You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by stimpy <st...@patriot.net> on 2011/06/03 22:27:12 UTC
CXF with basic authentication with wsdl2java
I am using CXF and the wsdl2java tool to generate the classes. The process
works nicely.
However the services are protected by basic authentication and unfortunately
its a customer requirement.
The wsdls are not protected by basic authentication.
What I would like to do is pass in credentials in my bindings.xml file for
the client to use for all connections . However I am unable to find a
method to do this.
I debated adding the credentials as follows
@Autowired
com.myClass.gen.myCodePort remote
@RequestMapping(value=/test)
public String getResult(){
// Cast the proxy to a BindingProvider
BindingProvider portMod= (BindingProvider) remote;
portMod.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "un");
portMod.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "pw");
String myResult = remote.getServerStatus();
}
however this resulted in continued "Cannot retry due to server
authentication, in retry mode" errors.
When I review the logs of the web server that is hosting the service, I see
one request with credentials and 1 without . I cannot find where the
un-credentialed second request is coming from but it has the same target as
the first ( which is accepted ) .
Since I have many services that I need to generate from ( one of the reasons
I chose CXF ) i would really rather not manually edit the generated code (
even if that was a good idea ) .
so I need a method to add the credentials to the service at generation time
.
Anyone have any suggestions ? Does CXF support such a thing ?
thanks
--
View this message in context: http://cxf.547215.n5.nabble.com/CXF-with-basic-authentication-with-wsdl2java-tp4452439p4452439.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: CXF with basic authentication with wsdl2java
Posted by Freeman Fang <fr...@gmail.com>.
Hi,
My comment inline
On 2011-6-7, at 上午10:20, stimpy wrote:
> Freeman
>
> Thanks for the update.
>
> Does the element http-conf:basicAuthSupplier have a function is this
> case ?
Generally no, use authorization preemptively is enough.
basicAuthSupplier can also support the "401 http challenge" besides
preemptive way, you may need google to get more info about what's "401
http challenge"
>
> Hows does
>
> name="*.http-conduit"
>
> differ from
>
> name="http://localhost:8080/.*"
>
> or are they equivalent
No, they're not equivalent.
name="*.http-conduit" can match all endpoints regardless the port name.
name="http://localhost:8080/.*" can match all target url start with http://localhost:8080/
, it can even include the basic auth for downloading wsdl file
> name="*.http-conduit"
>
> Since the web server is this case is IIS 6.0 can should I also set
> chunking
> to false ?
I think you can also turn on chunking for IIS6.0 for better performance.
Freeman
>
> thanks again
>
> stimpy
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/CXF-with-basic-authentication-with-wsdl2java-tp4452439p4460614.html
> Sent from the cxf-user mailing list archive at Nabble.com.
---------------------------------------------
Freeman Fang
FuseSource
Email:ffang@fusesource.com
Web: fusesource.com
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com
Re: CXF with basic authentication with wsdl2java
Posted by stimpy <st...@patriot.net>.
Freeman
Thanks for the update.
Does the element http-conf:basicAuthSupplier have a function is this case ?
Hows does
name="*.http-conduit"
differ from
name="http://localhost:8080/.*"
or are they equivalent ?
Since the web server is this case is IIS 6.0 can should I also set chunking
to false ?
thanks again
stimpy
--
View this message in context: http://cxf.547215.n5.nabble.com/CXF-with-basic-authentication-with-wsdl2java-tp4452439p4460614.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: CXF with basic authentication with wsdl2java
Posted by Freeman Fang <fr...@gmail.com>.
Hi,
My comment inline
On 2011-6-5, at 上午12:23, stimpy wrote:
> Thanks for the post Freeman
>
> That link was very helpful ( as is your blog ), not sure how I
> missed it .
>
> So if I am only using basic authentication then i need the following
> namespaces
>
> <beans ...
>
> xmlns:http-conf="http://cxf.apache.org/transports/http/configuration
> ...
> xsi:schemaLocation="...
> http://cxf.apache.org/transports/http/configuration
> http://cxf.apache.org/schemas/configuration/http-conf.xsd
> ...>
>
> and the following elements
>
> <http-conf:conduit
> name="{http://apache.org/hello_world}HelloWorld.http-conduit">
>
> <http:authorization>
> <sec:UserName>Betty</sec:UserName>
> <sec:Password>password</sec:Password>
> </http:authorization>
>
> </http-conf:conduit>
>
> and the conduit name is set for based on the format portQName.http-
> conduit
You actually can use
<http:conduit name="*.http-conduit">
which can match any endpoint as you mentioned before you wanna basic
auth for all of your endpoint.
