You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@camel.apache.org by martin11 <ma...@gmail.com> on 2013/10/26 00:30:37 UTC
HTTP Basic Authentication
Hello,
I`m trying to set BASIC Authentication on HTTP component (camel ver.
2.11.0).
I know that I can use header settings like this one:
.setHeader("Authorization", constant("Basic base64string")) and it works
fine.
But I`m looking for more elegant way to setup basic auth. Something like in
CXF spring bean and http:authorization properties.
--------- 1st test -------
So I tried to use HttpClientConfigurer:
<bean id="myHttpConfig"
class="org.apache.camel.component.http.BasicAuthenticationHttpClientConfigurer">
<constructor-arg index="0" value="false"/>
<constructor-arg index="1" value="${user}"/>
<constructor-arg index="2" value="${password}"/>
</bean>
and in route:
.to("http://{{server}}:{{port}}/{{address}}?httpClientConfigurerRef=myHttpConfig")
I got an error:
INFO - basic authentication scheme selected
INFO - No credentials available for BASIC 'WSMAN'@172.24.40.110:5985
org.apache.camel.component.http.HttpOperationFailedException: HTTP operation
failed invoking http://172.24.40.110:5985/wsman with statusCode: 401
Why is not set BASIC credentials?
--------- 2nd test -------
I also try other way:
<bean id="myAuth" class="org.apache.camel.component.http.HttpConfiguration">
<property name="authMethod" value="Basic"/>
<property name="authUsername" value="${user}"/>
<property name="authPassword" value="${password}"/>
</bean>
<bean id="http" class="org.apache.camel.component.http.HttpComponent">
<property name="camelContext" ref="myContext"/>
<property name="httpConfiguration" ref="myAuth"/>
</bean>
and in route:
.to("http://{{server}}:{{port}}/{{address}}")
I got an error:
INFO - Basic authentication scheme selected
java.io.IOException: Server returned HTTP response code: 400 for URL:
http://172.24.40.110:5985/wsman
What is the correct configuration for http basic authentication?
Thanks for any advice.
--
View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Posted by Willem Jiang <wi...@gmail.com>.
Which version of Camel are you using?
Can you try the latest release Camel 2.13.2?
If I remember right, there is an issue of setting up the camel-cxfrs endpoint interceptors which was fixed recently.
--
Willem Jiang
Red Hat, Inc.
Web: http://www.redhat.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.iteye.com (Chinese)
Twitter: willemjiang
Weibo: 姜宁willem
On September 12, 2014 at 1:54:48 PM, sayed_india (sayed.abdulislam@gmail.com) wrote:
> Hello,
> Sorry I was referring to the Java Interceptor code above mentioned which
> works fine for CXF SOAP.
>
> Cann't we make it for CXF-REST?
>
> Thanks,
> Sayed
>
>
>
> --
> View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756392.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
Re: HTTP Basic Authentication
Posted by sayed_india <sa...@gmail.com>.
Hello,
Sorry I was referring to the Java Interceptor code above mentioned which
works fine for CXF SOAP.
Cann't we make it for CXF-REST?
Thanks,
Sayed
--
View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756392.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Posted by sayed_india <sa...@gmail.com>.
Hello,
Thanks a lot for the response.Will try and let you know.
please share a sample code snippet.
However the same code works for me at server side for CXF-SOAP so why not
for CXF-REST ?
Regards,
Sayed
--
View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756346.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Posted by Willem Jiang <wi...@gmail.com>.
The configuration only work for the client side, if you want to enable the HTTP Basic Authentication on the server side, you need to setup the Jetty ServletContextHandler for it.
--
Willem Jiang
Red Hat, Inc.
Web: http://www.redhat.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.iteye.com (Chinese)
Twitter: willemjiang
Weibo: 姜宁willem
On September 9, 2014 at 1:26:41 PM, sayed_india (sayed.abdulislam@gmail.com) wrote:
> Hello,
>
> Pls find below my query of CXF-RS with Basic authentication:
>
> public void configure() throws Exception {
> System.out.println("inside route....");
> Map properties = new HashMap();
> AuthorizationPolicy authPolicy = new AuthorizationPolicy();
> authPolicy.setAuthorizationType(HttpAuthHeader.AUTH_TYPE_BASIC);
> authPolicy.setUserName("test");
> authPolicy.setPassword("test");
> authPolicy.setAuthorization("true");
>
> // properties.put(AuthorizationPolicy.class.getName(), authPolicy);
>
> properties.put("org.apache.cxf.configuration.security.AuthorizationPolicy",
> authPolicy);
>
> CxfRsEndpoint myCxfEp =
> (CxfRsEndpoint)getContext().getEndpoint("cxfrs:http://0.0.0.0:9090?resourceClasses=com.test.CompanyService&bindingStyle=SimpleConsumer");
> myCxfEp.configureProperties(properties);
> from(myCxfEp)
>
> ...
>
> I have tested it using SOAPUI doesn't ask for any authentication.
