Apache camel 在JBoss Fuse中为CXF/HTTP设置基本身份验证的正确方法是什么?
我已经尝试了很长一段时间,为我所有公开的web服务设置基本身份验证,但没有任何运气 我将JBoss Fuse 6.2.1与Karaf容器(Karaf-2.4.0.redhat-621117)一起使用,目前我有三个积分,它们消耗的积分量相等 我想要实现的是,在调用服务或试图查看WSDL时,用auth对话框提示所述服务的用户。 注意,我不想使用ws-security,它将身份验证放在Soap信封中,而是放在http级别 我一直在查看以下文档条目: [1] [2] [3] 但我不知道我应该使用哪种方法(如果有的话)。 事实上,到目前为止,它们中没有一个对我有效,但这可能是代表我的用户错误造成的 下面我将展示我尝试过(后来失败了)做的事情: 混合使用[1]和[3] blueprint.xml:Apache camel 在JBoss Fuse中为CXF/HTTP设置基本身份验证的正确方法是什么?,apache-camel,jetty,cxf,jbossfuse,blueprint-osgi,Apache Camel,Jetty,Cxf,Jbossfuse,Blueprint Osgi,我已经尝试了很长一段时间,为我所有公开的web服务设置基本身份验证,但没有任何运气 我将JBoss Fuse 6.2.1与Karaf容器(Karaf-2.4.0.redhat-621117)一起使用,目前我有三个积分,它们消耗的积分量相等 我想要实现的是,在调用服务或试图查看WSDL时,用auth对话框提示所述服务的用户。 注意,我不想使用ws-security,它将身份验证放在Soap信封中,而是放在http级别 我一直在查看以下文档条目: [1] [2] [3] 但我不知道我应该使用哪种方法
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:cxf="http://camel.apache.org/schema/blueprint/cxf"
xmlns:cxf-core="http://cxf.apache.org/blueprint/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
xsi:schemaLocation="
http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
http://camel.apache.org/schema/blueprint http://camel.apache.org/schema/blueprint/camel-blueprint.xsd">
<bean id="loginService" class="org.eclipse.jetty.plus.jaas.JAASLoginService">
<property name="name" value="karaf"/>
<property name="loginModuleName" value="karaf"/>
<property name="roleClassNames">
<list>
<value>org.apache.karaf.jaas.boot.principal.RolePrincipal</value>
</list>
</property>
</bean>
<bean id="identityService" class="org.eclipse.jetty.security.DefaultIdentityService"/>
<bean id="constraint" class="org.eclipse.jetty.util.security.Constraint">
<property name="name" value="BASIC"/>
<property name="roles" value="Administrator"/>
<property name="authenticate" value="true"/>
</bean>
<bean id="constraintMapping" class="org.eclipse.jetty.security.ConstraintMapping">
<property name="constraint" ref="constraint"/>
<property name="pathSpec" value="/*"/>
</bean>
<bean id="securityHandler" class="org.eclipse.jetty.security.ConstraintSecurityHandler">
<property name="authenticator">
<bean class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
</property>
<property name="constraintMappings">
<list>
<ref bean="constraintMapping"/>
</list>
</property>
<property name="loginService" ref="loginService"/>
<property name="strict" value="false"/>
<property name="identityService" ref="identityService"/>
</bean>
<httpj:engine-factory bus="cxf">
<httpj:engine port="8181">
<httpj:handlers>
<ref component-id="securityHandler" />
</httpj:handlers>
</httpj:engine>
</httpj:engine-factory>
</blueprint>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:cxf="http://camel.apache.org/schema/blueprint/cxf"
xmlns:cxf-core="http://cxf.apache.org/blueprint/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:http-conf="http://cxf.apache.org/transports/http/configuration"
xsi:schemaLocation="
http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
http://camel.apache.org/schema/blueprint http://camel.apache.org/schema/blueprint/camel-blueprint.xsd">
<http-conf:conduit name="http://localhost:8181/.*" xmlns:sec="http://cxf.apache.org/configuration/security">
<http-conf:authorization>
<sec:UserName>test</sec:UserName>
<sec:Password>test</sec:Password>
<sec:AuthorizationType>BASIC</sec:AuthorizationType>
</http-conf:authorization>
</http-conf:conduit>
</blueprint>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:cxf="http://camel.apache.org/schema/blueprint/cxf"
xmlns:cxf-core="http://cxf.apache.org/blueprint/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
xsi:schemaLocation="
http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
http://camel.apache.org/schema/blueprint http://camel.apache.org/schema/blueprint/camel-blueprint.xsd">
<bean id="loginService" class="org.eclipse.jetty.plus.jaas.JAASLoginService">
<property name="name" value="karaf"/>
<property name="loginModuleName" value="karaf"/>
<property name="roleClassNames">
<list>
<value>org.apache.karaf.jaas.boot.principal.RolePrincipal</value>
