How to configure JAAS logins with CamelSpringJUnit4ClassRunner
Issue
-
We have created a Camel project with a SOAP endpoint. This SOAP endpoint is secured using WS-Security which authenticates against FUSE's
etc/users.propertiesfile. This works well when tested using SoapUI. -
We now want to create a unit test for this. We have created a sub class of
CamelTestSupportwhich is annotated with@RunWith(CamelSpringJUnit4ClassRunner.class). This keeps failing because of failed logins though. The responses are the same as when an invalid username/password combination is sent in SoapUI. If we omit the SOAP header completely we again get the same response as with SoapUI. -
If we disable security on the endpoint, the unit test works. It therefore appears that the Camel configuration is setup correctly with the
CamelSpringJUnit4ClassRunner, except for any security settings. -
The steps taken:
Created filesrc/main/resources/META-INF/spring/beans.xmlwith the following security settings:
<cxf:cxfEndpoint id="testEndpoint"
address="http://${cxf.host}:${cxf.port}/cxf/test"
endpointName="t:TestPort"
serviceName="t:TestService"
wsdlURL="wsdl/test.wsdl">
<cxf:properties>
<entry key="schema-validation-enabled" value="true" ></entry>
<!-- for JAASLoginInterceptor to work, ws-security.validate.token needs to be set to false -->
<entry key="ws-security.validate.token" value="false"></entry>
</cxf:properties>
<cxf:inInterceptors>
<ref bean="wsSecurityInterceptor" ></ref>
<ref bean="authenticationInterceptor" ></ref>
<ref bean="authorizationInterceptor" ></ref>
</cxf:inInterceptors>
</cxf:cxfEndpoint>
<bean id="wsSecurityInterceptor" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<property name="properties">
<map>
<entry key="action" value="UsernameToken" ></entry>
<entry key="passwordType" value="PasswordText" ></entry>
</map>
</property>
</bean>
<bean id="authenticationInterceptor" class="org.apache.cxf.interceptor.security.JAASLoginInterceptor">
<property name="contextName" value="karaf" ></property>
<property name="roleClassifier" value="RolePrincipal"></property>
<property name="roleClassifierType" value="classname"></property>
</bean>
<bean id="authorizationInterceptor" class="org.apache.cxf.interceptor.security.OperationInfoAuthorizingInterceptor">
<property name="methodRolesMap">
<map>
<entry key="test" value="some_role" ></entry>
</map>
</property>
</bean>
Environment
- Red Hat JBoss Fuse
- 6.x
- Apache CXF
- Apache Camel
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.