>
> Please suggest ..
>
> Thanks,
> Sayed
>
>
>
> --
> View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756208.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
Re: HTTP Basic Authentication
Posted by sayed_india <sa...@gmail.com>.
Hello,
Pls find below my query of CXF-RS with Basic authentication:
public void configure() throws Exception {
System.out.println("inside route....");
Map<String, Object> properties = new HashMap<String, Object>();
AuthorizationPolicy authPolicy = new AuthorizationPolicy();
authPolicy.setAuthorizationType(HttpAuthHeader.AUTH_TYPE_BASIC);
authPolicy.setUserName("test");
authPolicy.setPassword("test");
authPolicy.setAuthorization("true");
// properties.put(AuthorizationPolicy.class.getName(), authPolicy);
properties.put("org.apache.cxf.configuration.security.AuthorizationPolicy",
authPolicy);
CxfRsEndpoint myCxfEp =
(CxfRsEndpoint)getContext().getEndpoint("cxfrs:http://0.0.0.0:9090?resourceClasses=com.test.CompanyService&bindingStyle=SimpleConsumer");
myCxfEp.configureProperties(properties);
from(myCxfEp)
...
I have tested it using SOAPUI doesn't ask for any authentication.
Please suggest ..
Thanks,
Sayed
--
View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756208.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Posted by sayed_india <sa...@gmail.com>.
Hello Experts,
Pls share me the CXF-REST code reference to use the above Java
Authentication:
Not getting an idea how to include this BasicAuthAuthorizationInterceptor in
REST end point either in Spring or Java DSL:
Spring End point:
<from uri="cxfrs:http://localhost:9090?resourceClasses=com.test.Service"/>
Java End Point:
from("cxfrs:http://0.0.0.0:9090?resourceClasses=com.test.Service&bindingStyle=SimpleConsumer")..
Need a quick solution.
Thanks and Regards,
Sayed
--
View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756154.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Posted by sayed_india <sa...@gmail.com>.
Hello,
I tried with the code shared ,seems working fine at server end for CXF-SOAP
as tested through SOAPUI tool.
Please share the code for CXF REST Service.
However I need a Java client to call the service.
Tried many options but gives me errors.
Please send me a sample Java main client to test the authentication.
My CXF end point declaration:
------------------------------------
<bean id="securityInterceptor"
class="com.test.BasicAuthAuthorizationInterceptor">
<property name="users"><map><entry key="user-id" value="test"
/></map></property>
</bean>
<cxf:cxfEndpoint id="ReportIncidentEndpoint"
address="http://localhost:9050/service/EmployeeDetailsService"
serviceClass="in.ns.com.EmployeeDetailsPort"
wsdlURL="META-INF/wsdl/webservice.wsdl" >
<cxf:inInterceptors><ref
bean="securityInterceptor"/></cxf:inInterceptors>
</cxf:cxfEndpoint>
</beans>
-----------------
java client:
------------------
public static void main(String[] args) throws Exception {
URL url = new URL(WS_URL);
QName qname = new QName("http://com.ns.in",
"EmployeeDetailsPortService");
Service service = Service.create(url, qname);
EmployeeDetailsPort hello =
service.getPort(EmployeeDetailsPort.class);
BindingProvider port
=(BindingProvider)service.getPort(EmployeeDetailsPort.class);
port.getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"user-id");
port.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"test");
System.out.println(hello.employeeDetailsOpr( new FindEmpRequest("123")));
Error:Exception in thread "main"
com.sun.xml.internal.ws.model.RuntimeModelerException: A WebService
annotation is not present on class: in.ns.com.EmployeeDetailsPort
Thanks and regards,
Sayed
--
View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756117.html
Sent from the Camel - Users mailing list archive at Nabble.com.
RE: HTTP Basic Authentication
Posted by alexey-s <al...@mail.ru>.
Rules of the game sets the other side - http server.
Two requests are always bad, whether it's on an external authentication
server, or proxy server.
It is necessary to send a file size of 1 MByte. Length of HTTP request is
about 1.3 MByte. Two queries will give 2.6 MByte.
Aleksey
--
View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742354.html
Sent from the Camel - Users mailing list archive at Nabble.com.
RE: HTTP Basic Authentication
Posted by "Ziemer, Tom" <to...@wirecard.com>.
Hi,
it happens by design:
" Generally, preemptive authentication can be considered less
* secure than a response to an authentication challenge
* and therefore discouraged."
(see https://hc.apache.org/httpcomponents-client-4.3.x/httpclient/examples/org/apache/http/examples/client/ClientPreemptiveBasicAuthentication.java)
Regards,
Tom
-----Original Message-----
From: alexey-s [mailto:alexins@mail.ru]
Sent: Dienstag, 29. Oktober 2013 11:47
To: users@camel.apache.org
Subject: Re: HTTP Basic Authentication
You'll be surprised. CXF uses the same library Apache HttpComponents.
CXF client initially twice sends an HTTP request. The first request without authorization. Second with authorization.
