14 Replies Latest reply on Sep 2, 2012 8:38 PM by ffang

Unable to deploy bundle which uses spring security

sandeep16 Aug 28, 2012 2:12 PM

I am trying to deploy a bundle which basically uses spring security inside a rest web service...

I installed camel-spring-security feature on the cloud container

which is suppose to pull spring security core and spring security config functionality..

I can see spring core in the bundles installed list but I dont see spring security config in the bundles list..

When I deploy the bundle I see the error:

Unable to locate Spring NamespaceHandler for XML schema namespace http://www.springframework.org/schema/security

I have attached my beans config file camel-context.xml/

Edited by: sandeep16 on Aug 28, 2012 6:12 PM

camel-context.xml 3.8 KB

1. Re: Unable to deploy bundle which uses spring security

stlewis Aug 28, 2012 2:20 PM (in response to sandeep16)
Might make sense to create a features.xml for your bundle and explicitly add camel-spring and camel-spring-security as dependent features to be installed. I would guess that refreshing your bundle after the provisioning agent has finished installing everything should make it work, the thing is that there's no relationship between features and bundles in a profile, so if you have a bundle that relies on certain features to be available to work, then it's better to create a feature repository for your bundle and specify the dependent features for your bundle in there, for example:

<feature name="ping-sender" version="1.0" resolver="(obr)"> <feature>mq-fabric</feature> <feature>camel-core</feature> <feature>camel-blueprint</feature> <feature>camel-activemq</feature> <bundle>mvn:org.fusesource.examples.ping/ping-sender/1.0</bundle> </feature>

That way the provisioning agent knows to install mq-fabric, camel-core etc before installing the ping-sender bundle...

(ps sorry about the code formatting, it looked alright in the preview panel, honest!)

Edited by: slewis on Aug 28, 2012 2:20 PM
Actions
2. Re: Unable to deploy bundle which uses spring security

sandeep16 Aug 28, 2012 4:16 PM (in response to stlewis)

thanks..I manually installed all the requried bundles..but now finally I am seeinng this error:
do you know what is causing this problem?
2012-08-28 20:11:58,688 | ERROR | ExtenderThread-2 | ContextLoaderListener | 103 - org.springframework.osgi.extender - 1.2.1 | Application context refresh failed (OsgiBundleXmlApplicationContext(bundle=camel-spring-dm, config=osgibundle:/META-INF/spring/*.xml))
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChain#0' while setting bean property 'sourceList' with key ; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#0': Cannot resolve reference to bean 'org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#0' while setting constructor argument with key ; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#0': Cannot resolve reference to bean 'org.springframework.security.authentication.ProviderManager#0' while setting bean property 'authenticationManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authentication.ProviderManager#0': Cannot resolve reference to bean 'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#0' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#0': Initialization of bean failed; nested exception is org.aspectj.weaver.reflect.ReflectionWorld$ReflectionWorldException: warning can't determine implemented interfaces of missing type org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
Actions
3. Re: Unable to deploy bundle which uses spring security

stlewis Aug 28, 2012 4:32 PM (in response to sandeep16)

Kinda looks like you could have a missing import there from the exception, seems like aspectj is hitting some problem while weaving one of the classes.

Might be good to get it working in a standalone ESB instance with DynamicImport-Package set to * and ensure you have all the imports for the bundle set up.
Actions
4. Re: Unable to deploy bundle which uses spring security

sandeep16 Aug 28, 2012 4:37 PM (in response to stlewis)

okay..

