Error with Basic HTTP Authentication using Karaf

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Error with Basic HTTP Authentication using Karaf

quark020
Hi,

I'm trying to workout an example using basic HTTP authentication with ServiceMix 4.4.1 and karaf

The following is my setup.

======================================================
== web.xml
======================================================
<!DOCTYPE web-app PUBLIC
 "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
 "http://java.sun.com/dtd/web-app_2_3.dtd" >

<web-app>
  <display-name>Archetype Created Web Application</display-name>
  <servlet>
    <servlet-name>simple</servlet-name>
    <servlet-class>org.sonatype.mavenbook.web.SimpleServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>simple</servlet-name>
    <url-pattern>/simple</url-pattern>
  </servlet-mapping>

  <security-constraint>
    <display-name>MathSecurityConstraint</display-name>
    <web-resource-collection>
      <web-resource-name>MathService</web-resource-name>
      <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <role-name>admin</role-name>
    </auth-constraint>
  </security-constraint>

  <login-config>
      <auth-method>BASIC</auth-method>
      <realm-name>karaf</realm-name>
  </login-config>

  <security-role>
      <description>Admin</description>
      <role-name>admin</role-name>
  </security-role>
</web-app>
======================================================

======================================================
== pom.xml for the maven project
======================================================
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" 
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 
                             http://maven.apache.org/maven-v4_0_0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <groupId>org.sonatype.mavenbook.simpleweb</groupId>
  <artifactId>parent</artifactId>
  <version>0.8-SNAPSHOT</version>
  <packaging>pom</packaging>
  <name>Simple Web Chapter Parent Project</name>
  <properties>
    <karaf.version>2.2.4</karaf.version>
    <jetty.version>7.4.5.v20110725</jetty.version>
  </properties>
  <modules>
    <module>simple-webapp</module>
  </modules>
  <dependencies>
    <dependency>
      <groupId>org.apache.karaf.jaas</groupId>
      <artifactId>org.apache.karaf.jaas.config</artifactId>
      <version>${karaf.version}</version>
    </dependency>
    <dependency>
      <groupId>org.apache.karaf.jaas</groupId>
      <artifactId>org.apache.karaf.jaas.modules</artifactId>
      <version>${karaf.version}</version>
    </dependency>
    <dependency>
      <groupId>org.eclipse.jetty</groupId>
      <artifactId>jetty-plus</artifactId>
      <version>${jetty.version}</version>
    </dependency>
    <dependency>
      <groupId>org.eclipse.jetty</groupId>
      <artifactId>jetty-util</artifactId>
      <version>${jetty.version}</version>
    </dependency>
  </dependencies>

  <build>
    <defaultGoal>install</defaultGoal>

    <plugins>
      <plugin>
        <groupId>org.apache.felix</groupId>
        <artifactId>maven-bundle-plugin</artifactId>
        <extensions>true</extensions>
        <configuration>
          <instructions>
            <Bundle-SymbolicName>${project.artifactId}</Bundle-SymbolicName>
            <Import-Package>
                   javax.net.ssl,
                   javax.security.auth.login,
                   org.osgi.service.blueprint,
                   org.apache.karaf.jaas.config,
                   org.apache.karaf.jaas.boot,
                   org.apache.karaf.jaas.modules,
                   org.eclipse.jetty,
                </Import-Package>
            <DynamicImport-Package>*</DynamicImport-Package>
           
          </instructions>
        </configuration>
      </plugin>
    </plugins>
  </build>
 
</project>
======================================================

======================================================
== jetty.xml
======================================================
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//
DTD Configure//EN" "http://jetty.mortbay.org/configure.dtd">

<Configure class="org.eclipse.jetty.server.Server">

   
   
   
   
   

   
    <Call name="addConnector">
      <Arg>
          <New class="org.eclipse.jetty.server.nio.SelectChannelConnector">
            <Set name="host"><Property name="jetty.host" /></Set>
            <Set name="port"><Property name="jetty.port" default="8181"/></Set>
            <Set name="maxIdleTime">300000</Set>
            <Set name="Acceptors">2</Set>
            <Set name="statsOn">false</Set>
            <Set name="confidentialPort">8443</Set>
            <Set name="lowResourcesConnections">20000</Set>
            <Set name="lowResourcesMaxIdleTime">5000</Set>
          </New>
      </Arg>
    </Call>
       
       
   
   
   
   
   
   
   
    <Call name="addBean">
      <Arg>
        <New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
          <Set name="name">karaf</Set>
          <Set name="loginModuleName">karaf</Set>
          <Set name="roleClassNames">
            <Array type="java.lang.String">
              <Item>org.apache.karaf.jaas.modules.RolePrincipal</Item>
            </Array>
          </Set>
        </New>
      </Arg>
    </Call>
</Configure>
======================================================

======================================================
== users.properties
======================================================
################################################################################
#
#    Licensed to the Apache Software Foundation (ASF) under one or more
#    contributor license agreements.  See the NOTICE file distributed with
#    this work for additional information regarding copyright ownership.
#    The ASF licenses this file to You under the Apache License, Version 2.0
#    (the "License"); you may not use this file except in compliance with
#    the License.  You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
#    Unless required by applicable law or agreed to in writing, software
#    distributed under the License is distributed on an "AS IS" BASIS,
#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#    See the License for the specific language governing permissions and
#    limitations under the License.
#
################################################################################

#
smx=smx,admin
======================================================

I'm getting the following error when trying to access the application. When trying to access the URL, the prompt for authentication appears and after entering the username and password the following error is displayed.

