Waiting for the actual feedback from the users makes sense; I guess the
question is if such 'internal' intents should be publishable (ex, the
client does not need to know the server is using a logging interceptor),
may be they can be marked as internal
Sergey
On 28/09/16 16:59, Christian Schneider wrote:
Currently in DOSGi you would need an additional class to define a
feature. You would use DS annotations to publish the feature as an intent.
Inside the feature you would add the in interceptor.
Then in the service you would add the intent.
I am not sure if this added complexity is a problem or not.
@Martin it would be great if you could port your application to
CXF-DOSGi 2 soon and give some feedback on the current status.
I can help in getting your started with the migration.
I think we should look into feedback from users if they see the current
intent and feature based solution as too complicated.
Christian
On 27.09.2016 22:32, Sergey Beryozkin wrote:
Good news, thanks for making it work.
Christian - should we consider putting the ability to register
interceptors without going the intents path back to DOSGI 2.x ?
How what Martin did can be done in DOSGI 2.x ?
(FYI, in DOSGI 1.8 the below approach works for JAXWS/JAXRS)
Sergey
On 27/09/16 20:31, Martin Nielsen wrote:
I made it work! I am sorry for wasting your time. The problem seems
to have
been that the interceptor was not exported properly from my bundle.
But i will be careful when updating to DOSGi 2, if and when that
happens.
But for now i have a neat little solution with 2way SSL and Shiro
authentication though the client certificate.
I am a happy camper:)
On Tue, Sep 27, 2016 at 5:05 PM, Sergey Beryozkin <sberyoz...@gmail.com>
wrote:
Hi
There are two issues here.
First - why DOSGI JAX-RS code is not reacting to the in interceptor
class
name, can you put a breakpoint here please:
https://github.com/apache/cxf-dosgi/blob/cxf-dosgi-ri-1.8.0/
cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/Clas
sUtils.java#L97
It might be that some different way of registering them is needed.
Second: Christian removed this code in DOSGI 2.0 so the question is how
they can be registered in 2.0.
Cheers, Sergey
On 27/09/16 14:45, Martin Nielsen wrote:
Hello everyone.
I am working with CXF DOSGi for the first time. The task at the
moment is
to build a declarative services component which registeres an
endpoint and
an interceptor. The endpoint will run on an 2way SSL enabled
connection,
and the interceptor should read the incomming client certificate.
SO far I
managed to get an endpoint working through a declarative services
endpoint,
and i got one way SSL working (Maybe 2way as well, we will get to
that).
Now i am trying to add an interceptor, which should read the incomming
client certificate.
And that is where i fail. The interceptor does not seem to be
working. It
does not log anything, neither in the constructor or in the
handleMessage
method.
Can someone please take a look and tell my where my mistake is? The
interceptor should be called before the end endpoint methods are
invoked,
whenever the REST service is called. But right now i can call the
endpoint
methods just fine though SSL, but the interceptor is never called,
which
makes it hard for me to know if 2way SSL is currently working or not.
I don't expect 1 and 2way SSL to have anything at all to do with
this, but
i am mentioning it because i'm ignorant (Just in case) :)
Versions:
CXF 3.1.6
CXF-DOSGI 1.8.0
My interceptor:
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.security.transport.TLSSessionInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class CertificateInterceptor extends AbstractPhaseInterceptor {
private static final Logger LOGGER =
LoggerFactory.getLogger(CertificateInterceptor.class);
public CertificateInterceptor() {
super(Phase.RECEIVE);
LOGGER.debug("Starting certificate interceptor");
}
public void handleMessage(Message message) throws Fault {
LOGGER.debug("Handling message: "+message.getId());
TLSSessionInfo tlsSessionInfo = (TLSSessionInfo) message
.get(TLSSessionInfo.class);
if (tlsSessionInfo != null) {
Certificate[] peerCerts = tlsSessionInfo.getPeerCertificates();
LOGGER.info("Discovered TLSSession: "+tlsSessionInfo);
if (peerCerts != null) {
for (int i = 0; i < peerCerts.length; i++) {
X509Certificate x509certificate = (X509Certificate) peerCerts[i];
LOGGER.info("Retrieved certificate: " +
x509certificate.getSubjectDN().getName() + " pubkey: " +
x509certificate.getPublicKey());
}
}
} else {
LOGGER.info("NO x509certificate");
}
}
}
My endpoint:
@Component(property = {
"service.exported.interfaces=*", "service.exported.configs=org.
apache.cxf.rs
",
"org.apache.cxf.rs.httpservice.context="+LicenseServiceEndpoint.endpoint,
"org.apache.cxf.rs.in.interceptors=com.polis.licensing.
server.rest.interceptor.CertificateInterceptor"})
public class LicenseServiceEndpoint implements LicenseServiceRest{
public static final String endpoint = "/polis/licenseservice";
private List<ServiceRegistration<MessageBodyReader>> readerRefs
= new
ArrayList<>();
private List<ServiceRegistration<MessageBodyWriter>> writerRefs
= new
ArrayList<>();
...Various endpoint-methods...
@Activate
public void activate(BundleContext context) throws Exception{
registerProvider(context, new CertificateRequestProvider()); //<---
This
is
a messagebodyreader/writer. It should be irrelevant for this question
}
@Deactivate
public void deactivate(BundleContext context) throws Exception{
for(int i = readerRefs.size()-1 ; i>=0 ; i--){
readerRefs.get(i).unregister();
readerRefs.remove(i);
}
for(int i = writerRefs.size()-1 ; i>=0 ; i--){
writerRefs.get(i).unregister();
writerRefs.remove(i);
}
}
private <E extends MessageBodyReader & MessageBodyWriter> void
registerProvider(BundleContext context, E provider){
readerRefs.add(context.registerService(MessageBodyReader.class,
provider,
null));
writerRefs.add(context.registerService(MessageBodyWriter.class,
provider,
null));
}
}
Thank you in advance for your usual helpful demeanor:)
-Martin
--
Sergey Beryozkin
Talend Community Coders
http://coders.talend.com/
