powered by Jive Software

Custom authentication filter - REST API


#1

Hello !

I have been working with Openfire and the restAPI since about a month. So i am not comfortable with everything yet.

The plugin is working correctly but i would like to add a custom authentication filter (“Custom authentication filter classname - REST API authentication delegates to a custom filter implemented in some other plugin.” on the admin console). I have taken for example the AuthFilter allready existing in the plugin and written my own CustomAuthFilter and exported it to .jar.
I have tried to put it into :

  • $\Openfire\lib
  • $\Openfire\plugins\restapi\lib

but it seems “No custom auth filter found for restAPI plugin with name …” (error message from the admin console when i try to save changes).

I have looked the doc about restAPI but there’s nothing about custom authentication filter and i don’t know where to put my customAuthFilter so it is found by the JerseyWrapper.

(this is the part of the code where the error is caught) :

       try {
            if(customAuthFilterClassName != null) {
                Class.forName(customAuthFilterClassName, false, JerseyWrapper.class.getClassLoader());
                loadingStatusMessage = null;
            }
        } catch (ClassNotFoundException e) {
            loadingStatusMessage = "No custom auth filter found for restAPI plugin with name " + customAuthFilterClassName;
        }

I would appreciate some help with that :slight_smile:

Thank you for reading.


#2

Hello again,

I found that you have to put the .jar file into the $\Openfire\lib directory and you have to restart the server so the custom auth filter is found by the jerseywrapper.
When i save changes on the plugin properties page from the admin console, i get this error :

Exception:
java.lang.NoClassDefFoundError: com/sun/jersey/spi/container/ContainerRequestFilter

	at java.lang.ClassLoader.defineClass1(Native Method)

	at java.lang.ClassLoader.defineClass(Unknown Source)

	at java.security.SecureClassLoader.defineClass(Unknown Source)

	at java.net.URLClassLoader.defineClass(Unknown Source)

	at java.net.URLClassLoader.access$100(Unknown Source)

	at java.net.URLClassLoader$1.run(Unknown Source)

	at java.net.URLClassLoader$1.run(Unknown Source)

	at java.security.AccessController.doPrivileged(Native Method)

	at java.net.URLClassLoader.findClass(Unknown Source)

	at java.lang.ClassLoader.loadClass(Unknown Source)

	at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)

	at java.lang.ClassLoader.loadClass(Unknown Source)

	at java.lang.ClassLoader.loadClass(Unknown Source)

	at java.lang.Class.forName0(Native Method)

	at java.lang.Class.forName(Unknown Source)

	at org.jivesoftware.openfire.plugin.rest.service.JerseyWrapper.tryLoadingAuthenticationFilter(JerseyWrapper.java:106)

	at org.jivesoftware.openfire.plugin.rest.RESTServicePlugin.loadAuthenticationFilter(RESTServicePlugin.java:206)

	at org.jivesoftware.openfire.plugin.restAPI.rest_002dapi_jsp._jspService(rest_002dapi_jsp.java:117)

	at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)

	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)

	at org.jivesoftware.openfire.container.PluginServlet.handleJSP(PluginServlet.java:382)

	at org.jivesoftware.openfire.container.PluginServlet.service(PluginServlet.java:97)

	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)

	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812)

	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1669)

	at org.jivesoftware.admin.PluginFilter.doFilter(PluginFilter.java:226)

	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)

	at org.jivesoftware.admin.AuthCheckFilter.doFilter(AuthCheckFilter.java:215)

	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)

	at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:118)

	at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:52)

	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)

	at org.jivesoftware.util.LocaleFilter.doFilter(LocaleFilter.java:73)

	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)

	at org.jivesoftware.util.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:49)

	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)

	at org.jivesoftware.admin.PluginFilter.doFilter(PluginFilter.java:226)

	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)

	at org.jivesoftware.admin.AuthCheckFilter.doFilter(AuthCheckFilter.java:215)

	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)

	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585)

	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)

	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:577)

	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223)

	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)

	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)

	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)

	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)

	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)

	at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215)

	at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:110)

	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)

	at org.eclipse.jetty.server.Server.handle(Server.java:499)

	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311)

	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)

	at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544)

	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)

	at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)

	at java.lang.Thread.run(Unknown Source)

Caused by: java.lang.ClassNotFoundException: com.sun.jersey.spi.container.ContainerRequestFilter

	at java.net.URLClassLoader.findClass(Unknown Source)

	at java.lang.ClassLoader.loadClass(Unknown Source)

	at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)

	at java.lang.ClassLoader.loadClass(Unknown Source)

	... 59 more

I quite understand that it can’t resolve the dependency with the Jersey bundle library, but i don’t know how to correct this :frowning:

I am actually using the jersey-bundle-1.18.jar library. (which is the same used in the restAPI plugin)

EDIT

It appears i was wrong and the .jar file have to be in the $\Openfire\plugins\restapi\lib diretory BUT I had to rebuild (with ant plugins) the plugin (refreshing it from the admin console was not working).

There’s no other ways of doing this ? Because everytime the restAPI plugin will be updated, i will have to rebuild it just for the custom authentication.

Maybe @Redeyes could provide some help with this, i would really appreciate it ! :slight_smile: