your requirement for inbound or outbound HTTP basic auth?  Depending on
> your container, you might be able to do this at the Apache HTTPD or Tomcat
> layer as well.
>
> Thanks,
> Yogesh
>
> --
> View this message in context:
> http://camel.465427.n5.nabble.com/camel-cxf-and-HTTP-BASIC-authentication-tp5716163p5716169.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
Sergey Beryozkin-3
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate
star

Re: camel-cxf and HTTP BASIC authentication

Sergey Beryozkin-3
Hi
On 17/07/12 22:30, Christian Müller wrote:
> Thanks Yogesh for taking time for my question.
>
> The information in [1] only helps for the client site (unit testing), but I
> have to provide this service (the server part).
> The information in [2] and [3] are useful how to implement such kind of CXF
> interceptor, but I still hope there is an existing solution in CXF or Jetty
> which doesn't force me to implement this. May be only a simple
> PasswordCallback or so...
>

May be JAASLoginInterceptor ?

In the simplest case you will only need to set up a JAAS context name on it:

http://svn.apache.org/repos/asf/cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java

HTH, Sergey

> [1]
> http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
> [2]
> http://chrisdail.com/2008/03/31/apache-cxf-with-http-basic-authentication/
> [3]
> http://chrisdail.com/2008/08/13/http-basic-authentication-with-apache-cxf-revisited/
>
> Best,
> Christian
>
> On Tue, Jul 17, 2012 at 9:45 PM, ychawla<[hidden email]>wrote:
>
>> Hi Christian,
>> What about adding an HTTP Conduit to your CXF bean?
>>
>> http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
>>
>> Is your requirement for inbound or outbound HTTP basic auth?  Depending on
>> your container, you might be able to do this at the Apache HTTPD or Tomcat
>> layer as well.
>>
>> Thanks,
>> Yogesh
>>
>> --
>> View this message in context:
>> http://camel.465427.n5.nabble.com/camel-cxf-and-HTTP-BASIC-authentication-tp5716163p5716169.html
>> Sent from the Camel - Users mailing list archive at Nabble.com.
>>
>


dkulp@apache.org
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate
star

Re: camel-cxf and HTTP BASIC authentication

dkulp@apache.org
In reply to this post by Christian Mueller

Are you using a pax-web based endpoint (address like "/foo") or a full CXF
controlled Jetty port? (http://0.0.0.0:8080/foo)

For the former, you'd have to look into how you can configure the pax-web
stuff.  I'm not really sure.

For the latter, you would need to configure stuff into the jetty instance.  
You can use one of the CXF system tests as an example:

http://svn.apache.org/repos/asf/cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/

See the jettyBasicAuthServer.xml  and jetty-realm.properties files as
examples.   That said, not sure how will that would work in OSGi.

Dan



On Tuesday, July 17, 2012 11:30:29 PM Christian Müller wrote:

> Thanks Yogesh for taking time for my question.
>
> The information in [1] only helps for the client site (unit testing), but
> I have to provide this service (the server part).
> The information in [2] and [3] are useful how to implement such kind of
> CXF interceptor, but I still hope there is an existing solution in CXF or
> Jetty which doesn't force me to implement this. May be only a simple
> PasswordCallback or so...
>
> [1]
> http://cxf.apache.org/docs/client-http-transport-including-ssl-support.htm
> l [2]
> http://chrisdail.com/2008/03/31/apache-cxf-with-http-basic-authentication/
> [3]
> http://chrisdail.com/2008/08/13/http-basic-authentication-with-apache-cxf-
> revisited/
>
> Best,
> Christian
>
> On Tue, Jul 17, 2012 at 9:45 PM, ychawla
<[hidden email]>wrote:

> > Hi Christian,
> > What about adding an HTTP Conduit to your CXF bean?
> >
> > http://cxf.apache.org/docs/client-http-transport-including-ssl-support.h
> > tml
> >
> > Is your requirement for inbound or outbound HTTP basic auth?  Depending
> > on your container, you might be able to do this at the Apache HTTPD or
> > Tomcat layer as well.
> >
> > Thanks,
> > Yogesh
> >
> > --
> > View this message in context:
> > http://camel.465427.n5.nabble.com/camel-cxf-and-HTTP-BASIC-authenticatio
> > n-tp5716163p5716169.html Sent from the Camel - Users mailing list
> > archive at Nabble.com.
--
Daniel Kulp
[hidden email] - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com
Willem.Jiang
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate
star

Re: camel-cxf and HTTP BASIC authentication

Willem.Jiang
In reply to this post by Christian Mueller
Hi Christian,

I'm afraid you have configure the interceptor yourself, or write some
configuration to setup Jetty server as others show you.

If you are using ServiceMix you can try out the Sergey shows
JAASLoginInterceptor, and setup right context name for you to use.

Here is an configuration[1] which is shows in Blueprint, but I think you
can use it in Spring at same time.

[1]https://github.com/fusesource/fuse/blob/master/examples/secure-rest/src/main/resources/OSGI-INF/blueprint/blueprint.xml

On 7/18/12 5:30 AM, Christian Müller wrote:

> Thanks Yogesh for taking time for my question.
>
> The information in [1] only helps for the client site (unit testing), but I
> have to provide this service (the server part).
> The information in [2] and [3] are useful how to implement such kind of CXF
> interceptor, but I still hope there is an existing solution in CXF or Jetty
> which doesn't force me to implement this. May be only a simple
> PasswordCallback or so...
>
> [1]
> http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
> [2]
> http://chrisdail.com/2008/03/31/apache-cxf-with-http-basic-authentication/
> [3]
> http://chrisdail.com/2008/08/13/http-basic-authentication-with-apache-cxf-revisited/
>
> Best,
> Christian
>
> On Tue, Jul 17, 2012 at 9:45 PM, ychawla <[hidden email]>wrote:
>
>> Hi Christian,
>> What about adding an HTTP Conduit to your CXF bean?
>>
>> http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
>>
>> Is your requirement for inbound or outbound HTTP basic auth?  Depending on
>> your container, you might be able to do this at the Apache HTTPD or Tomcat
>> layer as well.
>>
>> Thanks,
>> Yogesh
>>
>> --
>> View this message in context:
>> http://camel.465427.n5.nabble.com/camel-cxf-and-HTTP-BASIC-authentication-tp5716163p5716169.html
>> Sent from the Camel - Users mailing list archive at Nabble.com.
>>
>


--
Willem
----------------------------------
FuseSource
Web: http://www.fusesource.com
Blog:    http://willemjiang.blogspot.com (English)
          http://jnn.javaeye.com (Chinese)
Twitter: willemjiang
Weibo: willemjiang


Christian Mueller
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate
star

Re: camel-cxf and HTTP BASIC authentication

Christian Mueller
Thank you all for your valuable suggestions. I will try it out and report
back.

Best,
Christian

On Wed, Jul 18, 2012 at 9:07 AM, Willem Jiang <[hidden email]>wrote:

> Hi Christian,
>
> I'm afraid you have configure the interceptor yourself, or write some
> configuration to setup Jetty server as others show you.
>
> If you are using ServiceMix you can try out the Sergey shows
> JAASLoginInterceptor, and setup right context name for you to use.
>
> Here is an configuration[1] which is shows in Blueprint, but I think you
> can use it in Spring at same time.
>
> [1]https://github.com/**fusesource/fuse/blob/master/**
> examples/secure-rest/src/main/**resources/OSGI-INF/blueprint/**
> blueprint.xml<https://github.com/fusesource/fuse/blob/master/examples/secure-rest/src/main/resources/OSGI-INF/blueprint/blueprint.xml>
>
>
> On 7/18/12 5:30 AM, Christian Müller wrote:
>
>> Thanks Yogesh for taking time for my question.
>>
>> The information in [1] only helps for the client site (unit testing), but
>> I
>> have to provide this service (the server part).
>> The information in [2] and [3] are useful how to implement such kind of
>> CXF
>> interceptor, but I still hope there is an existing solution in CXF or
>> Jetty
>> which doesn't force me to implement this. May be only a simple
>> PasswordCallback or so...
>>
>> [1]
>> http://cxf.apache.org/docs/**client-http-transport-**
>> including-ssl-support.html<http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html>
>> [2]
>> http://chrisdail.com/2008/03/**31/apache-cxf-with-http-basic-**
>> authentication/<http://chrisdail.com/2008/03/31/apache-cxf-with-http-basic-authentication/>
>> [3]
>> http://chrisdail.com/2008/08/**13/http-basic-authentication-**
>> with-apache-cxf-revisited/<http://chrisdail.com/2008/08/13/http-basic-authentication-with-apache-cxf-revisited/>
>>
>> Best,
>> Christian
>>
>> On Tue, Jul 17, 2012 at 9:45 PM, ychawla <[hidden email]>**
>> wrote:
>>
>>  Hi Christian,
>>> What about adding an HTTP Conduit to your CXF bean?
>>>
>>> http://cxf.apache.org/docs/**client-http-transport-**
>>> including-ssl-support.html<http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html>
>>>
>>> Is your requirement for inbound or outbound HTTP basic auth?  Depending
>>> on
>>> your container, you might be able to do this at the Apache HTTPD or
>>> Tomcat
>>> layer as well.
>>>
>>> Thanks,
>>> Yogesh
>>>
>>> --
>>> View this message in context:
>>> http://camel.465427.n5.nabble.**com/camel-cxf-and-HTTP-BASIC-**
>>> authentication-**tp5716163p5716169.html<http://camel.465427.n5.nabble.com/camel-cxf-and-HTTP-BASIC-authentication-tp5716163p5716169.html>
>>> Sent from the Camel - Users mailing list archive at Nabble.com.
>>>
>>>
>>
>
> --
> Willem
> ------------------------------**----
> FuseSource
> Web: http://www.fusesource.com
> Blog:    http://willemjiang.blogspot.**com<http://willemjiang.blogspot.com>(English)
>          http://jnn.javaeye.com (Chinese)
> Twitter: willemjiang
> Weibo: willemjiang
>
>
>
Loading...
Powered by Nabble Edit this page