For a GET request such behavior is acceptable. For a POST request is very bad.
Aleksey
--
View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742348.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Posted by Willem jiang <wi...@gmail.com>.
One thing should be point out, CXF uses Http URL Connector which is from JDK by default.
If you are using CXF 2.7.x and enable the async http client setting, it will use the Apache Http Client 4.x to send the request.
--
Willem Jiang
Red Hat, Inc.
Web: http://www.redhat.com
Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/) (English)
http://jnn.iteye.com (http://jnn.javaeye.com/) (Chinese)
Twitter: willemjiang
Weibo: 姜宁willem
On Tuesday, October 29, 2013 at 6:46 PM, alexey-s wrote:
> You'll be surprised. CXF uses the same library Apache HttpComponents.
> CXF client initially twice sends an HTTP request. The first request without
> authorization. Second with authorization.
>
> For a GET request such behavior is acceptable. For a POST request is very
> bad.
>
>
> Aleksey
>
>
>
> --
> View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742348.html
> Sent from the Camel - Users mailing list archive at Nabble.com (http://Nabble.com).
Re: HTTP Basic Authentication
Posted by alexey-s <al...@mail.ru>.
You'll be surprised. CXF uses the same library Apache HttpComponents.
CXF client initially twice sends an HTTP request. The first request without
authorization. Second with authorization.
For a GET request such behavior is acceptable. For a POST request is very
bad.
Aleksey
--
View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742348.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Posted by Willem jiang <wi...@gmail.com>.
I just captured the http request and response and found some thing interesting.
When camel-http send the request to back end server which is protected with HTTP Basic Authentication,
HttpClient sends a request without Authentication inform first, then it sends the request with the Authentication header when it get the 401 response.
If you just want to camel-http send the request with the Authentication header, you can set url like this.
from("direct:endpoint").to("http://localhost:8081?authMethod=Basic&authUsername=user1&authPassword=pwd&httpClient.authenticationPreemptive=true");
--
Willem Jiang
Red Hat, Inc.
Web: http://www.redhat.com
Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/) (English)
http://jnn.iteye.com (http://jnn.javaeye.com/) (Chinese)
Twitter: willemjiang
Weibo: 姜宁willem
On Tuesday, October 29, 2013 at 5:13 PM, Willem jiang wrote:
> I did a quick test with the camel trunk ( I think it’s same with last camel release 2.12.1), the HTTP Basic Authentication setting is work out of box.
>
> from("direct:endpoint").to("http://localhost:8081?authMethod=Basic&authUsername=user1&authPassword=pwd”);
>
> I think you need to double check if the authPassword setting, It should be a plaint text.
>
> --
> Willem Jiang
>
> Red Hat, Inc.
> Web: http://www.redhat.com
> Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/) (English)
> http://jnn.iteye.com (http://jnn.javaeye.com/) (Chinese)
> Twitter: willemjiang
> Weibo: 姜宁willem
>
>
>
>
>
> On Tuesday, October 29, 2013 at 1:03 AM, martin11 wrote:
>
> > Hi Christian,
> >
> > I tried to use HTTP auth options:
> >
> > .to("http://{{server}}:{{port}}/{{address}}?authMethod=Basic&authUsername={{user}}&authPassword={{password}}")
> >
> > But it fails again:
> >
> > INFO - Basic authentication scheme selected
> > DEBUG - Took 1889 millis to send to:
> > Endpoint[http://172.24.40.110:5985/wsman?authMethod=Basic&authPassword=******&authUsername=Administrator]
> > INFO - basic authentication scheme selected
> > INFO - No credentials available for BASIC 'WSMAN'@172.24.40.110:5985
> > DEBUG - Took 45 millis to send to: Endpoint[http://172.24.40.110:5985/wsman]
> > ERROR - Failed delivery for (MessageId: ID-asgard-47899-1382979475336-0-11
> > on ExchangeId: ID-asgard-47899-1382979475336-0-9). Exhausted after delivery
> > attempt: 1 caught:
> > org.apache.camel.component.http.HttpOperationFailedException: HTTP operation
> > failed invoking http://172.24.40.110:5985/wsman with statusCode: 401
> >
> >
> >
> > --
> > View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742320.html
> > Sent from the Camel - Users mailing list archive at Nabble.com (http://Nabble.com).
> >
>
>
Re: HTTP Basic Authentication
Posted by Willem jiang <wi...@gmail.com>.
I did a quick test with the camel trunk ( I think it’s same with last camel release 2.12.1), the HTTP Basic Authentication setting is work out of box.
from("direct:endpoint").to("http://localhost:8081?authMethod=Basic&authUsername=user1&authPassword=pwd”);
I think you need to double check if the authPassword setting, It should be a plaint text.
--
Willem Jiang
Red Hat, Inc.
Web: http://www.redhat.com
Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/) (English)
http://jnn.iteye.com (http://jnn.javaeye.com/) (Chinese)
Twitter: willemjiang
Weibo: 姜宁willem
On Tuesday, October 29, 2013 at 1:03 AM, martin11 wrote:
> Hi Christian,
>
> I tried to use HTTP auth options:
>
> .to("http://{{server}}:{{port}}/{{address}}?authMethod=Basic&authUsername={{user}}&authPassword={{password}}")
>
> But it fails again:
>
> INFO - Basic authentication scheme selected
> DEBUG - Took 1889 millis to send to:
> Endpoint[http://172.24.40.110:5985/wsman?authMethod=Basic&authPassword=******&authUsername=Administrator]
> INFO - basic authentication scheme selected
> INFO - No credentials available for BASIC 'WSMAN'@172.24.40.110:5985
> DEBUG - Took 45 millis to send to: Endpoint[http://172.24.40.110:5985/wsman]
> ERROR - Failed delivery for (MessageId: ID-asgard-47899-1382979475336-0-11
> on ExchangeId: ID-asgard-47899-1382979475336-0-9). Exhausted after delivery
> attempt: 1 caught:
> org.apache.camel.component.http.HttpOperationFailedException: HTTP operation
> failed invoking http://172.24.40.110:5985/wsman with statusCode: 401
>
>
>
> --
> View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742320.html
> Sent from the Camel - Users mailing list archive at Nabble.com (http://Nabble.com).
>
Re: HTTP Basic Authentication
Posted by martin11 <ma...@gmail.com>.
Hi Christian,
I tried to use HTTP auth options:
.to("http://{{server}}:{{port}}/{{address}}?authMethod=Basic&authUsername={{user}}&authPassword={{password}}")
But it fails again:
INFO - Basic authentication scheme selected
DEBUG - Took 1889 millis to send to:
Endpoint[http://172.24.40.110:5985/wsman?authMethod=Basic&authPassword=******&authUsername=Administrator]
INFO - basic authentication scheme selected
INFO - No credentials available for BASIC 'WSMAN'@172.24.40.110:5985
DEBUG - Took 45 millis to send to: Endpoint[http://172.24.40.110:5985/wsman]
ERROR - Failed delivery for (MessageId: ID-asgard-47899-1382979475336-0-11
on ExchangeId: ID-asgard-47899-1382979475336-0-9). Exhausted after delivery
attempt: 1 caught:
org.apache.camel.component.http.HttpOperationFailedException: HTTP operation
failed invoking http://172.24.40.110:5985/wsman with statusCode: 401
--
View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742320.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Posted by Christian Müller <ch...@gmail.com>.
Martin is using the http component, not the CXF component...
Did you checked [1]? You can set the auth options per endpoint.
[1] http://camel.apache.org/http.html
Best,
Christian
-----------------
Software Integration Specialist
Apache Member
V.P. Apache Camel | Apache Camel PMC Member | Apache Camel committer
Apache Incubator PMC Member
https://www.linkedin.com/pub/christian-mueller/11/551/642
On Sat, Oct 26, 2013 at 5:44 AM, contactreji <co...@gmail.com> wrote:
> Hi
>
> I used a interceptor approach. The java code for interceptor is as follows
>
> *package outotec.com.mes.bw.copper_recovery_perc;*
> *import java.io.IOException;*
> *import java.io.OutputStream;*
> *import java.net.HttpURLConnection;*
> *import java.util.Arrays;*
> *import java.util.List;*
> *import java.util.Map;*
> *import org.apache.cxf.binding.soap.interceptor.SoapHeaderInterceptor;*
> *import org.apache.cxf.configuration.security.AuthorizationPolicy;*
> *import org.apache.cxf.endpoint.Endpoint;*
> *import org.apache.cxf.interceptor.Fault;*
> *import org.apache.cxf.message.Exchange;*
> *import org.apache.cxf.message.Message;*
> *import org.apache.cxf.transport.Conduit;*
> *import org.apache.cxf.ws.addressing.EndpointReferenceType;*
> *import org.apache.log4j.Logger;*
> *import org.springframework.beans.factory.annotation.Required;*
> *
> *
> */***
> * * CXF Interceptor that provides HTTP Basic Authentication validation.*
> * * *
> * * Based on the concepts outline here:*
> * *
> http://chrisdail.com/2008/03/31/apache-cxf-with-http-basic-authentication*
> * **
> * * @author CDail*
> * */*
> *public class BasicAuthAuthorizationInterceptor extends
> SoapHeaderInterceptor {*
> *
> *
> * protected Logger log = Logger.getLogger(getClass());*
> * *
> * /** Map of allowed users to this system with their corresponding
> passwords. */*
> * private Map<String,String> users;*
> * *
> * @Required*
