Service authentication

[Andreas Grünwald]

I want to access a tool connector via the EngSb Wiring service. When I access the service with

utilsService.getServiceWithId(domainInterface.getName(),domainEndpoints.get(0).getInstanceId());

an exception is thrown stating that the service needs authentication:
Caused by: org.openengsb.core.api.security.service.AccessDeniedException: no authentication was found in context
at org.openengsb.core.services.internal.security.SecurityInterceptor.invoke(SecurityInterceptor.java:54)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy79.getInstanceId(Unknown Source)

I am currently using the line <reference id="authenticationContext" interface="org.openengsb.core.api.security.AuthenticationContext" /> in the blueprint file. What else do I need to add?

The service can be called from any time so it does not belong to a Web interface and is executed detached from user interactions. 

Best regards,

Andreas

[Andreas Grünwald]

Hello,

can you please provide any help regarding this?

Meanwhile I made it to correctly call the service by initializing it via blueprint injection instead of using the wiring service. However, I have the next issue: Within the wired service I raise an event, and the event now has no identification context:

Caused by: org.openengsb.core.api.security.service.AccessDeniedException: no authentication was found in context

at org.openengsb.core.services.internal.security.SecurityInterceptor.invoke(SecurityInterceptor.java:54)

at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)

at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)

at $Proxy45.onEvent(Unknown Source)

at Proxy7cd6d776_59ae_4780_b6f3_5c51a25b2762.onEvent(Unknown Source)

at org.openengsb.core.workflow.drools.internal.WorkflowServiceImpl.processEvent(WorkflowServiceImpl.java:116)

at org.openengsb.core.workflow.drools.internal.ForwardHandler.forwardEvent(ForwardHandler.java:55)

at org.openengsb.core.workflow.drools.internal.ForwardHandler.handleInvoke(ForwardHandler.java:48)

at org.openengsb.core.common.AbstractOpenEngSBInvocationHandler.invoke(AbstractOpenEngSBInvocationHandler.java:55)

at $Proxy78.raiseInsertEvent(Unknown Source)

at Proxy1997634d_3b94_499b_a721_b1c5efe9faef.raiseInsertEvent(Unknown Source)

at org.cdlflex.itpm.synchronizer.SynchronizerServiceImpl.<init>(SynchronizerServiceImpl.java:86)

at org.cdlflex.itpm.synchronizer.SynchronizerServiceImpl.<init>(SynchronizerServiceImpl.java:61)

at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)[:1.7.0_07]

at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)[:1.7.0_07]

at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)[:1.7.0_07]

at java.lang.reflect.Constructor.newInstance(Constructor.java:525)[:1.7.0_07]

at org.apache.aries.blueprint.utils.ReflectionUtils.newInstance(ReflectionUtils.java:329)

at org.apache.aries.blueprint.container.BeanRecipe.newInstance(BeanRecipe.java:962)

at org.apache.aries.blueprint.container.BeanRecipe.getInstance(BeanRecipe.java:331)

Can you please provide information how authentification of services (standalone-components) can work?

Thanks in advance,

Andreas

[Michael Petritsch]

Hi,

have you called the method authenticationContext.login(username, password)?

br

> --
> You received this message because you are subscribed to the Google Groups
> "OpenEngSB user group" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to openengsb-use...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.

[Andreas Grünwald]

Hi,

no, not at all. I already considered it. But actually the component is running detached from user actions so the correct way would be to authenticate the service and not a particular user, correct?

I found something in the documentation (http://openengsb.org/manual/openengsb-manual/v2.0.2/html-single/openengsb-manual.html#d0e459) but as the documentation is not very up to date I was not sure how accurate this is.

Should I try with the login method?

Thank you very much meanwhile?

Best, Andreas

You received this message because you are subscribed to a topic in the Google Groups "OpenEngSB user group" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/openengsb-user/qkGWXYt-bbA/unsubscribe.
To unsubscribe from this group and all its topics, send an email to openengsb-use...@googlegroups.com.

For more options, visit https://groups.google.com/groups/opt_out.

--
Andreas Grünwald

Tel.: +43 650 77 82340

[Felix Mayerhuber]

Hi Andreas,

yes, try it with a login before. Even though your component is not
related to a specific user, the component has to perform some kind of
authentication. Otherwise the security mechanisms would have no sense,
right? : )

TBH I'm not that expert for the security in the OpenEngSB, but according
to the error message you got, the authentication should solve your problem.

Kind regards,
Felix

Am 2013-08-31 17:44, schrieb Andreas Gr�nwald:
> Hi,
> no, not at all. I already considered it. But actually the component is
> running detached from user actions so the correct way would be to
> authenticate the service and not a particular user, correct?
>
> I found something in the documentation (
> http://openengsb.org/manual/openengsb-manual/v2.0.2/html-single/openengsb-manual.html#d0e459)
> but as the documentation is not very up to date I was not sure how accurate
> this is.
>
> Should I try with the login method?
>
> Thank you very much meanwhile?
> Best, Andreas
>
>
> On Sat, Aug 31, 2013 at 12:49 PM, Michael Petritsch <
> michael....@gmail.com> wrote:
>
>> Hi,
>>
>> have you called the method authenticationContext.login(username, password)?
>>
>> br
>>

>> On Sat, Aug 31, 2013 at 11:33 AM, Andreas Gr�nwald <a.gr...@gmail.com>

[Andreas Grünwald]

Thanks, it seems to work ;-)

Regarding your question: Yes, some authentication should take place. However, I thought that there is also a way to authenticate as a service rather than as a user. Nevermind, as long as it works I don't care much about authentication. Thx for your reponse!

Andreas

On Saturday, August 31, 2013 6:01:46 PM UTC+2, Felix Mayerhuber wrote:

Hi Andreas,

yes, try it with a login before. Even though your component is not
related to a specific user, the component has to perform some kind of
authentication. Otherwise the security mechanisms would have no sense,
right? : )

TBH I'm not that expert for the security in the OpenEngSB, but according
to the error message you got, the authentication should solve your problem.

Kind regards,
Felix

Am 2013-08-31 17:44, schrieb Andreas Gr�nwald:
> Hi,
> no, not at all. I already considered it. But actually the component is
> running detached from user actions so the correct way would be to
> authenticate the service and not a particular user, correct?
>
> I found something in the documentation (
> http://openengsb.org/manual/openengsb-manual/v2.0.2/html-single/openengsb-manual.html#d0e459)
> but as the documentation is not very up to date I was not sure how accurate
> this is.
>
> Should I try with the login method?
>
> Thank you very much meanwhile?
> Best, Andreas
>
>
> On Sat, Aug 31, 2013 at 12:49 PM, Michael Petritsch <
> michael....@gmail.com> wrote:
>
>> Hi,
>>
>> have you called the method authenticationContext.login(username, password)?
>>
>> br
>>

>> On Sat, Aug 31, 2013 at 11:33 AM, Andreas Gr�nwald <a.gr...@gmail.com>