======================================================
HTTP ERROR 403

Problem accessing /simple-webapp/index.jsp. Reason:

    !role

Powered by Jetty://
======================================================

TIA
Reply | Threaded
Open this post in threaded view
|

Re: Error with Basic HTTP Authentication using Karaf

quark020
Any tips to troubleshoot ?
Reply | Threaded
Open this post in threaded view
|

Re: Error with Basic HTTP Authentication using Karaf

Achim Nierbeck
In reply to this post by quark020
You might try to add the following to the jetty.xml file

     <Call name="addBean">
       <Arg>
         <New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
           <Set name="name">default</Set>
           <Set name="loginModuleName">karaf</Set>
           <Set name="roleClassNames">
             <Array type="java.lang.String">
               <Item>org.apache.karaf.jaas.modules.RolePrincipal</Item>
             </Array>
           </Set>
         </New>
       </Arg>
     </Call>


remove the realm name from your web.xml and give it another try.
If this still doesn't work could you open a issue for this at
pax-web/karaf cause this seems to
be more an issue of the interaction between pax-web and the Karaf Jaas
realms.

Regards, Achim


Am 06.03.2012 20:21, schrieb quark020:

> Hi,
>
> I'm trying to workout an example using basic HTTP authentication with
> ServiceMix 4.4.1 and karaf
>
> The following is my setup.
>
> ======================================================
> == web.xml
> ======================================================
> <!DOCTYPE web-app PUBLIC
>   &quot;-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN&quot;
>   &quot;http://java.sun.com/dtd/web-app_2_3.dtd&quot;>
>
> <web-app>
>    <display-name>Archetype Created Web Application</display-name>
>    <servlet>
>      <servlet-name>simple</servlet-name>
>      <servlet-class>org.sonatype.mavenbook.web.SimpleServlet</servlet-class>
>    </servlet>
>    <servlet-mapping>
>      <servlet-name>simple</servlet-name>
>      <url-pattern>/simple</url-pattern>
>    </servlet-mapping>
>
>    <security-constraint>
>      <display-name>MathSecurityConstraint</display-name>
>      <web-resource-collection>
>        <web-resource-name>MathService</web-resource-name>
>        <url-pattern>/*</url-pattern>
>      </web-resource-collection>
>      <auth-constraint>
>        <role-name>admin</role-name>
>      </auth-constraint>
>    </security-constraint>
>
>    <login-config>
>        <auth-method>BASIC</auth-method>
>        <realm-name>karaf</realm-name>
>    </login-config>
>
>    <security-role>
>        <description>Admin</description>
>        <role-name>admin</role-name>
>    </security-role>
> </web-app>
> ======================================================
>
> ======================================================
> == pom.xml for the maven project
> ======================================================
> <?xml version="1.0" encoding="UTF-8"?>
> <project xmlns="http://maven.apache.org/POM/4.0.0"
>           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>           xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
>                               http://maven.apache.org/maven-v4_0_0.xsd">
>    <modelVersion>4.0.0</modelVersion>
>    <groupId>org.sonatype.mavenbook.simpleweb</groupId>
>    <artifactId>parent</artifactId>
>    <version>0.8-SNAPSHOT</version>
>    <packaging>pom</packaging>
>    <name>Simple Web Chapter Parent Project</name>
>    <properties>
>      <karaf.version>2.2.4</karaf.version>
>      <jetty.version>7.4.5.v20110725</jetty.version>
>    </properties>
>    <modules>
>      <module>simple-webapp</module>
>    </modules>
>    <dependencies>
>      <dependency>
>        <groupId>org.apache.karaf.jaas</groupId>
>        <artifactId>org.apache.karaf.jaas.config</artifactId>
>        <version>${karaf.version}</version>
>      </dependency>
>      <dependency>
>        <groupId>org.apache.karaf.jaas</groupId>
>        <artifactId>org.apache.karaf.jaas.modules</artifactId>
>        <version>${karaf.version}</version>
>      </dependency>
>      <dependency>
>        <groupId>org.eclipse.jetty</groupId>
>        <artifactId>jetty-plus</artifactId>
>        <version>${jetty.version}</version>
>      </dependency>
>      <dependency>
>        <groupId>org.eclipse.jetty</groupId>
>        <artifactId>jetty-util</artifactId>
>        <version>${jetty.version}</version>
>      </dependency>
>    </dependencies>
>
>    <build>
>      <defaultGoal>install</defaultGoal>
>
>      <plugins>
>        <plugin>
>          <groupId>org.apache.felix</groupId>
>          <artifactId>maven-bundle-plugin</artifactId>
>          <extensions>true</extensions>
>          <configuration>
>            <instructions>
>              <Bundle-SymbolicName>${project.artifactId}</Bundle-SymbolicName>
>              <Import-Package>
>                     javax.net.ssl,
>                     javax.security.auth.login,
>                     org.osgi.service.blueprint,
>                     org.apache.karaf.jaas.config,
>                     org.apache.karaf.jaas.boot,
>                     org.apache.karaf.jaas.modules,
