You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@camel.apache.org by "ben (JIRA)" <ji...@apache.org> on 2011/03/11 12:12:59 UTC

[jira] Issue Comment Edited: (CAMEL-3779) HttpProducer drops authentification parameters.

    [ https://issues.apache.org/jira/browse/CAMEL-3779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13005597#comment-13005597 ] 

ben edited comment on CAMEL-3779 at 3/11/11 11:11 AM:
------------------------------------------------------

Hi Claus, 

thanks for the fast reply. 

{quote}
Is username and password parameters you must send to the remote server?
Or part of authentication using eg BASIC on the http client?
{quote}

The username and password parameters are needed for BASIC authentication via the http client. 

{quote}
Can you try with camel-http instead of camel-http4 component?
{quote}
Yes, with the same result: no authentification scheme is provided with the request. 

Is there any way to provide this information into the http client? 
What do you think about provide auth. information via addional header information from the Exchange?
The HttpProducer extract the information and set the auth. scheme in the http client.
In the style of the HttpConfiguration of camel-http, we could introduce the following header parameters:
||Name||Description||
|Exchange.HTTP_AUTHTIFICATION_SCHEMA| Basic, Digest, Ntml|
|Exchange.HTTP_USENAME | the username for the HTTP request |
|Exchange.HTTP_PASSWORD| the password for the HTTP request|
|Exchange.HTTP_Domain| for NTML authentication |
|Exchange.HTTP_AUTH_HOST| Optional host for NTML authentication |
|Exchange.HTTP_PROXY_HOST | the proxy to use |
|Exchange.HTTP_PROXY_AUTH_METHOD | the auth. scheme for the proxy |
|Exchange.HTTP_PROXY_USERNAME | the username for the proxy |
|Exchange.HTTP_PROXY_PASSWORD |the password for the proxy |

If you like, I can implement such a solution. 

thanks,
ben 


      was (Author: ben@micromata.de):
    Hi Claus, 

thanks for the fast reply. 

{quote}
Is username and password parameters you must send to the remote server?
Or part of authentication using eg BASIC on the http client?
{quote}

The username and password parameters are needed for BASIC authentication via the http client. 

{quote}
Can you try with camel-http instead of camel-http4 component?
{quote}
Yes, with the same result: no authentification scheme is provided with the request. 

Is there any way to provide this information into the http client? 
E.g. via addional header information in the Exchange, like:
||Name||Description||
Exchange.HTTP_AUTHTIFICATION_SCHEMA| Basic, Digest, Ntml|
Exchange.HTTP_USENAME | the username for the HTTP request |
Exchange.HTTP_PASSWORD| the password for the HTTP request|
Exchange.HTTP_Domain| for NTML authentication |
Exchange.HTTP_AUTH_HOST| Optional host for NTML authentication |
Exchange.HTTP_PROXY_HOST | the proxy to use |
Exchange.HTTP_PROXY_AUTH_METHOD | the auth. scheme for the proxy |
Exchange.HTTP_PROXY_USERNAME | the username for the proxy |
Exchange.HTTP_PROXY_PASSWORD |the password for the proxy |

If you like, I can implement such a solution. 

thanks,
ben 

  
> HttpProducer drops authentification parameters.
> -----------------------------------------------
>
>                 Key: CAMEL-3779
>                 URL: https://issues.apache.org/jira/browse/CAMEL-3779
>             Project: Camel
>          Issue Type: Bug
>          Components: camel-http
>    Affects Versions: 2.6.0
>            Reporter: ben
>
> Hi, 
> I run into the following problem with Camel 2.6.0:
> An HTML file contain an URI lists of files to be downloaded from a web server to the local file system.
> The HTML file is parsed via a Java Bean Splitter. The Java Bean Splitter produces a Set of URI strings.
> These files should be downloaded from a web server to the local file system. The files are protected with BASIC authentification.
> The extraction and the splitting of the download URIs works quite well with the Java Bean Splitter.
> The Java Bean Splitter produces URI like: 
> {code}http4://download.acme.com/file_1.txt?username=foo&password=baa{code}
> Here's the setup:
> {code}
> <route>
>    <from uri="file:///tmp/files_to_retrieve/" />
>    <method bean="prepareDownLoadUri" method="parseIndexHtml" />
>    <setHeader headerName="CamelHttpMethod">
>      <constant>GET</constant>
>    </setHeader> 
>    <setHeader headerName="CamelHttpUri">
>      <simple>${body}</simple>
>    </setHeader>
>    <to uri="http4://download.acme.com/" />
>    <to uri="bean:saveFileProcessor" />
> </route>
> <bean id="prepareDownLoadUri" class="com.acme.PrepareDownLoadUri" />
> <bean id="saveFileProcessor" class="com.acme.SaveFileProcessor" />
> {code}
> The injection of the URIs from the Splitter into the HttpProducer, works quite well. 
> I debugged into the HttpProducer and it seems, that the HttpProducer does not provide the unterlying http client (in this case Apache HttpClient 4) with  the authentification settings from the URI.
> At first, the queryString is extracted from the Exchange-Header (if provided)
> {code:title=HttpProducer.createMethod(), line 273}
> String url = HttpHelper.createURL(exchange, getEndpoint());
> {code}
> The url string contains the URI produces by the splitter including the authentification parameters: 
> {code}http4://download.acme.com/file_1.txt?username=foo&password=baa{code}
> Then the HttpProducer assembles a new URI for the requests. The new URI is assembled from parts of the string url (line 273)  
> and other parameters from the Exchange Header: 
> {code:title=HttpProducer.createMethod(), lines 285-300}
>         // is a query string provided in the endpoint URI or in a header (header overrules endpoint)
>         String queryString = exchange.getIn().getHeader(Exchange.HTTP_QUERY, String.class);
>         if (queryString == null) {
>             queryString = getEndpoint().getHttpUri().getRawQuery();
>         }
>         StringBuilder builder = new StringBuilder(uri.getScheme()).append("://").append(uri.getHost());
>         if (uri.getPort() != -1) {
>             builder.append(":").append(uri.getPort());
>         }
>         if (uri.getPath() != null) {
>             builder.append(uri.getRawPath());
>         }
>         if (queryString != null) {
>             builder.append('?');
>             builder.append(queryString);
>         }
>         HttpRequestBase httpRequest = methodToUse.createMethod(builder.toString());
> {code}
> The problem is, in the assembling of the new URI, the authentification parameters are dropped.  
> One possible solution could be: 
> # check for authentification parameters in the url (line 273) and extract them.
> # build the credentials, AuthScheme and provide it to the underlying http client.
> thanks in advance,
> ben

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira