I made it work! I am sorry for wasting your time. The problem seems to have been that the interceptor was not exported properly from my bundle.
But i will be careful when updating to DOSGi 2, if and when that happens. But for now i have a neat little solution with 2way SSL and Shiro authentication though the client certificate. I am a happy camper:) On Tue, Sep 27, 2016 at 5:05 PM, Sergey Beryozkin <sberyoz...@gmail.com> wrote: > Hi > > There are two issues here. > First - why DOSGI JAX-RS code is not reacting to the in interceptor class > name, can you put a breakpoint here please: > > https://github.com/apache/cxf-dosgi/blob/cxf-dosgi-ri-1.8.0/ > cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/Clas > sUtils.java#L97 > > It might be that some different way of registering them is needed. > > Second: Christian removed this code in DOSGI 2.0 so the question is how > they can be registered in 2.0. > > Cheers, Sergey > > > On 27/09/16 14:45, Martin Nielsen wrote: > >> Hello everyone. >> >> I am working with CXF DOSGi for the first time. The task at the moment is >> to build a declarative services component which registeres an endpoint and >> an interceptor. The endpoint will run on an 2way SSL enabled connection, >> and the interceptor should read the incomming client certificate. SO far I >> managed to get an endpoint working through a declarative services >> endpoint, >> and i got one way SSL working (Maybe 2way as well, we will get to that). >> Now i am trying to add an interceptor, which should read the incomming >> client certificate. >> >> And that is where i fail. The interceptor does not seem to be working. It >> does not log anything, neither in the constructor or in the handleMessage >> method. >> >> Can someone please take a look and tell my where my mistake is? The >> interceptor should be called before the end endpoint methods are invoked, >> whenever the REST service is called. But right now i can call the endpoint >> methods just fine though SSL, but the interceptor is never called, which >> makes it hard for me to know if 2way SSL is currently working or not. >> >> I don't expect 1 and 2way SSL to have anything at all to do with this, but >> i am mentioning it because i'm ignorant (Just in case) :) >> >> Versions: >> CXF 3.1.6 >> CXF-DOSGI 1.8.0 >> >> >> My interceptor: >> import java.security.cert.Certificate; >> import java.security.cert.X509Certificate; >> import org.apache.cxf.interceptor.Fault; >> import org.apache.cxf.message.Message; >> import org.apache.cxf.phase.AbstractPhaseInterceptor; >> import org.apache.cxf.phase.Phase; >> import org.apache.cxf.security.transport.TLSSessionInfo; >> import org.slf4j.Logger; >> import org.slf4j.LoggerFactory; >> >> public class CertificateInterceptor extends AbstractPhaseInterceptor { >> >> private static final Logger LOGGER = >> LoggerFactory.getLogger(CertificateInterceptor.class); >> >> public CertificateInterceptor() { >> super(Phase.RECEIVE); >> LOGGER.debug("Starting certificate interceptor"); >> } >> >> public void handleMessage(Message message) throws Fault { >> LOGGER.debug("Handling message: "+message.getId()); >> TLSSessionInfo tlsSessionInfo = (TLSSessionInfo) message >> .get(TLSSessionInfo.class); >> if (tlsSessionInfo != null) { >> Certificate[] peerCerts = tlsSessionInfo.getPeerCertificates(); >> LOGGER.info("Discovered TLSSession: "+tlsSessionInfo); >> if (peerCerts != null) { >> for (int i = 0; i < peerCerts.length; i++) { >> X509Certificate x509certificate = (X509Certificate) peerCerts[i]; >> LOGGER.info("Retrieved certificate: " + >> x509certificate.getSubjectDN().getName() + " pubkey: " + >> x509certificate.getPublicKey()); >> } >> } >> >> } else { >> LOGGER.info("NO x509certificate"); >> } >> } >> >> } >> >> >> My endpoint: >> >> >> @Component(property = { >> "service.exported.interfaces=*", "service.exported.configs=org. >> apache.cxf.rs >> ", >> "org.apache.cxf.rs.httpservice.context="+LicenseServiceEndpoint.endpoint, >> "org.apache.cxf.rs.in.interceptors=com.polis.licensing. >> server.rest.interceptor.CertificateInterceptor"}) >> public class LicenseServiceEndpoint implements LicenseServiceRest{ >> public static final String endpoint = "/polis/licenseservice"; >> private List<ServiceRegistration<MessageBodyReader>> readerRefs = new >> ArrayList<>(); >> private List<ServiceRegistration<MessageBodyWriter>> writerRefs = new >> ArrayList<>(); >> >> >> ...Various endpoint-methods... >> >> @Activate >> public void activate(BundleContext context) throws Exception{ >> registerProvider(context, new CertificateRequestProvider()); //<--- This >> is >> a messagebodyreader/writer. It should be irrelevant for this question >> } >> >> @Deactivate >> public void deactivate(BundleContext context) throws Exception{ >> for(int i = readerRefs.size()-1 ; i>=0 ; i--){ >> readerRefs.get(i).unregister(); >> readerRefs.remove(i); >> } >> for(int i = writerRefs.size()-1 ; i>=0 ; i--){ >> writerRefs.get(i).unregister(); >> writerRefs.remove(i); >> } >> } >> >> private <E extends MessageBodyReader & MessageBodyWriter> void >> registerProvider(BundleContext context, E provider){ >> readerRefs.add(context.registerService(MessageBodyReader.class, provider, >> null)); >> writerRefs.add(context.registerService(MessageBodyWriter.class, provider, >> null)); >> } >> >> } >> >> >> Thank you in advance for your usual helpful demeanor:) >> >> -Martin >> >> > > -- > Sergey Beryozkin > > Talend Community Coders > http://coders.talend.com/ >