>                     org.eclipse.jetty,
>                  </Import-Package>
>              <DynamicImport-Package>*</DynamicImport-Package>
>
>            </instructions>
>          </configuration>
>        </plugin>
>      </plugins>
>    </build>
>
> </project>
> ======================================================
>
> ======================================================
> == jetty.xml
> ======================================================
> <?xml version="1.0"?>
> <!DOCTYPE Configure PUBLIC&quot;-//Mort Bay Consulting//
> DTD Configure//EN&quot;&quot;http://jetty.mortbay.org/configure.dtd&quot;>
>
> <Configure class="org.eclipse.jetty.server.Server">
>
>
>
>
>
>
>
>
>      <Call name="addConnector">
>        <Arg>
>            <New class="org.eclipse.jetty.server.nio.SelectChannelConnector">
>              <Set name="host"><Property name="jetty.host" /></Set>
>              <Set name="port"><Property name="jetty.port"
> default="8181"/></Set>
>              <Set name="maxIdleTime">300000</Set>
>              <Set name="Acceptors">2</Set>
>              <Set name="statsOn">false</Set>
>              <Set name="confidentialPort">8443</Set>
> <Set name="lowResourcesConnections">20000</Set>
> <Set name="lowResourcesMaxIdleTime">5000</Set>
>            </New>
>        </Arg>
>      </Call>
>
>
>
>
>
>
>
>
>
>      <Call name="addBean">
>        <Arg>
>          <New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
>            <Set name="name">karaf</Set>
>            <Set name="loginModuleName">karaf</Set>
>            <Set name="roleClassNames">
>              <Array type="java.lang.String">
>                <Item>org.apache.karaf.jaas.modules.RolePrincipal</Item>
>              </Array>
>            </Set>
>          </New>
>        </Arg>
>      </Call>
> </Configure>
> ======================================================
>
> ======================================================
> == users.properties
> ======================================================
> ################################################################################
> #
> #    Licensed to the Apache Software Foundation (ASF) under one or more
> #    contributor license agreements.  See the NOTICE file distributed with
> #    this work for additional information regarding copyright ownership.
> #    The ASF licenses this file to You under the Apache License, Version 2.0
> #    (the "License"); you may not use this file except in compliance with
> #    the License.  You may obtain a copy of the License at
> #
> #       http://www.apache.org/licenses/LICENSE-2.0
> #
> #    Unless required by applicable law or agreed to in writing, software
> #    distributed under the License is distributed on an "AS IS" BASIS,
> #    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
> implied.
> #    See the License for the specific language governing permissions and
> #    limitations under the License.
> #
> ################################################################################
>
> #
> smx=smx,admin
> ======================================================
>
> I'm getting the following error when trying to access the application. When
> trying to access the URL, the prompt for authentication appears and after
> entering the username and password the following error is displayed.
>
> ======================================================
> HTTP ERROR 403
>
> Problem accessing /simple-webapp/index.jsp. Reason:
>
>      !role
>
> Powered by Jetty://
> ======================================================
>
> TIA
>
> --
> View this message in context: http://servicemix.396122.n5.nabble.com/Error-with-Basic-HTTP-Authentication-using-Karaf-tp5541934p5541934.html
> Sent from the ServiceMix - User mailing list archive at Nabble.com.


--
- Apache Karaf<http://karaf.apache.org/>  Committer&  PMC
- OPS4J Pax Web<http://wiki.ops4j.org/display/paxweb/Pax+Web/>    Committer&  Project Lead
- Blog<http://notizblog.nierbeck.de/>

Reply | Threaded
Open this post in threaded view
|

Re: Error with Basic HTTP Authentication using Karaf

quark020
This post was updated on .
Thank you. Removing realm name from web.xml didn't work.

Created bug http://team.ops4j.org/browse/PAXWEB-353
Reply | Threaded
Open this post in threaded view
|

Re: Error with Basic HTTP Authentication using Karaf

Achim Nierbeck
switching to the default Realm didn't solve this?

cause the integration tests for pax web do work, so it has to be
something with the integration inside karaf.

thanx, Achim

2012/3/7 quark020 <[hidden email]>:
> Created bug http://team.ops4j.org/browse/PAXWEB-353
>
> --
> View this message in context: http://servicemix.396122.n5.nabble.com/Error-with-Basic-HTTP-Authentication-using-Karaf-tp5541934p5545810.html
> Sent from the ServiceMix - User mailing list archive at Nabble.com.



--

Apache Karaf <http://karaf.apache.org/> Committer & PMC
OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/>
Committer & Project Lead
blog <http://notizblog.nierbeck.de/>
Reply | Threaded
Open this post in threaded view
|

Re: Error with Basic HTTP Authentication using Karaf

quark020
Switching to the default realm didn't work.