more stacktrace for your information:
Caused by: org.aspectj.weaver.reflect.ReflectionWorld$ReflectionWorldException: warning can't determine implemented interfaces of missing type org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
Xlint:cantFindType
        at org.aspectj.weaver.reflect.ReflectionWorld$ExceptionBasedMessageHandler.handleMessage(ReflectionWorld.java:164)[232:com.springsource.org.aspectj.weaver:1.6.2.RELEASE]
        at org.aspectj.weaver.Lint$Kind.signal(Lint.java:293)[232:com.springsource.org.aspectj.weaver:1.6.2.RELEASE]
        at org.aspectj.weaver.MissingResolvedTypeWithKnownSignature.raiseCantFindType(MissingResolvedTypeWithKnownSignature.java:198)[232:com.springsource.org.aspectj.weaver:1.6.2.RELEASE]
        at org.aspectj.weaver.MissingResolvedTypeWithKnownSignature.getDeclaredInterfaces(MissingResolvedTypeWithKnownSignature.java:76)[232:com.springsource.org.aspectj.weaver:1.6.2.RELEASE]
        at org.aspectj.weaver.ResolvedType.getDirectSupertypes(ResolvedType.java:70)[232:com.springsource.org.aspectj.weaver:1.6.2.RELEASE]
        at org.aspectj.weaver.JoinPointSignatureIterator.findSignaturesFromSupertypes(JoinPointSignatureIterator.java:164)[232:com.springsource.org.aspectj.weaver:1.6.2.RELEASE]
        at org.aspectj.weaver.JoinPointSignatureIterator.hasNext(JoinPointSignatureIterator.java:69)[232:com.springsource.org.aspectj.weaver:1.6.2.RELEASE]
        at org.aspectj.weaver.patterns.SignaturePattern.matches(SignaturePattern.java:298)[232:com.springsource.org.aspectj.weaver:1.6.2.RELEASE]
        at org.aspectj.weaver.patterns.KindedPointcut.matchInternal(KindedPointcut.java:106)[232:com.springsource.org.aspectj.weaver:1.6.2.RELEASE]
        at org.aspectj.weaver.patterns.Pointcut.match(Pointcut.java:146)[232:com.springsource.org.aspectj.weaver:1.6.2.RELEASE]
Actions
5. Re: Unable to deploy bundle which uses spring security

sandeep16 Aug 28, 2012 6:30 PM (in response to sandeep16)

I have tried this in standalone instance..and getting exactly same error...

if anybody has idea about what is causing this problem, let me know
Actions
6. Re: Unable to deploy bundle which uses spring security

ffang Aug 28, 2012 8:28 PM (in response to sandeep16)

Hi,

I suspect somehow the spring-security-config bundle not get installed in your OSGi container.

Could you please post the result of
la|grep "Spring"

Do you have a bundle looks like
Spring Security Namespace Configuration (3.0.5.RELEASE)

Freeman
Actions
7. Re: Unable to deploy bundle which uses spring security

sandeep16 Aug 28, 2012 8:39 PM (in response to ffang)

It was not installed by default but I installed it manually..

It does say spring namespace config service

I also had to install aspectj runtime and weaver manually
version 1.6.2

I wasn't sure about if we already have aspectj feature in fuse

Let me know if this is an issue..
Actions
8. Re: Unable to deploy bundle which uses spring security

ffang Aug 28, 2012 9:28 PM (in response to sandeep16)

Hi,

This should be fine.
Don't use features to install bundles means if some optional package is available, it can't cause bundle refresh automatically.

So another thing you can check is that
Spring Security Core bundle import aspectj package as optional like
org.aspectj.lang;resolution:=optional;version="[1.6.0, 1.7.0)",
org.aspectj.lang.reflect;resolution:=optional;version="[1.6.0, 1.7.0)",

you can use
osgi:headers Spring_Security_Core_Bundle_ID
to see if those optional import is really resolved,
if it's not resolved, it is in RED color.
As you already installed aspectj bundle, you can use
osgi:refresh Spring_Security_Core_Bundle_ID
to pick up the optional import package.

