Pages

Sunday, June 23, 2013

FUSE ESB / Apache ServiceMix Basic Authentication

Find below a guide to setup up Basic Authentication for a Restful service running in a JBoss FUSE ESB 6.0 / Apache ServiceMix OSGI runtime. The service itself is not special. The notable configuration is found in blueprint.xml and in pom.xml.

Important note: this setup only works for JBoss FUSE ESB 6.0 or newer but not for FUSE ESB 7.1.0 or older!

The Restful service implementation CustomerService.java:
package ch.keller.servicemix.restws.server;

import java.util.Date;

import javax.annotation.Resource;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Request;
import javax.ws.rs.core.SecurityContext;
import javax.ws.rs.core.UriInfo;

import org.apache.cxf.jaxrs.ext.MessageContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path("/customers")
public class CustomerService {
 
 private static final Logger LOG = LoggerFactory.getLogger(CustomerService.class);

 @Resource
 private MessageContext jaxrsContext;
 
 @GET
 @Path("/")
 public String listAll() {
  isUserInRole();
  return new Date()+": Yess!! "+jaxrsContext.getSecurityContext().getUserPrincipal();
 }

 private void isUserInRole() throws WebApplicationException {
  LOG.info("user = " + jaxrsContext.getSecurityContext().getUserPrincipal());
 }

}
The associated blueprint.xml configuration:



    
    <ext:property-placeholder placeholder-prefix="$[" placeholder-suffix="]"/>

    
        
            <ref component-id="customerSvc"/>
          
        
            <ref component-id="authenticationFilter"/>
        
    

    <bean id="customerSvc" class="ch.keller.servicemix.restws.server.CustomerService"/>
 
    
         <property name="contextName" value="karaf"/>
    
        
    
        
     users = $[karaf.base]/etc/users.properties
        
    
 
    
    
        <bean class="org.apache.karaf.jaas.modules.properties.PropertiesBackingEngineFactory" />
    

The format of the properties in users.properties is as follows, with each line defining a user, its password and associated roles:
user=password[,role][,role]...
And finally, the Maven pom.xml build script:

 4.0.0
 ch.keller.servicemix
 restws
 0.0.1-SNAPSHOT
 bundle

 
     2.6.8
     2.3.5
 

 
  
    org.apache.cxf
   cxf-bundle
   provided
   ${cxf-version}
  
 

 
  
   
    org.apache.felix
    maven-bundle-plugin
    true
    ${felix-version}
    
     
      ${project.artifactId}
      ${project.description}
      
       org.apache.karaf.jaas.config,  
       org.apache.karaf.jaas.boot.principal,
       org.eclipse.jetty.plus.jaas,
       org.apache.karaf.jaas.boot,
       *
       
      
        ch.keller.servicemix.restws.server
      
      
    
   
    
 


Especially important is the import-package section that guarantees that no java.lang.ClassNotFoundException is thrown during runtime:

    org.apache.karaf.jaas.config,  
    org.apache.karaf.jaas.boot.principal,
    org.eclipse.jetty.plus.jaas,
    org.apache.karaf.jaas.boot,
    *

No comments:

Post a Comment