</list>
</property>
</bean>
<bean id="identityService" class="org.eclipse.jetty.security.DefaultIdentityService"/>
<bean id="constraint" class="org.eclipse.jetty.util.security.Constraint">
<property name="name" value="BASIC"/>
<property name="roles">
<list>
<value>admin</value>
</list>
</property>
<property name="authenticate" value="true"/>
</bean>
<bean id="constraintMapping" class="org.eclipse.jetty.security.ConstraintMapping">
<property name="constraint" ref="constraint"/>
<property name="pathSpec" value="/*"/>
</bean>
<bean id="securityHandler" class="org.eclipse.jetty.security.ConstraintSecurityHandler">
<property name="authenticator">
<bean class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
</property>
<property name="constraintMappings">
<list>
<ref component-id="constraintMapping"/>
</list>
</property>
<property name="loginService" ref="loginService"/>
<property name="strict" value="false"/>
<property name="identityService" ref="identityService"/>
</bean>
<httpj:engine-factory bus="cxf">
<httpj:engine port="8083">
<httpj:handlers>
<ref component-id="securityHandler" />
</httpj:handlers>
</httpj:engine>
</httpj:engine-factory>
<cxf:cxfEndpoint address="http://localhost:8083/MyService" id="myWs" serviceClass="com.company.test.CxfService">
<cxf:properties>
<entry key="dataFormat" value="PAYLOAD" />
</cxf:properties>
</cxf:cxfEndpoint>
...
</blueprint>
org.apache.karaf.jaas.boot.principal.RolePrincipal
使用[2]
blueprint.xml:
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:cxf="http://camel.apache.org/schema/blueprint/cxf"
xmlns:cxf-core="http://cxf.apache.org/blueprint/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
xsi:schemaLocation="
http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
http://camel.apache.org/schema/blueprint http://camel.apache.org/schema/blueprint/camel-blueprint.xsd">
<bean id="loginService" class="org.eclipse.jetty.plus.jaas.JAASLoginService">
<property name="name" value="karaf"/>
<property name="loginModuleName" value="karaf"/>
<property name="roleClassNames">
<list>
<value>org.apache.karaf.jaas.boot.principal.RolePrincipal</value>
</list>
</property>
</bean>
<bean id="identityService" class="org.eclipse.jetty.security.DefaultIdentityService"/>
<bean id="constraint" class="org.eclipse.jetty.util.security.Constraint">
<property name="name" value="BASIC"/>
<property name="roles" value="Administrator"/>
<property name="authenticate" value="true"/>
</bean>
<bean id="constraintMapping" class="org.eclipse.jetty.security.ConstraintMapping">
<property name="constraint" ref="constraint"/>
<property name="pathSpec" value="/*"/>
</bean>
<bean id="securityHandler" class="org.eclipse.jetty.security.ConstraintSecurityHandler">
<property name="authenticator">
<bean class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
</property>
<property name="constraintMappings">
<list>
<ref bean="constraintMapping"/>
</list>
</property>
<property name="loginService" ref="loginService"/>
<property name="strict" value="false"/>
<property name="identityService" ref="identityService"/>
</bean>
<httpj:engine-factory bus="cxf">
<httpj:engine port="8181">
<httpj:handlers>
<ref component-id="securityHandler" />
</httpj:handlers>
</httpj:engine>
</httpj:engine-factory>
</blueprint>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:cxf="http://camel.apache.org/schema/blueprint/cxf"
xmlns:cxf-core="http://cxf.apache.org/blueprint/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:http-conf="http://cxf.apache.org/transports/http/configuration"
xsi:schemaLocation="
http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
http://camel.apache.org/schema/blueprint http://camel.apache.org/schema/blueprint/camel-blueprint.xsd">
<http-conf:conduit name="http://localhost:8181/.*" xmlns:sec="http://cxf.apache.org/configuration/security">
<http-conf:authorization>
<sec:UserName>test</sec:UserName>
<sec:Password>test</sec:Password>
<sec:AuthorizationType>BASIC</sec:AuthorizationType>
</http-conf:authorization>