Freeman

Edited by: ffang on Aug 29, 2012 1:27 AM
Actions
9. Re: Unable to deploy bundle which uses spring security

sandeep16 Aug 29, 2012 9:11 AM (in response to ffang)

I executed headers command for spring security core and I see below are NOT in red:

org.aspectj.lang;resolution:=optional;version="[1.6.0, 1.7.0)",
        org.aspectj.lang.reflect;resolution:=optional;version="[1.6.0, 1.7.0)",
                resolution:=optional;
                resolution:=optional;
                resolution:=optional;
                resolution:=optional;
                resolution:=optional;
                resolution:=optional;
                resolution:=optional;
                resolution:=optional;
                resolution:=optional;

The output of la | grep sprinng is:

Apache Karaf :: Deployer :: Spring (2.2.5.fuse-7-061)
Spring Expression Language (3.0.7.RELEASE)
spring-osgi-extender (1.2.1)
Spring Beans (3.0.7.RELEASE)
spring-osgi-annotation (1.2.1)
spring-osgi-io (1.2.1)
Spring Context (3.0.7.RELEASE)
Spring Web Servlet (3.0.7.RELEASE)
Spring ASM (3.0.7.RELEASE)
Spring Web (3.0.7.RELEASE)
Spring Transaction (3.0.7.RELEASE)
spring-osgi-core (1.2.1)
Spring JMS (3.0.7.RELEASE)
Spring Context Support (3.0.7.RELEASE)
Spring AOP (3.0.7.RELEASE)
Spring Core (3.0.7.RELEASE)
camel-spring (2.9.0.fuse-7-061)
camel-spring-security (2.9.0.fuse-7-061)
Spring Security Core (3.1.0.RELEASE)
Spring Security Web (3.1.0.RELEASE)
Spring Security Namespace Configuration (3.1.0.RELEASE)
A Camel Spring-DM Route (1.0.0.SNAPSHOT)

Edited by: sandeep16 on Aug 29, 2012 1:10 PM
Actions
10. Re: Unable to deploy bundle which uses spring security

sandeep16 Aug 30, 2012 12:56 PM (in response to sandeep16)

any feedback/input from anybody?

I am still struggling with this issue.
Actions
11. Re: Unable to deploy bundle which uses spring security

stlewis Aug 30, 2012 1:16 PM (in response to sandeep16)

Maybe try running "dev:dynamic-import 237" to see if there's some other package your bundle needs to be able to see that we're missing.
Actions
12. Re: Unable to deploy bundle which uses spring security

sandeep16 Aug 30, 2012 4:49 PM (in response to stlewis)

thanks.. that let me install my rest service..

but when I call it, system complains about authentication obejct not found..
I am sending authorization header along with it..do you know if my authorization header is somehow inntercepted by fuse container..do I need some additional configuration

Caused by: org.springframework.security.authentication.AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext
        at org.springframework.security.access.intercept.AbstractSecurityInterceptor.credentialsNotFound(AbstractSecurityInterceptor.java:327)[144:org.springframework.security.core:3.1.0.RELEASE]
        at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:197)[144:org.springframework.security.core:3.1.0.RELEASE]
        at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:59)[144:org.springframework.security.core:3.1.0.RELEASE]
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)[131:org.springframework.aop:3.0.7.RELEASE]
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)[131:org.springframework.aop:3.0.7.RELEASE]
        at $Proxy48.getCustomer(Unknown Source)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.6.0_27]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[:1.6.0_27]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0_27]
        at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0_27]
        at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:173)[120:org.apache.cxf.bundle:2.5.0.fuse-70-084]
        at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:89)[120:org.apache.cxf.bundle:2.5.0.fuse-70-084]
Actions
13. Re: Unable to deploy bundle which uses spring security

sandeep16 Aug 31, 2012 10:23 AM (in response to sandeep16)

after further investigation, this is what I have figured out:

the exception can be because of the reason that authentication object is not getting created because I don;t have any security filter chain setup which usually exists in web.xml..

Something like this:

Now if I want to set it up in spring bean or programmatically, is it possible?
Actions
14. Re: Unable to deploy bundle which uses spring security

ffang Sep 2, 2012 8:38 PM (in response to sandeep16)

Hi,

I think it's possible, but not easy.

I assume your rest web service is based on CXF implementation and you're using http-osgi transport.

Than you can use a customer activator where you can grab the org.osgi.service.http.HttpService then inject a customer org.osgi.service.http.HttpContext, in this HttpContext you can delegate security question to a filterchain, where your spring security can kick in, take a look at to get more details about how this custom HttpContext is used.
https://josh.media.berkeley.edu/?p=61

Freeman
Actions

Go to original post