> * public void setUsers(Map<String, String> users) {*
> * this.users = users;*
> * }*
> * *
> * @Override public void handleMessage(Message message) throws Fault {*
> * // This is set by CXF*
> * AuthorizationPolicy policy =
> message.get(AuthorizationPolicy.class);*
> * *
> * // If the policy is not set, the user did not specify credentials*
> * // A 401 is sent to the client to indicate that authentication is
> required*
> * if (policy == null) {*
> * if (log.isDebugEnabled()) {*
> * log.debug("User attempted to log in with no
> credentials");*
> * }*
> * sendErrorResponse(message,
> HttpURLConnection.HTTP_UNAUTHORIZED);*
> * return;*
> * }*
> * *
> * if (log.isDebugEnabled()) {*
> * log.debug("Logging in use: " + policy.getUserName());*
> * }*
> * *
> * // Verify the password*
> * String realPassword = users.get(policy.getUserName());*
> * if (realPassword == null ||
> !realPassword.equals(policy.getPassword())) {*
> * log.error("Invalid username or password for user: " +
> policy.getUserName());*
> * *
> * sendErrorResponse(message, HttpURLConnection.HTTP_FORBIDDEN);*
> * }*
> * }*
> * *
> * private void sendErrorResponse(Message message, int responseCode) {*
> * Message outMessage = getOutMessage(message);*
> * outMessage.put(Message.RESPONSE_CODE, responseCode);*
> * *
> * // Set the response headers*
> * Map<String, List<String>> responseHeaders =*
> * (Map<String,
> List<String>>)message.get(Message.PROTOCOL_HEADERS);*
> * if (responseHeaders != null) {*
> * responseHeaders.put("WWW-Authenticate", Arrays.asList(new
> String[]{"Basic realm=realm"}));*
> * responseHeaders.put("Content-Length", Arrays.asList(new
> String[]{"0"}));*
> * }*
> * message.getInterceptorChain().abort();*
> * try {*
> * getConduit(message).prepare(outMessage);*
> * close(outMessage);*
> * } catch (IOException e) {*
> * log.warn(e.getMessage(), e);*
> * }*
> * }*
> * *
> * private Message getOutMessage(Message inMessage) {*
> * Exchange exchange = inMessage.getExchange();*
> * Message outMessage = exchange.getOutMessage();*
> * if (outMessage == null) {*
> * Endpoint endpoint = exchange.get(Endpoint.class);*
> * outMessage = endpoint.getBinding().createMessage();*
> * exchange.setOutMessage(outMessage);*
> * }*
> * outMessage.putAll(inMessage);*
> * return outMessage;*
> * }*
> * *
> * private Conduit getConduit(Message inMessage) throws IOException {*
> * Exchange exchange = inMessage.getExchange();*
> * EndpointReferenceType target =
> exchange.get(EndpointReferenceType.class);*
> * Conduit conduit =*
> * exchange.getDestination().getBackChannel(inMessage, null,
> target);*
> * exchange.setConduit(conduit);*
> * return conduit;*
> * }*
> * *
> * private void close(Message outMessage) throws IOException {*
> * OutputStream os = outMessage.getContent(OutputStream.class);*
> * os.flush();*
> * os.close();*
> * }*
> *}*
>
>
> And I configured my endpoint (in my case, its a web service CXF endpoint)
> as shown below.
> *
> *
> *<cxf:cxfEndpoint id="MESEndpoint"*
> * address="http://10.43.25.123:8181/mes/myWebserviceEndPoint"*
> * serviceClass="my.package.serviceClassImpl"*
> * wsdlURL="wsdl/myWSDL.wsdl"*
> * serviceName="p1:serviceNameFromWsdl"*
> * xmlns:p1="my.sample.webservice.wsdl.targetNamespace" xmlns:soap="
> http://schemas.xmlsoap.org/wsdl/soap/">*
> * <cxf:inInterceptors>*
> *
> *
> * <ref bean="securityInterceptor" />*
> *
> *
> * </cxf:inInterceptors>*
> *
> *
> * </cxf:cxfEndpoint>*
> *
> *
> *
> *
> * <bean id="securityInterceptor"
>
> class="outotec.com.mes.bw.copper_recovery_perc.BasicAuthAuthorizationInterceptor">
> *
> * <property name="users">*
> * <map>*
> * <entry key="${fuse_userID}" value="${fuse_userPassword}" />*
> * </map>*
> * </property>*
> *
> *
> * </bean>*
>
> It works fine for me.
>
> Would be nice if you could discuss your approach here.
>
>
>
> On Fri, Oct 25, 2013 at 3:30 PM, martin11 [via Camel] <
> ml-node+s465427n5742229h78@n5.nabble.com> wrote:
>
> > Hello,
> >
> > I`m trying to set BASIC Authentication on HTTP component (camel ver.
> > 2.11.0).
> > I know that I can use header settings like this one:
> > .setHeader("Authorization", constant("Basic base64string")) and it works
> > fine.
> >
> > But I`m looking for more elegant way to setup basic auth. Something like
> > in CXF spring bean and http:authorization properties.
> >
> > --------- 1st test -------
> > So I tried to use HttpClientConfigurer:
> > <bean id="myHttpConfig"
> >
> class="org.apache.camel.component.http.BasicAuthenticationHttpClientConfigurer">
> > <constructor-arg index="0" value="false"/>
> > <constructor-arg index="1" value="${user}"/>
> > <constructor-arg index="2" value="${password}"/>
> > </bean>
> >
> > and in route:
> > .to("http://
> {{server}}:{{port}}/{{address}}?httpClientConfigurerRef=myHttpConfig")
> >
> >
> > I got an error:
> > INFO - basic authentication scheme selected
> > INFO - No credentials available for BASIC 'WSMAN'@172.24.40.110:5985
> > org.apache.camel.component.http.HttpOperationFailedException: HTTP
> > operation failed invoking http://172.24.40.110:5985/wsman with
> > statusCode: 401
> >
> > Why is not set BASIC credentials?
> >
> > --------- 2nd test -------
> > I also try other way:
> > <bean id="myAuth"
> > class="org.apache.camel.component.http.HttpConfiguration">
> > <property name="authMethod" value="Basic"/>
> > <property name="authUsername" value="${user}"/>
> > <property name="authPassword" value="${password}"/>
> > </bean>
> >
> > <bean id="http" class="org.apache.camel.component.http.HttpComponent">
> > <property name="camelContext" ref="myContext"/>
> > <property name="httpConfiguration" ref="myAuth"/>
> > </bean>
> >
> > and in route:
> > .to("http://{{server}}:{{port}}/{{address}}")
> >
> > I got an error:
> > INFO - Basic authentication scheme selected
> > java.io.IOException: Server returned HTTP response code: 400 for URL:
> > http://172.24.40.110:5985/wsman
> >
> >
> > What is the correct configuration for http basic authentication?
> >
> > Thanks for any advice.
> >
> > ------------------------------
> > If you reply to this email, your message will be added to the discussion
> > below:
> >
> http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229.html
> > To unsubscribe from Camel - Users, click here<
> http://camel.465427.n5.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=465428&code=Y29udGFjdHJlamlAZ21haWwuY29tfDQ2NTQyOHwxMDA0OTE4MjMz
> >
> > .
> > NAML<
> http://camel.465427.n5.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml
> >
> >
>
>
>
>
> --
> View this message in context:
> http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742239.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
Re: HTTP Basic Authentication
Posted by contactreji <co...@gmail.com>.
Hi
I used a interceptor approach. The java code for interceptor is as follows
*package outotec.com.mes.bw.copper_recovery_perc;*
*import java.io.IOException;*
*import java.io.OutputStream;*
*import java.net.HttpURLConnection;*
*import java.util.Arrays;*
*import java.util.List;*
*import java.util.Map;*
*import org.apache.cxf.binding.soap.interceptor.SoapHeaderInterceptor;*
*import org.apache.cxf.configuration.security.AuthorizationPolicy;*
*import org.apache.cxf.endpoint.Endpoint;*
*import org.apache.cxf.interceptor.Fault;*
*import org.apache.cxf.message.Exchange;*
*import org.apache.cxf.message.Message;*
*import org.apache.cxf.transport.Conduit;*
*import org.apache.cxf.ws.addressing.EndpointReferenceType;*
*import org.apache.log4j.Logger;*
*import org.springframework.beans.factory.annotation.Required;*
*
*
*/***
* * CXF Interceptor that provides HTTP Basic Authentication validation.*
* * *
* * Based on the concepts outline here:*
* *
http://chrisdail.com/2008/03/31/apache-cxf-with-http-basic-authentication*
* **
* * @author CDail*
* */*
*public class BasicAuthAuthorizationInterceptor extends
SoapHeaderInterceptor {*
*
*
* protected Logger log = Logger.getLogger(getClass());*
* *
* /** Map of allowed users to this system with their corresponding
passwords. */*
* private Map<String,String> users;*
* *
* @Required*
* public void setUsers(Map<String, String> users) {*
* this.users = users;*
* }*
* *
* @Override public void handleMessage(Message message) throws Fault {*
* // This is set by CXF*
* AuthorizationPolicy policy =
message.get(AuthorizationPolicy.class);*
* *
* // If the policy is not set, the user did not specify credentials*
* // A 401 is sent to the client to indicate that authentication is
required*
* if (policy == null) {*
* if (log.isDebugEnabled()) {*
* log.debug("User attempted to log in with no credentials");*
* }*
* sendErrorResponse(message,
HttpURLConnection.HTTP_UNAUTHORIZED);*
* return;*
* }*
* *
* if (log.isDebugEnabled()) {*
* log.debug("Logging in use: " + policy.getUserName());*
* }*
* *
* // Verify the password*
* String realPassword = users.get(policy.getUserName());*
* if (realPassword == null ||
!realPassword.equals(policy.getPassword())) {*
* log.error("Invalid username or password for user: " +
