[ 
https://issues.apache.org/jira/browse/CAMEL-14990?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17097262#comment-17097262
 ] 

Gerald Kallas commented on CAMEL-14990:
---------------------------------------

Tx [~davsclaus]. Following your comment I've created a Blueprint DSL that works 
as expected. It contains
 * 2 different constraintMappings w/ a constraint each referring to a dedicated 
path
 * 1 securityHandler that includes both contraintMappings
 * 2 different camel contexts w/ a route each listening on same port and on a 
different path

With this approach the authentication works. See the Blueprint DSL below.

One question ..

Is there a way to externalize the constraint / constraintMapping / 
securityHandler configuration to another Blueprint DSL file and refer to it (as 
the same w/ sslContextParameters) in the Blueprint DSL files containing the 
camel context / camel routes? I tried several ways but no one works.

 
{code:java}
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0";
         
xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0";
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
         xmlns:cm="http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.1.0";
         xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0 
https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd";>

   <!-- set security constraints -->
   <bean id="constraint_TSTISP001" 
class="org.eclipse.jetty.util.security.Constraint">
      <property name="name" value="BASIC"/>
      <property name="authenticate" value="true"/>
      <property name="roles">
         <list>
            <value>TSTISP001</value>
         </list>
      </property>
   </bean>

   <bean id="constraintMapping_TSTISP001" 
class="org.eclipse.jetty.security.ConstraintMapping">
      <property name="constraint" ref="constraint_TSTISP001"/>
      <property name="pathSpec" value="/hello1"/>
   </bean>

   <bean id="constraint_TSTISP002" 
class="org.eclipse.jetty.util.security.Constraint">
      <property name="name" value="BASIC"/>
      <property name="authenticate" value="true"/>
      <property name="roles">
         <list>
            <value>TSTISP002</value>
         </list>
      </property>
   </bean>

   <bean id="constraintMapping_TSTISP002" 
class="org.eclipse.jetty.security.ConstraintMapping">
      <property name="constraint" ref="constraint_TSTISP002"/>
      <property name="pathSpec" value="/hello2"/>
   </bean>

   <bean id="securityHandler" 
class="org.eclipse.jetty.security.ConstraintSecurityHandler">
      <property name="loginService">
         <bean class="org.eclipse.jetty.security.HashLoginService">
            <property name="config" 
value="/opt/apache-karaf/etc/users.properties"/>
         </bean>
      </property>
      <property name="authenticator">
         <bean 
class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
      </property>
      <property name="constraintMappings">
         <list>
            <ref component-id="constraintMapping_TSTISP001"/>
            <ref component-id="constraintMapping_TSTISP002"/>
         </list>
      </property>
   </bean>

   <!-- set reference to the SSLContextParameters -->
   <reference id="sslContextParameters" 
interface="org.apache.camel.support.jsse.SSLContextParameters" 
ext:proxy-method="classes" />

   <camelContext id="isp.context.user.TSTISP001" 
xmlns="http://camel.apache.org/schema/blueprint"; streamCache="true" 
useBreadcrumb="true">

      <route id="isp.route.user.TSTISP001">
         <from 
uri="jetty:https://0.0.0.0:8444/hello1?sslContextParameters=#sslContextParameters&amp;handlers=securityHandler";
 />
         <setBody><constant>Hello 1</constant></setBody>
      </route>

   </camelContext>

   <camelContext id="isp.context.user.TSTISP002" 
xmlns="http://camel.apache.org/schema/blueprint"; streamCache="true" 
useBreadcrumb="true">

      <route id="isp.route.user.TSTISP002">
         <from 
uri="jetty:https://0.0.0.0:8444/hello2?sslContextParameters=#sslContextParameters&amp;handlers=securityHandler";
 />
         <setBody><constant>Hello 2</constant></setBody>
      </route>

   </camelContext>

</blueprint>
{code}

> camel-jetty consumers w/ different security handlers on different paths and 
> same port don't work
> ------------------------------------------------------------------------------------------------
>
>                 Key: CAMEL-14990
>                 URL: https://issues.apache.org/jira/browse/CAMEL-14990
>             Project: Camel
>          Issue Type: Bug
>          Components: camel-jetty
>    Affects Versions: 3.0.1
>            Reporter: Gerald Kallas
>            Priority: Minor
>
> I've created two Blueprint DSLs. The 1st one works as expected w/ basic auth.
> {code:xml}
> <blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0";
>                  
> xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0";
>                  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>                  
> xmlns:cm="http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.1.0";
>                  
> xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0 
> https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd";>
>       <!-- set security constraints -->
>       <bean id="constraint_TSTISP001" 
> class="org.eclipse.jetty.util.security.Constraint">
>               <property name="name" value="BASIC"/>
>               <property name="authenticate" value="true"/>
>               <property name="roles">
>                       <list>
>                               <value>TSTISP001</value>
>                       </list>
>               </property>
>       </bean>
>       <bean id="constraintMapping_TSTISP001" 
> class="org.eclipse.jetty.security.ConstraintMapping">
>               <property name="constraint" ref="constraint_TSTISP001"/>
>               <property name="pathSpec" value="/hello1"/>
>       </bean>
>       <bean id="securityHandler_TSTISP001" 
> class="org.eclipse.jetty.security.ConstraintSecurityHandler">
>               <property name="loginService">
>                       <bean 
> class="org.eclipse.jetty.security.HashLoginService">
>                               <property name="config" 
> value="/opt/apache-karaf/etc/TSTISP001.properties"/>
>                       </bean>
>               </property>
>               <property name="authenticator">
>                       <bean 
> class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
>               </property>
>               <property name="constraintMappings">
>                       <list>
>                               <ref 
> component-id="constraintMapping_TSTISP001"/>
>                       </list>
>               </property>
>       </bean>
>       <camelContext xmlns="http://camel.apache.org/schema/blueprint"; 
> streamCache="true" useBreadcrumb="true">
>               <route id="isp.route.user.TSTISP001">
>                       <from 
> uri="jetty:http://0.0.0.0:8182/hello1?handlers=securityHandler_TSTISP001"; />
> ...
> {code}
> The property file TSTISP001.properties looks like
> {code:xml}
> username1=password1,TSTISP001
> {code}
> After deploying a 2nd Blueprint DSL like
> {code:xml}
> <blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0";
>                  
> xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0";
>                  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>                  
> xmlns:cm="http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.1.0";
>                  
> xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0 
> https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd";>
>       <!-- set security constraints -->
>       <bean id="constraint_TSTISP002" 
> class="org.eclipse.jetty.util.security.Constraint">
>               <property name="name" value="BASIC"/>
>               <property name="authenticate" value="true"/>
>               <property name="roles">
>                       <list>
>                               <value>TSTISP002</value>
>                       </list>
>               </property>
>       </bean>
>       <bean id="constraintMapping_TSTISP002" 
> class="org.eclipse.jetty.security.ConstraintMapping">
>               <property name="constraint" ref="constraint_TSTISP002"/>
>               <property name="pathSpec" value="/hello2"/>
>       </bean>
>       <bean id="securityHandler_TSTISP002" 
> class="org.eclipse.jetty.security.ConstraintSecurityHandler">
>               <property name="loginService">
>                       <bean 
> class="org.eclipse.jetty.security.HashLoginService">
>                               <property name="config" 
> value="/opt/apache-karaf/etc/TSTISP002.properties"/>
>                       </bean>
>               </property>
>               <property name="authenticator">
>                       <bean 
> class="org.eclipse.jetty.security.authentication.BasicAuthenticator"/>
>               </property>
>               <property name="constraintMappings">
>                       <list>
>                               <ref 
> component-id="constraintMapping_TSTISP002"/>
>                       </list>
>               </property>
>       </bean>
>       
>       <camelContext xmlns="http://camel.apache.org/schema/blueprint"; 
> streamCache="true" useBreadcrumb="true">
>               <route>
>                       <from 
> uri="jetty:http://0.0.0.0:8182/hello2?handlers=securityHandler_TSTISP002"; />
> ...
> {code}
> with the corresponding TSTISP002.properties file
> {code:xml}
> username2=password2,TSTISP002
> {code}
> the 2nd route works as expected.
> The 1st route doesn't have any authentication anymore after the deployment of 
> the 1st route.
> A platform restart doesn't help. The 2nd route started of both has 
> authentication, the 1st one is loosing the authentication.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to