Basic Authentication in Apache Karaf

Question

I have an OSGi bundle which is deployed into Apache Karaf 2.2.8. In this bundle I am using CXF and Camel routes. I written a CXF interceptor which does the basic authentication: takes all existing users from database and does validation.

The problem is when the method handleMessage is called, the AuthorizationPolicy object is null. It does not provides any credentials. Here is my code:

@Override
public void handleMessage(Message message)
        throws Fault {
        AuthorizationPolicy policy = message.get(AuthorizationPolicy.class);
    if (users == null) {
        setLastAccessedTime(Calendar.getInstance());
    }
    if (!wasRecentlyAccessed()) {
        users = this.loadUsers();
        setLastAccessedTime(Calendar.getInstance());
    }
    for (String user : users.values()) {
        LOGGER.debug("Existing user: " + user);
    }
    if (policy == null) {
        LOGGER.error("User attempted to log in with no credentials");
        sendErrorResponse(message, HttpURLConnection.HTTP_UNAUTHORIZED);
        return;
    }
    String password = users.get(policy.getUserName());
    if (password == null || !policy.getPassword().equals(password)) {
        LOGGER.error("Invalid login authentication for user: " + policy.getUserName());
        sendErrorResponse(message, HttpURLConnection.HTTP_FORBIDDEN);            
    }
}

Is there anyway I can set up the basic authentication parameters in Karaf for the specific endpoint? Is there is some kind of configuration file or something? I can not find anything on the internet...

Answer 1

Take a look here: https://access.redhat.com/documentation/en-US/Fuse_ESB_Enterprise/7.1/html/Security_Guide/files/CamelJetty-BasicAuth.html

It is explained very clear how to make basic authentication work with Apache Karaf and Camel Jetty. Later you can use it on every bundle deployed in your Apache Karaf.