4 Replies Latest reply on Sep 25, 2013 6:08 AM by radomir.kadlec

cxfbc:provider looses authenticated principals

radomir.kadlec Dec 13, 2012 8:25 AM

Hello

it seems, that calling some cxfbc:provider from some compound webservice causes loosing of authenticated principals.

The scenario is:

1. Request is consumed through cxfbc:consumer.

2. The user from WS-Security header is authenticated in jaas, the principals are created.

I can see this principals in the auditing file (user and role principals).

3. The client calls eip:static-routing-slip pattern, that contains more camel endpoints calls and one cxfbc:provider call between them.

4. Every endpoint call is audited and the audit file contains all of the principals.

5. But after returning from the cxfbc:provider the static-routing-slip calls another camel endpoint. In this moments contains the audit file no principals more and the call of the camel endpoint causes an authorisation exception.

Why is it so?

What can I do to not loose the principals after calling some external webservice through cxfbc:provider?

I use apache-servicemix-4.4.1-fuse-07-11 with osgi deployment.

Thank your

Radomir Kadlec

Edited by: kadlec on Dec 13, 2012 1:20 PM

1. Re: cxfbc:provider looses authenticated principals

davsclaus Dec 15, 2012 4:29 AM (in response to radomir.kadlec)

Hi

Btw are you use you must use the cxfbc:provider JBI component? JBI is dead/legacy. So its only recommended if already in use. For new projects its not recommended to use JBI.

You can use Apache Camel / CXF instead of JBI.
Actions
2. Re: cxfbc:provider looses authenticated principals

radomir.kadlec Dec 17, 2012 2:35 AM (in response to davsclaus)

Hi,
why shall JBI be legacy?
It is a standard and used in many ESBs.
I decided me for Apache Servicemix because it implements JBI container.
Why to use some proprietary framework instead of components with standard interface?
In my project I use JBI components and Camel together.
Is it bad so? Do you mean, I shall use only Camel endpoints instead?
Radomir Kadlec
Actions
3. Re: cxfbc:provider looses authenticated principals

davsclaus Dec 17, 2012 3:17 AM (in response to radomir.kadlec)

Yes JBI is dead. There will not be a JBI 2.0 spec.

The lead on Apache ServiceMix wrote this blog post with his thoughts about JBI and its future
http://gnodet.blogspot.se/2010/12/thoughts-about-servicemix.html

There is not many ESB thats support JBI. And nor will any more in the future do so.
Actions
4. Re: cxfbc:provider looses authenticated principals

radomir.kadlec Sep 25, 2013 6:08 AM (in response to davsclaus)

Thank You,
I created my routing fully in Camel now.
Radomir
Actions

Go to original post