I need to pass the security credentials (using acegisecurity) from one
endpoint to another. I have tried the following configuration on my
endpoints in the mule-config file:
synchronous="true"
remoteSync="true"
connector-ref="syncVm"
This is the partial stack trace I get when trying to call the second
endpoint -
Exception stack is:
1. An Authentication object was not found in the SecurityContext
(org.acegisecurity.AuthenticationCredentialsNotFoundException)
org.acegisecurity.intercept.AbstractSecurityInterceptor:375 (null)
2. Component that caused exception is: test2Service. Message payload is of
type: String (org.mule.api.service.ServiceException)
org.mule.component.DefaultLifecycleAdapter:214
(http://mule.mulesource.org/docs/apidocs/org/mule/api/service/ServiceException.html)
********************************************************************************
Root Exception stack trace:
org.acegisecurity.AuthenticationCredentialsNotFoundException: An
Authentication object was not found in the SecurityContext
at
org.acegisecurity.intercept.AbstractSecurityInterceptor.credentialsNotFound(AbstractSecurityInterceptor.java:375)
at
org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:288)
at
org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:63)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy25.onCall(Unknown Source)
Has someone found (or built) a good example to accomplish this? Any help
would be greatly appreciated.
Thanks ...
--
View this message in context: http://www.nabble.com/Passing-credentials-from-two-endpoints---Mule-2.x-tp19464785p19464785.html
Sent from the Mule - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe from this list, please visit:
http://xircles.codehaus.org/manage_email
If you could post your configuration, that would be very helpful. This could
be a mis-configured security manager, for example.
It sounds like the right authentication object is not available in your
first service - are you authenticating in any way?
A
Antoine Borg, Senior Consultant | Tel: +32 28 504 696
ricston Ltd., BP 2, 1180 Uccle, Brussels, BELGIUM
email: antoin...@ricston.com | blog: blog.ricston.com | web: ricston.com
Yes, I am authenticating with LDAP by passing the mule user property (
MuleCredentials.createHeader(userid, pwd) ) when the message is sent (
dispatcher.sendRemote() )
Here is more detail of what I am trying to do -
I can call the service esbUserLdapService (with authentication) by itself.
What I am trying next is to call the service esbMuleRequestService (which
works) and then have that call the service esbUserLdapService as an
outbound-endpoint. That is where the error is occurring (outbound-endpoint).
Attached are my mule-config.xml and security-config.xml
http://www.nabble.com/file/p19497851/esb-config.xml esb-config.xml
http://www.nabble.com/file/p19497851/esb-security.xml esb-security.xml
Thanks,
Jeff
antoine.borg wrote:
>
> Hi,
>
> If you could post your configuration, that would be very helpful. This
> could
> be a mis-configured security manager, for example.
>
> It sounds like the right authentication object is not available in your
> first service - are you authenticating in any way?
>
> A
>
>
> Antoine Borg, Senior Consultant | Tel: +32 28 504 696
> ricston Ltd., BP 2, 1180 Uccle, Brussels, BELGIUM
> email: antoin...@ricston.com | blog: blog.ricston.com | web:
> ricston.com
>
> -----Original Message-----
> From: 67chevelle [mailto:jne...@rich-software.com]
> Sent: Friday, September 12, 2008 11:56 PM
> To: us...@mule.codehaus.org
> Subject: [mule-user] Passing credentials from two endpoints - Mule 2.x
>
>
> Hello,
>
> I need to pass the security credentials (using acegisecurity) from one
> endpoint to another. I have tried the following configuration on my
> endpoints in the mule-config file:
>
> synchronous="true"
> remoteSync="true"
> connector-ref="syncVm"
>
> This is the partial stack trace I get when trying to call the second
> endpoint -
>
> Exception stack is:
> 1. An Authentication object was not found in the SecurityContext
> (org.acegisecurity.AuthenticationCredentialsNotFoundException)
> org.acegisecurity.intercept.AbstractSecurityInterceptor:375 (null) 2.
