I have a Camel application which using camel-restlet for web service calls.
now I want to add ldap authentication for restlet calls. tried couple of
options with camel-restlet realm, LdapVerifier using
ChallengeAuthenticator. can not make it work! need help? Thanks
I am able to add LDAP authentication to restlet by using LDAP SecretVerifer.
but if the restlet call is wrapped by Camel route (using
org.apache.camel.component.restlet.MethodBasedRoute). The SecretVerifer did
not triggered.
Here are some codes and config:
web.xml:
<servlet>
<servlet-name>RestletServlet</servlet-name>
<servlet-class>org.restlet.ext.spring.SpringServerServlet</servlet-class>
<init-param>
<param-name>org.restlet.component</param-name>
<param-value>RestletComponent</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>RestletServlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
CamelContext.xml
<bean id="RestletComponent" class="org.restlet.Component">
<property name="defaultHost" ref="defaultHost" />
</bean>
<bean id="challengeAuthenticator"
class="org.restlet.security.ChallengeAuthenticator">
<constructor-arg><null /></constructor-arg>
<constructor-arg value="#{
T(org.restlet.data.ChallengeScheme).HTTP_BASIC }" />
<constructor-arg value="restletRealm" />
<property name="verifier" ref="ldapVerifer" />
<property name="next" ref="application" />
</bean>
<bean id="defaultHost" class="org.restlet.ext.spring.SpringHost">
<constructor-arg ref="RestletComponent" />
<property name="defaultAttachment" ref="challengeAuthenticator" />
</bean>
<bean id="application" class="org.restlet.Application">
<property name="inboundRoot" ref="router" />
</bean>
<bean id="router" class="org.restlet.ext.spring.SpringRouter">
<property name="attachments">
<map>
<entry key="/user/{name}">
<bean class="org.restlet.ext.spring.SpringFinder">
<lookup-method name="create" bean="userServerResource"
/>
</bean>
</entry>
</map>
</property>
</bean>
<bean id="RestletComponentService"
class="org.apache.camel.component.restlet.RestletComponent">
<constructor-arg ref="RestletComponent" />
</bean>
LdapVerifer.java
@Service(value="ldapVerifer")
public class LdapVerifer extends SecretVerifier {
@Autowired
private AuthenticationManager authenticationManager;
private static final Logger logger = LoggerFactory
.getLogger(LdapVerifer.class);
@Override
public int verify(String userName, char[] password)
logger.debug("Start authenticating login user : " + userName);
long startTime = System.currentTimeMillis();
StringBuffer pd = new StringBuffer();
for(int i = 0; i < password.length; i++){
pd.append(password[i]);
try {
Authentication authenticate =
authenticationManager.authenticate(new
UsernamePasswordAuthenticationToken(userName, pd.toString()));
if (authenticate.isAuthenticated())
SecurityContextHolder.getContext().setAuthentication(authenticate);
long endTime = System.currentTimeMillis();
logger.debug ("Authentication for login user " + userName + "
succeed. the process time is: " + (endTime - startTime) + "
milliseconds");
return RESULT_VALID;
catch (AuthenticationException e)
logger.error("Failed to authenticate login user: " + userName, e);
return RESULT_VALID;
Here is the output for restlet routings:
Jul 23, 2014 10:05:44 AM org.apache.catalina.core.ApplicationContext log
INFO: RestletServlet: [Restlet] Attaching restlet:
org.restlet.security.ChallengeAuthenticator [ at ] 1ee53046 to URI: /medbus
Jul 23, 2014 10:05:44 AM org.apache.catalina.core.ApplicationContext log
INFO: RestletServlet: [Restlet] Attaching restlet:
org.apache.camel.component.restlet.MethodBasedRouter [ at ] 6f52bffd to URI:
/medbus/wf/query/{id}/{includeResult}
Jul 23, 2014 10:05:44 AM org.apache.catalina.core.ApplicationContext log
INFO: RestletServlet: [Restlet] Attaching restlet:
org.apache.camel.component.restlet.MethodBasedRouter [ at ] 681b8815 to URI:
/medbus/wf/query
Jul 23, 2014 10:05:44 AM org.apache.catalina.core.ApplicationContext log
INFO: RestletServlet: [Restlet] Attaching restlet:
org.apache.camel.component.restlet.MethodBasedRouter [ at ] 34717fcf to URI:
/medbus/wf/reprocess/{id}
if you access URI not in camel routes, the Ldap authentication was kicked
in, but if you access the URI in the camel routes. ldap authentication was
not triggered at all .
for example, if you call /medbus/user/name, it works fine, but if you
call/medbus/wf/query, no authentication.
