CXF OAuth2 AuthorizationCodeGrantService in Karaf

Fri, 26 Oct 2012 07:54:56 -0700 

Hi,
i am trying to setup an OAuth2 Server using CXFs implementation. Following the documentation[1], i have implemented an OAuthDataProvider and wired it to the AuthorizationCodeGrantService. 


Everything works fine. But when i request the authorization in my 
browser, i only get a blank page/ zero-length content response.



I am attaching an instance of RequestDispatcherProvider to the 
jaxrs:server that serves the authorization. Like the documentation 
suggested: the OAuthAuthorizationData is to be rendered by an JSP. In 
the logs i see the expected output:
  'Setting an instance of 
"org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData" as 
HttpServletRequest attribute "data" and redirecting the response to 
"/jsp/authorize.jsp"'.



But i see this even when i map to an non-existing JSP without any errors 
in the logs.



After messing arround with this issue, i tried XSLTJaxbProvider. This 
provider at least emits warning about missing files and as a result 
throws an exception when it tries to render the output: [2].



Disabling both providers display the XML serialization of the 
OAuthAuthorizationData instance.



[3] shows a slightly shortend version of the blueprint context 
definition i am using to startup the service.



While inspecting the missing resource warning of the XSLTJaxbProvider 
with my debugger, i noticed that it uses the ClassLoader (getting it by 
CXF Bus) of another bundle that is exposing a REST service via CXF - 
because that bundle is started earlier. So i tried to name the busses of 
both bundles. But this doesn't have any impact on the output.



JSP support is active as there is another bundle that uses JSPs to 
render web pages but without CXF.



I deactivated both bundles so that the OAuth service bundle is the only 
one that uses CXF or JSPs. But still no output.


I imported Servlet and JSP packages in the service bundle. Still no output.


The CXF version is 2.7.0 - but 2.6.2 yields the same result. Karaf 
versions 2.2.9 and 2.3.0 yield also the same result with both CXF 
versions. The installed features are: cxf, cxf-rs-security-oauth2 (and 
their dependencies).


Am i missing something from the docs? Any hints are appreciated.


Thanks
Peter

[1] http://cxf.apache.org/docs/jax-rs-oauth2.html
[2] http://pastebin.com/vdqmNc0Q
[3] http://pastebin.com/CtCR6qRf






















					Reply via email to