>
> Should the <http:authorization> elements be changed to
> <http-conf:authorization> to match the namespace in the example i
> posted
> above ?
yes
>
> Do I need to add a xmlns:sec="http://cxf.apache.org/configuration/security
> "
> and http://cxf.apache.org/schemas/configuration/security.xsd
> or are
> those only when using SSL ?
>
no.
Freeman
> thanks
>
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/CXF-with-basic-authentication-with-wsdl2java-tp4452439p4454308.html
> Sent from the cxf-user mailing list archive at Nabble.com.
---------------------------------------------
Freeman Fang
FuseSource
Email:ffang@fusesource.com
Web: fusesource.com
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com
Re: CXF with basic authentication with wsdl2java
Posted by stimpy <st...@patriot.net>.
Thanks for the post Freeman
That link was very helpful ( as is your blog ), not sure how I missed it .
So if I am only using basic authentication then i need the following
namespaces
<beans ...
xmlns:http-conf="http://cxf.apache.org/transports/http/configuration
...
xsi:schemaLocation="...
http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
...>
and the following elements
<http-conf:conduit
name="{http://apache.org/hello_world}HelloWorld.http-conduit">
<http:authorization>
<sec:UserName>Betty</sec:UserName>
<sec:Password>password</sec:Password>
</http:authorization>
</http-conf:conduit>
and the conduit name is set for based on the format portQName.http-conduit
Should the <http:authorization> elements be changed to
<http-conf:authorization> to match the namespace in the example i posted
above ?
Do I need to add a xmlns:sec="http://cxf.apache.org/configuration/security"
and http://cxf.apache.org/schemas/configuration/security.xsd or are
those only when using SSL ?
thanks
--
View this message in context: http://cxf.547215.n5.nabble.com/CXF-with-basic-authentication-with-wsdl2java-tp4452439p4454308.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: CXF with basic authentication with wsdl2java
Posted by Freeman Fang <fr...@gmail.com>.
Hi,
To enable basic auth on client side for all endpoints, you needn't
manually change each generated code, you can just add a configuration
file for the http:conduit of the CXF bus, something like
<http:authorization>
<sec:UserName>Betty</sec:UserName>
<sec:Password>password</sec:Password>
</http:authorization>
Take a look at [1] to get more details
[1]http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
Freeman
On 2011-6-4, at 上午4:27, stimpy wrote:
> I am using CXF and the wsdl2java tool to generate the classes. The
> process
> works nicely.
>
> However the services are protected by basic authentication and
> unfortunately
> its a customer requirement.
> The wsdls are not protected by basic authentication.
>
> What I would like to do is pass in credentials in my bindings.xml
> file for
> the client to use for all connections . However I am unable to find a
> method to do this.
>
> I debated adding the credentials as follows
>
> @Autowired
> com.myClass.gen.myCodePort remote
>
> @RequestMapping(value=/test)
> public String getResult(){
>
> // Cast the proxy to a BindingProvider
> BindingProvider portMod= (BindingProvider) remote;
>
>
> portMod.getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
> "un");
>
> portMod.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
> "pw");
>
> String myResult = remote.getServerStatus();
> }
>
>
> however this resulted in continued "Cannot retry due to server
> authentication, in retry mode" errors.
>
> When I review the logs of the web server that is hosting the
> service, I see
> one request with credentials and 1 without . I cannot find where the
> un-credentialed second request is coming from but it has the same
> target as
> the first ( which is accepted ) .
>
> Since I have many services that I need to generate from ( one of the
> reasons
> I chose CXF ) i would really rather not manually edit the generated
> code (
> even if that was a good idea ) .
>
> so I need a method to add the credentials to the service at
> generation time
> .
>
> Anyone have any suggestions ? Does CXF support such a thing ?
>
> thanks
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/CXF-with-basic-authentication-with-wsdl2java-tp4452439p4452439.html
> Sent from the cxf-user mailing list archive at Nabble.com.
---------------------------------------------
Freeman Fang
FuseSource
Email:ffang@fusesource.com
Web: fusesource.com
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com