FYI it should be fixed in Karaf 2.3.0. Do you use this version?
Łukasz Dywicki [email protected] -- Twitter: ldywicki Blog: http://dywicki.pl Code-House - http://code-house.org Wiadomość napisana przez siv vasan <[email protected]> w dniu 21 lut 2013, o godz. 16:35: > I have facing an security configuration issue with karaf. > > 1. I have a JAAS Login module blueprint bundle deployed in karaf. > 2. Jetty is configured with JAASLoginSerivce, and the configuration file is > deployed as fragment bundle. > > Now have 2 applications > 1. Web application which use container(jetty) based authentication > > 2. I have another application, which is cfx rest application. For this i am > using authentication filter as described here > http://cxf.apache.org/docs/secure-jax-rs-services.html > > My plan is to use same jaas module configurations for both applications.(web > application used JAASLoginService and rest uses authentication filter) > > But the problem is, for rest application login request is going to Jetty > JAASLoginSerivce instead of coming filter. and it is throwing below > exception. > h3>Caused by: > <pre>java.lang.ClassNotFoundException: > org.apache.karaf.jaas.boot.principal.RolePrincipal not found by > org.apache.cxf.cxf-rt-transports-http [122] > > > at > org.apache.felix.framework.BundleWiringImpl.findClassOrResourceByDelegation(BundleWiringImpl.java:1460) > > at > org.apache.felix.framework.BundleWiringImpl.access$400(BundleWiringImpl.java:72) > > at > org.apache.felix.framework.BundleWiringImpl$BundleClassLoader.loadClass(BundleWiringImpl.java:1843) > > .... > at > org.eclipse.jetty.plus.jaas.JAASLoginService.getGroups(JAASLoginService.java:315) > > at > org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:244) > > at > org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:88) > > at > org.eclipse.jetty.security.authentication.DeferredAuthentication.authenticate(DeferredAuthentication.java:108) > > at > org.eclipse.jetty.server.Request.getUserPrincipal(Request.java:1251) > > > > If remove JAASLoginSerivce then authentication is happening thorough filter. > I assume that JAASLoginSerivce i configured is applied for all the web > applications deployed in jetty. > > Is there a way to restrict the JAASLoginSerivce to specific web app ? or > How can i bypass JAASLoginSerivce for rest application. > > > > > > > -- > View this message in context: > http://karaf.922171.n3.nabble.com/Use-same-JAAS-module-for-web-app-and-cxf-rest-application-tp4027838.html > Sent from the Karaf - User mailing list archive at Nabble.com.
