2 Replies Latest reply on May 23, 2014 7:52 AM by Borislav Roussanov

    Disable authentication in jboss fuse / fabric8

    Borislav Roussanov Newbie


      I've implemented an WOPI Server offering REST services for storing and retrieving of office documents based on cxf as an osgi bundle and daployed it in a fabric (fabric8-karaf-1.1.0.Beta6). While I can call the services from the browser without any problems I get this authentication exception when a WOPI Client (Office Web App Server) calls them:


      Screen Shot 2014-05-22 at 20.37.14.png


      I'd like to know how to properly disable the authentication of the services. Are the http requests blocked from jetty, cxf or karaf? How can I safety remove the jaas module from a fabric while testing? The Wopi Client can not initiate an jaas authentication because of the WOPI Protocol that describes how both parties have to talk with each other.




        • 1. Re: Disable authentication in jboss fuse / fabric8
          Freeman(Yue) Fang Master



          The authentication can come from jetty and cxf configuration, both delegate to karaf realm.

          What's the configuration of your REST service? Do you add something like authenticationFilter for it? If not, you can try to edit

          etc/jetty.xml, remove


          <Call name="addBean">


                      <New class="org.eclipse.jetty.plus.jaas.JAASLoginService">

                          <Set name="name">karaf</Set>

                          <Set name="loginModuleName">karaf</Set>

                          <Set name="roleClassNames">

                              <Array type="java.lang.String">










          NOTE: we don't suggest this and this is only for your test purpose



          • 2. Re: Disable authentication in jboss fuse / fabric8
            Borislav Roussanov Newbie

            Thank you Freeman, it now works.