> Component that caused exception is: test2Service. Message payload is of
> type: String (org.mule.api.service.ServiceException)
> org.mule.component.DefaultLifecycleAdapter:214
> (http://mule.mulesource.org/docs/apidocs/org/mule/api/service/ServiceExcepti
> on.html)
> ****************************************************************************
> ****
> Root Exception stack trace:
> org.acegisecurity.AuthenticationCredentialsNotFoundException: An
> Authentication object was not found in the SecurityContext
> at
> org.acegisecurity.intercept.AbstractSecurityInterceptor.credentialsNotFound(
> AbstractSecurityInterceptor.java:375)
> at
> org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(Abs
> tractSecurityInterceptor.java:288)
> at
> org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.inv
> oke(MethodSecurityInterceptor.java:63)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(Reflect
> iveMethodInvocation.java:171)
> at
> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopPro
> xy.java:204)
> at $Proxy25.onCall(Unknown Source)
>
>
> Has someone found (or built) a good example to accomplish this? Any help
> would be greatly appreciated.
>
> Thanks ...
> --
> View this message in context:
> http://www.nabble.com/Passing-credentials-from-two-endpoints---Mule-2.x-tp19
> 464785p19464785.html
> Sent from the Mule - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
> http://xircles.codehaus.org/manage_email
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
> http://xircles.codehaus.org/manage_email
>
>
>
>
--
View this message in context: http://www.nabble.com/Passing-credentials-from-two-endpoints---Mule-2.x-tp19464785p19497851.html
You mention dispatcher.sendRemote() ... Does this mean that you're
authenticating in a different application? Could it be that the Mule
instance would not have done any authentication until you try to call
esbUserLdapService?
I have a webapp that is calling out to some services in Mule. The webapp
user is authenticated separately and correctly sets the MULE_USER_PROPERTY
for the original endpoint (so Mule can protect its services). It's the fact
that the handoff from one endpoint to the next loses the authentication
info.
Thanks,
Jeff
antoine.borg wrote:
>
> Hello,
>
> You mention dispatcher.sendRemote() ... Does this mean that you're
> authenticating in a different application? Could it be that the Mule
> instance would not have done any authentication until you try to call
> esbUserLdapService?
>
> A
>
>
> Antoine Borg, Senior Consultant | Tel: +32 28 504 696
> ricston Ltd., BP 2, 1180 Uccle, Brussels, BELGIUM
> email: antoin...@ricston.com | blog: blog.ricston.com | web:
> ricston.com
>
> -----Original Message-----
> From: 67chevelle [mailto:jne...@rich-software.com]
> Sent: Monday, September 15, 2008 7:53 PM
> To: us...@mule.codehaus.org
>> (http://mule.mulesource.org/docs/apidocs/org/mule/api/service/ServiceE
>> xcepti
>> on.html)
>> **********************************************************************
>> ******
>> ****
>> Root Exception stack trace:
>> org.acegisecurity.AuthenticationCredentialsNotFoundException: An
>> Authentication object was not found in the SecurityContext
>> at
>> org.acegisecurity.intercept.AbstractSecurityInterceptor.credentialsNot
>> Found(
>> AbstractSecurityInterceptor.java:375)
>> at
>> org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocati
>> on(Abs
>> tractSecurityInterceptor.java:288)
>> at
>> org.acegisecurity.intercept.method.aopalliance.MethodSecurityIntercept
>> or.inv
>> oke(MethodSecurityInterceptor.java:63)
>> at
>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(R
>> eflect
>> iveMethodInvocation.java:171)
>> at
>> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamic
>> AopPro
--
View this message in context: http://www.nabble.com/Passing-credentials-from-two-endpoints---Mule-2.x-tp19464785p19513531.html
I stand to be corrected on this one ... But, I believe that setting the
properties is not enough. I think Mule needs to perform the necessary
authentication.
HTH