policy.getUserName());*
* *
* sendErrorResponse(message, HttpURLConnection.HTTP_FORBIDDEN);*
* }*
* }*
* *
* private void sendErrorResponse(Message message, int responseCode) {*
* Message outMessage = getOutMessage(message);*
* outMessage.put(Message.RESPONSE_CODE, responseCode);*
* *
* // Set the response headers*
* Map<String, List<String>> responseHeaders =*
* (Map<String,
List<String>>)message.get(Message.PROTOCOL_HEADERS);*
* if (responseHeaders != null) {*
* responseHeaders.put("WWW-Authenticate", Arrays.asList(new
String[]{"Basic realm=realm"}));*
* responseHeaders.put("Content-Length", Arrays.asList(new
String[]{"0"}));*
* }*
* message.getInterceptorChain().abort();*
* try {*
* getConduit(message).prepare(outMessage);*
* close(outMessage);*
* } catch (IOException e) {*
* log.warn(e.getMessage(), e);*
* }*
* }*
* *
* private Message getOutMessage(Message inMessage) {*
* Exchange exchange = inMessage.getExchange();*
* Message outMessage = exchange.getOutMessage();*
* if (outMessage == null) {*
* Endpoint endpoint = exchange.get(Endpoint.class);*
* outMessage = endpoint.getBinding().createMessage();*
* exchange.setOutMessage(outMessage);*
* }*
* outMessage.putAll(inMessage);*
* return outMessage;*
* }*
* *
* private Conduit getConduit(Message inMessage) throws IOException {*
* Exchange exchange = inMessage.getExchange();*
* EndpointReferenceType target =
exchange.get(EndpointReferenceType.class);*
* Conduit conduit =*
* exchange.getDestination().getBackChannel(inMessage, null,
target);*
* exchange.setConduit(conduit);*
* return conduit;*
* }*
* *
* private void close(Message outMessage) throws IOException {*
* OutputStream os = outMessage.getContent(OutputStream.class);*
* os.flush();*
* os.close();*
* }*
*}*
And I configured my endpoint (in my case, its a web service CXF endpoint)
as shown below.
*
*
*<cxf:cxfEndpoint id="MESEndpoint"*
* address="http://10.43.25.123:8181/mes/myWebserviceEndPoint"*
* serviceClass="my.package.serviceClassImpl"*
* wsdlURL="wsdl/myWSDL.wsdl"*
* serviceName="p1:serviceNameFromWsdl"*
* xmlns:p1="my.sample.webservice.wsdl.targetNamespace" xmlns:soap="
http://schemas.xmlsoap.org/wsdl/soap/">*
* <cxf:inInterceptors>*
*
*
* <ref bean="securityInterceptor" />*
*
*
* </cxf:inInterceptors>*
*
*
* </cxf:cxfEndpoint>*
*
*
*
*
* <bean id="securityInterceptor"
class="outotec.com.mes.bw.copper_recovery_perc.BasicAuthAuthorizationInterceptor">
*
* <property name="users">*
* <map>*
* <entry key="${fuse_userID}" value="${fuse_userPassword}" />*
* </map>*
* </property>*
*
*
* </bean>*
It works fine for me.
Would be nice if you could discuss your approach here.
On Fri, Oct 25, 2013 at 3:30 PM, martin11 [via Camel] <
ml-node+s465427n5742229h78@n5.nabble.com> wrote:
> Hello,
>
> I`m trying to set BASIC Authentication on HTTP component (camel ver.
> 2.11.0).
> I know that I can use header settings like this one:
> .setHeader("Authorization", constant("Basic base64string")) and it works
> fine.
>
> But I`m looking for more elegant way to setup basic auth. Something like
> in CXF spring bean and http:authorization properties.
>
> --------- 1st test -------
> So I tried to use HttpClientConfigurer:
> <bean id="myHttpConfig"
> class="org.apache.camel.component.http.BasicAuthenticationHttpClientConfigurer">
> <constructor-arg index="0" value="false"/>
> <constructor-arg index="1" value="${user}"/>
> <constructor-arg index="2" value="${password}"/>
> </bean>
>
> and in route:
> .to("http://{{server}}:{{port}}/{{address}}?httpClientConfigurerRef=myHttpConfig")
>
>
> I got an error:
> INFO - basic authentication scheme selected
> INFO - No credentials available for BASIC 'WSMAN'@172.24.40.110:5985
> org.apache.camel.component.http.HttpOperationFailedException: HTTP
> operation failed invoking http://172.24.40.110:5985/wsman with
> statusCode: 401
>
> Why is not set BASIC credentials?
>
> --------- 2nd test -------
> I also try other way:
> <bean id="myAuth"
> class="org.apache.camel.component.http.HttpConfiguration">
> <property name="authMethod" value="Basic"/>
> <property name="authUsername" value="${user}"/>
> <property name="authPassword" value="${password}"/>
> </bean>
>
> <bean id="http" class="org.apache.camel.component.http.HttpComponent">
> <property name="camelContext" ref="myContext"/>
> <property name="httpConfiguration" ref="myAuth"/>
> </bean>
>
> and in route:
> .to("http://{{server}}:{{port}}/{{address}}")
>
> I got an error:
> INFO - Basic authentication scheme selected
> java.io.IOException: Server returned HTTP response code: 400 for URL:
> http://172.24.40.110:5985/wsman
>
>
> What is the correct configuration for http basic authentication?