</http-conf:conduit>
</blueprint>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:cxf="http://camel.apache.org/schema/blueprint/cxf"
xmlns:cxf-core="http://cxf.apache.org/blueprint/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
xsi:schemaLocation="
http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
http://camel.apache.org/schema/blueprint http://camel.apache.org/schema/blueprint/camel-blueprint.xsd">
<bean id="loginService" class="org.eclipse.jetty.plus.jaas.JAASLoginService">
<property name="name" value="karaf"/>
<property name="loginModuleName" value="karaf"/>
<property name="roleClassNames">
<list>
<value>org.apache.karaf.jaas.boot.principal.RolePrincipal</value>
</list>
</property>
</bean>
<bean id="identityService" class="org.eclipse.jetty.security.DefaultIdentityService"/>
<bean id="constraint" class="org.eclipse.jetty.util.security.Constraint">
<property name="name" value="BASIC"/>
<property name="roles">
<list>
<value>admin</value>
</list>
</property>
<property name="authenticate" value="true"/>
</bean>
<bean id="constraintMapping" class="org.eclipse.jetty.security.ConstraintMapping">
<property name="constraint" ref="constraint"/>
<property name="pathSpec" value="/*"/>
</bean>
<bean id="securityHandler" class="org.eclipse.jetty.security.ConstraintSecurityHandler">
<property name="authenticator">
<bean class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
</property>
<property name="constraintMappings">
<list>
<ref component-id="constraintMapping"/>
</list>
</property>
<property name="loginService" ref="loginService"/>
<property name="strict" value="false"/>
<property name="identityService" ref="identityService"/>
</bean>
<httpj:engine-factory bus="cxf">
<httpj:engine port="8083">
<httpj:handlers>
<ref component-id="securityHandler" />
</httpj:handlers>
</httpj:engine>
</httpj:engine-factory>
<cxf:cxfEndpoint address="http://localhost:8083/MyService" id="myWs" serviceClass="com.company.test.CxfService">
<cxf:properties>
<entry key="dataFormat" value="PAYLOAD" />
</cxf:properties>
</cxf:cxfEndpoint>
...
</blueprint>
测试
测试
基本的
这两种情况下使用的cxfEndpoint
<cxf:cxfEndpoint address="${address}" id="myWs" serviceClass="com.company.test.CxfService">
<cxf:properties>
<entry key="dataFormat" value="PAYLOAD" />
</cxf:properties>
</cxf:cxfEndpoint>
最好是能够利用JAAS,但我会满足于从更简单的开始
我应该补充的是,我没有收到任何错误,只是在浏览或通过SoapUI调用服务时,没有提示我提供任何凭据
如果有人能为我指出正确的方向,我将不胜感激。我设法找到了一个可行的解决方案,因此我将发布我的发现,希望其他人在某个时候能从中得到帮助 blueprint.xml:
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:cxf="http://camel.apache.org/schema/blueprint/cxf"
xmlns:cxf-core="http://cxf.apache.org/blueprint/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
xsi:schemaLocation="
http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
http://camel.apache.org/schema/blueprint http://camel.apache.org/schema/blueprint/camel-blueprint.xsd">
<bean id="loginService" class="org.eclipse.jetty.plus.jaas.JAASLoginService">
<property name="name" value="karaf"/>
<property name="loginModuleName" value="karaf"/>
<property name="roleClassNames">
<list>
<value>org.apache.karaf.jaas.boot.principal.RolePrincipal</value>
</list>
</property>
</bean>
<bean id="identityService" class="org.eclipse.jetty.security.DefaultIdentityService"/>
<bean id="constraint" class="org.eclipse.jetty.util.security.Constraint">
<property name="name" value="BASIC"/>
<property name="roles" value="Administrator"/>
<property name="authenticate" value="true"/>
</bean>
<bean id="constraintMapping" class="org.eclipse.jetty.security.ConstraintMapping">
<property name="constraint" ref="constraint"/>
<property name="pathSpec" value="/*"/>
</bean>
<bean id="securityHandler" class="org.eclipse.jetty.security.ConstraintSecurityHandler">
<property name="authenticator">
<bean class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
</property>
<property name="constraintMappings">
<list>
<ref bean="constraintMapping"/>
</list>
</property>
<property name="loginService" ref="loginService"/>
<property name="strict" value="false"/>
