1 Reply Latest reply on Oct 1, 2013 9:53 AM by trohovsky

How to implement authentication in switchyard service with rest binding

elomas Aug 26, 2013 10:14 AM

I need implement a jboss switchyard bean service with client-authentication, but I need connect to service through resteasy.

How to implement the client?

I activated the security configuration, in the switchyard.xml

<domain>
   <handlers>
     <handler class="org.switchyard.handlers.MessageTrace" name="MessageTrace"/>
   </handlers>
   <securities>
   <security callbackHandler="org.switchyard.security.callback.handler.NamePasswordCallbackHandler" name="service-security" rolesAllowed="Admin" runAs="clientAuthentication" securityDomain="other"/>
   </securities>
</domain>

And in the bean service, i activated the client authentication.

<sca:component name="ServiceABean">
  <bean:implementation.bean class="com.example.service.impl.ServiceABean"/>
  <sca:service name="ServiceA" requires="clientAuthentication">
    <sca:interface.java interface="com.example.service.impl.ServiceA"/>
  </sca:service>
</sca:component>

This service it's binding with rest interface.

<sca:service name="ServiceA" promote="ServiceABean/ServiceA">
  <sca:interface.java interface="com.example.service.impl.ServiceA"/>
  <resteasy:binding.rest>
    <resteasy:contextMapper/>
    <resteasy:interfaces>com.example.rest.ServiceARest</resteasy:interfaces>
    <resteasy:contextPath>serviceA</resteasy:contextPath>
  </resteasy:binding.rest>
</sca:service>

When disabled the authentication of the client this service works, but when it´s activated not work.

The client code is:

public static void main(String... args) throws Exception {
    Credentials credentials = new UsernamePasswordCredentials("user","password");
    HttpClient httpClient = new HttpClient();
    httpClient.getState().setCredentials(AuthScope.ANY, credentials);
    httpClient.getParams().setAuthenticationPreemptive(true);
    ClientExecutor clientExecutor = new ApacheHttpClientExecutor(httpClient);
    ClientRequest request = new ClientRequest("http://localhost:8080/serviceA/miParam", clientExecutor);
    request.accept("application/json");
    ClientResponse<String> response = request.get(String.class);
    if (response.getStatus() != 200) {
        throw new RuntimeException(
                "Error: "+ response.getStatus());
    } else{
        System.out.println(response.getStatus());
    }
}

The error says: Required policies have not been provided: clientAuthentication

Message was edited by: Edison Lomas

1. Re: How to implement authentication in switchyard service with rest binding

trohovsky Oct 1, 2013 9:53 AM (in response to elomas)

Since you have overrided the default name of security element (which is "default") with "service-security", I guess you should add the attribute sy:security="service-security" to the component service ServiceA. Then it will correctly refer to the security element with that name. Or just remove name="service-security" form the security element. See doc: Security - SwitchYard - Project Documentation Editor
Actions