Thanks in advance!
now I want to add ldap authentication for restlet calls. tried couple of
options with camel-restlet realm, LdapVerifier using
ChallengeAuthenticator. can not make it work! need help? Thanks
I am able to add LDAP authentication to restlet by using LDAP SecretVerifer.
but if the restlet call is wrapped by Camel route (using
org.apache.camel.component.restlet.MethodBasedRoute). The SecretVerifer did
not triggered.
Here are some codes and config:
web.xml:
<servlet>
<servlet-name>RestletServlet</servlet-name>
<servlet-class>org.restlet.ext.spring.SpringServerServlet</servlet-class>
<init-param>
<param-name>org.restlet.component</param-name>
<param-value>RestletComponent</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>RestletServlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
CamelContext.xml
<bean id="RestletComponent" class="org.restlet.Component">
<property name="defaultHost" ref="defaultHost" />
</bean>
<bean id="challengeAuthenticator"
class="org.restlet.security.ChallengeAuthenticator">
<constructor-arg><null /></constructor-arg>
<constructor-arg value="#{
T(org.restlet.data.ChallengeScheme).HTTP_BASIC }" />
<constructor-arg value="restletRealm" />
<property name="verifier" ref="ldapVerifer" />
<property name="next" ref="application" />
</bean>
<bean id="defaultHost" class="org.restlet.ext.spring.SpringHost">
<constructor-arg ref="RestletComponent" />
<property name="defaultAttachment" ref="challengeAuthenticator" />
</bean>
<bean id="application" class="org.restlet.Application">
<property name="inboundRoot" ref="router" />
</bean>
<bean id="router" class="org.restlet.ext.spring.SpringRouter">
<property name="attachments">
<map>
<entry key="/user/{name}">
<bean class="org.restlet.ext.spring.SpringFinder">
<lookup-method name="create" bean="userServerResource"
/>
</bean>
</entry>
</map>
</property>
</bean>
<bean id="RestletComponentService"
class="org.apache.camel.component.restlet.RestletComponent">
<constructor-arg ref="RestletComponent" />
</bean>
LdapVerifer.java
@Service(value="ldapVerifer")
public class LdapVerifer extends SecretVerifier {
@Autowired
private AuthenticationManager authenticationManager;
private static final Logger logger = LoggerFactory
.getLogger(LdapVerifer.class);
@Override
public int verify(String userName, char[] password)
logger.debug("Start authenticating login user : " + userName);
long startTime = System.currentTimeMillis();
StringBuffer pd = new StringBuffer();
for(int i = 0; i < password.length; i++){
pd.append(password[i]);
try {
Authentication authenticate =
authenticationManager.authenticate(new
UsernamePasswordAuthenticationToken(userName, pd.toString()));
if (authenticate.isAuthenticated())
SecurityContextHolder.getContext().setAuthentication(authenticate);
long endTime = System.currentTimeMillis();
logger.debug ("Authentication for login user " + userName + "
succeed. the process time is: " + (endTime - startTime) + "
milliseconds");
return RESULT_VALID;
catch (AuthenticationException e)
logger.error("Failed to authenticate login user: " + userName, e);
return RESULT_VALID;
Here is the output for restlet routings:
Jul 23, 2014 10:05:44 AM org.apache.catalina.core.ApplicationContext log
INFO: RestletServlet: [Restlet] Attaching restlet:
org.restlet.security.ChallengeAuthenticator [ at ] 1ee53046 to URI: /medbus
Jul 23, 2014 10:05:44 AM org.apache.catalina.core.ApplicationContext log
INFO: RestletServlet: [Restlet] Attaching restlet:
org.apache.camel.component.restlet.MethodBasedRouter [ at ] 6f52bffd to URI:
/medbus/wf/query/{id}/{includeResult}
Jul 23, 2014 10:05:44 AM org.apache.catalina.core.ApplicationContext log
INFO: RestletServlet: [Restlet] Attaching restlet:
org.apache.camel.component.restlet.MethodBasedRouter [ at ] 681b8815 to URI:
/medbus/wf/query
Jul 23, 2014 10:05:44 AM org.apache.catalina.core.ApplicationContext log
INFO: RestletServlet: [Restlet] Attaching restlet:
org.apache.camel.component.restlet.MethodBasedRouter [ at ] 34717fcf to URI:
/medbus/wf/reprocess/{id}
if you access URI not in camel routes, the Ldap authentication was kicked
in, but if you access the URI in the camel routes. ldap authentication was
not triggered at all .
for example, if you call /medbus/user/name, it works fine, but if you
call/medbus/wf/query, no authentication.
Thanks in advance!