<property name="identityService" ref="identityService"/>
</bean>
<httpj:engine-factory bus="cxf">
<httpj:engine port="8181">
<httpj:handlers>
<ref component-id="securityHandler" />
</httpj:handlers>
</httpj:engine>
</httpj:engine-factory>
</blueprint>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:cxf="http://camel.apache.org/schema/blueprint/cxf"
xmlns:cxf-core="http://cxf.apache.org/blueprint/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:http-conf="http://cxf.apache.org/transports/http/configuration"
xsi:schemaLocation="
http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
http://camel.apache.org/schema/blueprint http://camel.apache.org/schema/blueprint/camel-blueprint.xsd">
<http-conf:conduit name="http://localhost:8181/.*" xmlns:sec="http://cxf.apache.org/configuration/security">
<http-conf:authorization>
<sec:UserName>test</sec:UserName>
<sec:Password>test</sec:Password>
<sec:AuthorizationType>BASIC</sec:AuthorizationType>
</http-conf:authorization>
</http-conf:conduit>
</blueprint>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:cxf="http://camel.apache.org/schema/blueprint/cxf"
xmlns:cxf-core="http://cxf.apache.org/blueprint/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
xsi:schemaLocation="
http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
http://camel.apache.org/schema/blueprint http://camel.apache.org/schema/blueprint/camel-blueprint.xsd">
<bean id="loginService" class="org.eclipse.jetty.plus.jaas.JAASLoginService">
<property name="name" value="karaf"/>
<property name="loginModuleName" value="karaf"/>
<property name="roleClassNames">
<list>
<value>org.apache.karaf.jaas.boot.principal.RolePrincipal</value>
</list>
</property>
</bean>
<bean id="identityService" class="org.eclipse.jetty.security.DefaultIdentityService"/>
<bean id="constraint" class="org.eclipse.jetty.util.security.Constraint">
<property name="name" value="BASIC"/>
<property name="roles">
<list>
<value>admin</value>
</list>
</property>
<property name="authenticate" value="true"/>
</bean>
<bean id="constraintMapping" class="org.eclipse.jetty.security.ConstraintMapping">
<property name="constraint" ref="constraint"/>
<property name="pathSpec" value="/*"/>
</bean>
<bean id="securityHandler" class="org.eclipse.jetty.security.ConstraintSecurityHandler">
<property name="authenticator">
<bean class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
</property>
<property name="constraintMappings">
<list>
<ref component-id="constraintMapping"/>
</list>
</property>
<property name="loginService" ref="loginService"/>
<property name="strict" value="false"/>
<property name="identityService" ref="identityService"/>
</bean>
<httpj:engine-factory bus="cxf">
<httpj:engine port="8083">
<httpj:handlers>
<ref component-id="securityHandler" />
</httpj:handlers>
</httpj:engine>
</httpj:engine-factory>
<cxf:cxfEndpoint address="http://localhost:8083/MyService" id="myWs" serviceClass="com.company.test.CxfService">
<cxf:properties>
<entry key="dataFormat" value="PAYLOAD" />
</cxf:properties>
</cxf:cxfEndpoint>
...
</blueprint>
org.apache.karaf.jaas.boot.principal.RolePrincipal
管理
...
还需要将以下内容添加到pom.xml中:
<Import-Package>
javax.security.auth,
javax.security.auth.callback,
javax.security.auth.login,
javax.security.auth.spi,
org.apache.karaf.jaas.modules,
org.apache.karaf.jaas.boot.principal,
org.eclipse.jetty.server,
org.eclipse.jetty.plus.jaas;version=${jetty-version},
org.eclipse.jetty.security;version=${jetty-version},
*
</Import-Package>
javax.security.auth,
javax.security.auth.callback,
javax.security.auth.login,
javax.security.auth.spi,
org.apache.karaf.jaas.modules,
org.apache.karaf.jaas.boot.principal,
org.eclipse.jetty.server,
org.eclipse.jetty.plus.jaas;版本=${jetty version},
org.eclipse.jetty.security;版本=${jetty version},
*
org.eclipse.jetty.server是httpj:engine工厂运行所必需的。
如果要设置基本身份验证,则似乎无法使用默认端口(8181)。此解决方案改为在端口8083上设置自定义jetty容器(您可以使用其他端口,只需确保您的cxfEndpoints发布在同一端口上即可。)您在哪里设置了实际的用户名和密码值?在JAAS中,或者您是否以任何方式使用了Karaf?此解决方案利用了默认的JAAS领域。即,凭据取自Fuse的/etc目录中的“users.properties”文件。