>
> Thanks for any advice.
>
> ------------------------------
> If you reply to this email, your message will be added to the discussion
> below:
> http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229.html
> To unsubscribe from Camel - Users, click here<http://camel.465427.n5.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=465428&code=Y29udGFjdHJlamlAZ21haWwuY29tfDQ2NTQyOHwxMDA0OTE4MjMz>
> .
> NAML<http://camel.465427.n5.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
>
--
View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742239.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Posted by Joakim Bjørnstad <jo...@gmail.com>.
Hello,
Are you using the http component?
http://camel.apache.org/http.html
There is a section on authentication there.
Example:
from("http://examples.com/rest/hello?"
+ "authMethod=Basic"
+ "&authUsername=User"
+ "&authPassword=Password")
.to("mock:answer");
On Thu, Oct 1, 2015 at 1:29 PM, zied123456 <zi...@gmail.com> wrote:
> Hello,
> I try to send request to a webservice with camel and i dont found how to
> set
> httplogin and httppass with
> POJO i can do this:
>
> final String s = my_httpLogin+":"+my_httpPwd;
> final byte[] authBytes = s.getBytes(StandardCharsets.UTF_8);
> final String encoded = Base64.getEncoder().encodeToString(authBytes);
>
> and i set it in the header like this:
>
> con.setRequestProperty("Authorization", "Basic " + encoded);
>
> How can i do this with Camel Route ?
>
>
>
> --
> View this message in context:
> http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5772150.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
--
Kind regards
Joakim Bjørnstad
Re: HTTP Basic Authentication
Posted by zied123456 <zi...@gmail.com>.
Hello,
I try to send request to a webservice with camel and i dont found how to set
httplogin and httppass with
POJO i can do this:
final String s = my_httpLogin+":"+my_httpPwd;
final byte[] authBytes = s.getBytes(StandardCharsets.UTF_8);
final String encoded = Base64.getEncoder().encodeToString(authBytes);
and i set it in the header like this:
con.setRequestProperty("Authorization", "Basic " + encoded);
How can i do this with Camel Route ?
--
View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5772150.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Posted by Willem Jiang <wi...@gmail.com>.
Please setup the option of httpClient.authenticationPreemptive to be true.
You can find more information here[1] by searching authenticationPreemptive.
[1]https://camel.apache.org/http
--
Willem Jiang
Red Hat, Inc.
Web: http://www.redhat.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.iteye.com (Chinese)
Twitter: willemjiang
Weibo: 姜宁willem
On October 30, 2014 at 2:52:55 AM, sharathbabuk (sharathbabuk@hotmail.com) wrote:
> The preemptive authentication with HTTPS does not seem to work with
> "Camel-Http"
> It works only with "camel-http4"
>
> But I have a limitation on my container ( websphere application server 7.x )
> so cannot use "camel-http4" - does anyone know if this should work with
> "camel-http" ??
>
> == here is my camel XML DSL ======
>
>
>
>
> > password="{{ssl.store.pass}}" />
>
>
>
>
> POST
>
>
> application/json
>
>
> > uri="https:{{host}}{{auditWs.url}}?sslContextParameters=sslContextParameters%26authUsername={{auditWsAuthUsername}}%26authPassword={{auditWsAuthPassword}}%26authenticationPreemptive=true%26bridgeEndpoint=true%26throwExceptionOnFailure=false"
>
> ===
> I get a 401 ERROR when I use "camel-http"
>
>
>
>
>
> --
> View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5758314.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
Re: HTTP Basic Authentication
Posted by sharathbabuk <sh...@hotmail.com>.
The preemptive authentication with HTTPS does not seem to work with
"Camel-Http"
It works only with "camel-http4"
But I have a limitation on my container ( websphere application server 7.x )
so cannot use "camel-http4" - does anyone know if this should work with
"camel-http" ??
== here is my camel XML DSL ======
<camel:sslContextParameters id="sslContextParameters">
<camel:keyManagers keyPassword="{{ssl.store.pass}}">
<camel:keyStore resource="{{ssl.store.path}}"
password="{{ssl.store.pass}}" />
</camel:keyManagers>
</camel:sslContextParameters>
<setHeader headerName="CamelHttpMethod">
<constant>POST</constant>
</setHeader>
<setHeader headerName="Content-Type">
<constant>application/json</constant>
</setHeader>
<setExchangePattern pattern="InOut" />
<to
uri="https:{{host}}{{auditWs.url}}?sslContextParameters=sslContextParameters%26authUsername={{auditWsAuthUsername}}%26authPassword={{auditWsAuthPassword}}%26authenticationPreemptive=true%26bridgeEndpoint=true%26throwExceptionOnFailure=false"
===
I get a 401 ERROR when I use "camel-http"
--
View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5758314.html
Sent from the Camel - Users mailing list archive at Nabble.com.