How to configure JAAS logins with CamelSpringJUnit4ClassRunner

Solution Verified - Updated -

Issue

  • We have created a Camel project with a SOAP endpoint. This SOAP endpoint is secured using WS-Security which authenticates against FUSE's etc/users.properties file. This works well when tested using SoapUI.

  • We now want to create a unit test for this. We have created a sub class of CamelTestSupport which is annotated with @RunWith(CamelSpringJUnit4ClassRunner.class). This keeps failing because of failed logins though. The responses are the same as when an invalid username/password combination is sent in SoapUI. If we omit the SOAP header completely we again get the same response as with SoapUI.

  • If we disable security on the endpoint, the unit test works. It therefore appears that the Camel configuration is setup correctly with the CamelSpringJUnit4ClassRunner, except for any security settings.

  • The steps taken:
    Created file src/main/resources/META-INF/spring/beans.xml with the following security settings:

  <cxf:cxfEndpoint id="testEndpoint"
                   address="http://${cxf.host}:${cxf.port}/cxf/test"
                   endpointName="t:TestPort"
                   serviceName="t:TestService"
                   wsdlURL="wsdl/test.wsdl">

    <cxf:properties>
      <entry key="schema-validation-enabled" value="true" ></entry>
      <!-- for JAASLoginInterceptor to work, ws-security.validate.token needs to be set to false -->
      <entry key="ws-security.validate.token" value="false"></entry>
    </cxf:properties>

    <cxf:inInterceptors>
      <ref bean="wsSecurityInterceptor" ></ref>
      <ref bean="authenticationInterceptor" ></ref>
      <ref bean="authorizationInterceptor" ></ref>
    </cxf:inInterceptors>
  </cxf:cxfEndpoint>

  <bean id="wsSecurityInterceptor" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
    <property name="properties">
      <map>
        <entry key="action" value="UsernameToken" ></entry>
        <entry key="passwordType" value="PasswordText" ></entry>
      </map>
    </property>
  </bean>

  <bean id="authenticationInterceptor" class="org.apache.cxf.interceptor.security.JAASLoginInterceptor">
    <property name="contextName" value="karaf" ></property>
    <property name="roleClassifier" value="RolePrincipal"></property>
    <property name="roleClassifierType" value="classname"></property>
  </bean>

  <bean id="authorizationInterceptor" class="org.apache.cxf.interceptor.security.OperationInfoAuthorizingInterceptor">
    <property name="methodRolesMap">
      <map>
        <entry key="test" value="some_role" ></entry>
      </map>
    </property>
  </bean>

Environment

  • Red Hat JBoss Fuse
    • 6.x
  • Apache CXF
  • Apache Camel

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content