One more, final question :) Currently, I have configured Karaf server, to accept only requests signed with certain client SSL certificate - this works for us as a very basic layer for authenticating incoming requests to Camel/jaxrs.
So, I'w like to keep this solution, but also support HTTP Basic auth. So, if a request is signed with SSL cert, try to authorize with certificate, if the request is signed with HTTP Basic, use that instead of certificate. I guess I have to move it all into CXF filter, right? To get such "authorization chain". On Mon, May 20, 2013 at 7:44 PM, Martin Stiborský <martin.stibor...@gmail.com> wrote: > wow, works, many thanks to you. > I promised already few, but I should really write some tutorial on > this topic…give me a slap if I don't do it next weekend… > > On Mon, May 20, 2013 at 1:26 PM, Sergey Beryozkin <sberyoz...@gmail.com> > wrote: >> Hi >> >> On 20/05/13 12:19, Martin Stiborský wrote: >>> >>> So far it seems for me that I have a big problem with architecture of >>> the application. >>> It was working well so far, the approach we used. >>> >>> I mean, these "camel-cxf:rsServer" elements, with classes describing >>> REST interface following jax-rs. >>> The REST classes were looking a little bit weird, as they "returning >>> null" >>> (http://www.javacodegeeks.com/2012/05/rest-endpoint-for-integration-using.html) >>> but it was possible then to use the rest class directly in the start >>> of a camel routes with "from("cxfrs:bean:something")". >>> >>> Is something like this possible with this way of registering jax-rs? >>> >>> <jaxrs:server id="customerService" address="/"> >>> <jaxrs:serviceBeans> >>> <ref component-id="myServiceBean" /> >>> </jaxrs:serviceBeans> >>> <jaxrs:providers> >>> <bean id="authorizationFilter" class="com.foo.HttpAuth"/> >>> </jaxrs:providers> >>> </jaxrs:server> >>> >> >> Yes, simply do >> >> <jaxrs:server id="customerService" >> address="camel:/myCamelTransportAddress"> >> >> <jaxrs:serviceBeans> >> <ref component-id="myServiceBean" /> >> </jaxrs:serviceBeans> >> <jaxrs:providers> >> <bean id="authorizationFilter" class="com.foo.HttpAuth"/> >> </jaxrs:providers> >> </jaxrs:server> >> >> And use that in combination with Camel Servlet transport. >> Also, have a look at the new Simple binding for cxfrs, available from Camel >> 2.11 >> >> Sergey >> >> >> >> >>> The provider definitelly works like that, that's good. But everything >>> else doesn't work :P >>> >>> On Mon, May 20, 2013 at 12:01 PM, Martin Stiborský >>> <martin.stibor...@gmail.com> wrote: >>>> >>>> Ok, so it seems that implementing >>>> org.apache.cxf.jaxrs.ext.RequestHandler could help me. >>>> How to register such a provider then? >>>> >>>> We have REST interfaces created like this: >>>> >>>> <camel-cxf:rsServer id="restFoo" address="/rest/foo" >>>> serviceClass="com.rest.FooRest"/> >>>> >>>> We have few of these. I'm not sure, it it's possible to register >>>> jax-rs provider with this. >>>> >>>> >>>> On Mon, May 20, 2013 at 10:02 AM, Ioan Eugen Stan <stan.ieu...@gmail.com> >>>> wrote: >>>>> >>>>> Hello Martin, >>>>> >>>>> I think you could try addding a Filter or Interceptor that does Basic >>>>> Auth. If you're using CXF you could try something like [1] >>>>> >>>>> Hope it helps, >>>>> >>>>> [1] http://cxf.apache.org/docs/secure-jax-rs-services.html >>>>> >>>>> On Mon, May 20, 2013 at 10:48 AM, Martin Stiborský >>>>> <martin.stibor...@gmail.com> wrote: >>>>>> >>>>>> Hello guys, >>>>>> a joke is saying that a number of tabs opened in web browser related >>>>>> to some problem could help you to estimate the time needed for >>>>>> implementation. >>>>>> I have now about 33 tabs opened :) I need to secure my REST interface, >>>>>> with HTTP Basic auth. >>>>>> >>>>>> In the project, we are currently still with Camel 2.10.1 (not yet >>>>>> resolved some troubles with upgrade to 2.11 :( ), we are using OSGi >>>>>> and Aries blueprint. All deployed into Apache Karaf. >>>>>> >>>>>> Just a simple hint which way to go is goood enough for me. >>>>>> Right now, I'm checking JAAS, but I'm really lost in this topic. >>>>>> >>>>>> -- >>>>>> S pozdravem / Best regards >>>>>> Martin Stiborský >>>>>> >>>>>> Jabber: st...@njs.netlab.cz >>>>>> Twitter: http://www.twitter.com/stibi >>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Ioan Eugen Stan >>>>> 0720 898 747 >>>> >>>> >>>> >>>> >>>> -- >>>> S pozdravem / Best regards >>>> Martin Stiborský >>>> >>>> Jabber: st...@njs.netlab.cz >>>> Twitter: http://www.twitter.com/stibi >>> >>> >>> >>> >> >> > > > > -- > S pozdravem / Best regards > Martin Stiborský > > Jabber: st...@njs.netlab.cz > Twitter: http://www.twitter.com/stibi -- S pozdravem / Best regards Martin Stiborský Jabber: st...@njs.netlab.cz Twitter: http://www.twitter.com/stibi
