You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by bu...@apache.org on 2020/02/13 17:56:41 UTC
svn commit: r1056511 - in /websites/production/cxf/content:
cache/docs.pageCache docs/client-http-transport-including-ssl-support.html
Author: buildbot
Date: Thu Feb 13 17:56:40 2020
New Revision: 1056511
Log:
Production update by buildbot for cxf
Modified:
websites/production/cxf/content/cache/docs.pageCache
websites/production/cxf/content/docs/client-http-transport-including-ssl-support.html
Modified: websites/production/cxf/content/cache/docs.pageCache
==============================================================================
Binary files - no diff available.
Modified: websites/production/cxf/content/docs/client-http-transport-including-ssl-support.html
==============================================================================
--- websites/production/cxf/content/docs/client-http-transport-including-ssl-support.html (original)
+++ websites/production/cxf/content/docs/client-http-transport-including-ssl-support.html Thu Feb 13 17:56:40 2020
@@ -119,11 +119,11 @@ Apache CXF -- Client HTTP Transport (inc
<!-- Content -->
<div class="wiki-content">
<div id="ConfluenceContent"><p><style type="text/css">/*<![CDATA[*/
-div.rbtoc1569016566372 {padding: 0px;}
-div.rbtoc1569016566372 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1569016566372 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1581616561871 {padding: 0px;}
+div.rbtoc1581616561871 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1581616561871 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style></p><div class="toc-macro rbtoc1569016566372">
+/*]]>*/</style></p><div class="toc-macro rbtoc1581616561871">
<ul class="toc-indentation"><li><a shape="rect" href="#ClientHTTPTransport(includingSSLsupport)-Authentication">Authentication</a>
<ul class="toc-indentation"><li><a shape="rect" href="#ClientHTTPTransport(includingSSLsupport)-BasicAuthentication">Basic Authentication</a></li><li><a shape="rect" href="#ClientHTTPTransport(includingSSLsupport)-DigestAuthentication">Digest Authentication</a></li><li><a shape="rect" href="#ClientHTTPTransport(includingSSLsupport)-Supplyingdynamicauthorization">Supplying dynamic authorization</a></li><li><a shape="rect" href="#ClientHTTPTransport(includingSSLsupport)-SpnegoAuthentication(Kerberos)">Spnego Authentication (Kerberos)</a>
<ul class="toc-indentation"><li><a shape="rect" href="#ClientHTTPTransport(includingSSLsupport)-CredentialDelegation">Credential Delegation</a></li></ul>
@@ -354,7 +354,7 @@ http.setClient(httpClientPolicy);
...
greeter.sayHi("Hello");
</pre>
-</div></div><h3 id="ClientHTTPTransport(includingSSLsupport)-HowtouseHTTPConduitConfigurer?">How to use HTTPConduitConfigurer?</h3><p>In certain cases, the HTTPConduit could be recreated as such loosing the preconfigured policies. To overcome that, the HTTPConduitConfigurer has been introduced. Here is an example of how it could be used.</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><h3 id="ClientHTTPTransport(includingSSLsupport)-HowtouseHTTPConduitConfigurer?">How to use HTTPConduitConfigurer?</h3><p>In certain cases, the HTTPConduit could be recreated (for example when using the FailoverFeature) and therefore losing the preconfigured policies. To overcome that, the HTTPConduitConfigurer has been introduced. Here is an example of how it could be used.</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<pre class="brush: java; gutter: false; theme: Default"> HTTPConduitConfigurer httpConduitConfigurer = new HTTPConduitConfigurer() {
public void configure(String name, String address, HTTPConduit c) {
HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
@@ -369,7 +369,7 @@ http.setClient(httpClientPolicy);
bus.setExtension(httpConduitConfigurer, HTTPConduitConfigurer.class);
</pre>
-</div></div><p class="code-java"><br clear="none"><br clear="none"></p><h3 id="ClientHTTPTransport(includingSSLsupport)-Howtooverridetheserviceaddress?">How to override the service address ?</h3><p>If you are using JAXWS API to create the proxy obejct, here is an example which is complete JAX-WS compliant code</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p class="code-java"><br clear="none"></p><h3 id="ClientHTTPTransport(includingSSLsupport)-Howtooverridetheserviceaddress?">How to override the service address ?</h3><p>If you are using JAXWS API to create the proxy obejct, here is an example which is complete JAX-WS compliant code</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<pre class="brush: java; gutter: false; theme: Default"> URL wsdlURL = MyService.class.getClassLoader
.getResource ("myService.wsdl");
QName serviceName = new QName("urn:myService", "MyService");
@@ -400,7 +400,7 @@ bus.setExtension(httpConduitConfigurer,
// Passing the SEI class that is generated by wsdl2java
ServicePort proxy = service.getPort(portName, SEI.class);
</pre>
-</div></div><h2 id="ClientHTTPTransport(includingSSLsupport)-ClientCacheControlDirectives">Client Cache Control Directives</h2><p>The following table lists the cache control directives supported by an HTTP client.</p><div class="table-wrap"><table class="wrapped confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Directive</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>Behavior</p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>no-cache</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>Caches cannot use a particular response to satisfy subsequent requests without first revalidating that response with the server. If specific response header fields are specified with this value, the restriction applies only to those header fields within the response. If no response header fields are specified, the restriction applies to the entire response.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>no-store
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>Caches must not store any part of a response or any part of the request that invoked it.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>max-age</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The consumer can accept a response whose age is no greater than the specified time in seconds.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>max-stale</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The consumer can accept a response that has exceeded its expiration time. If a value is assigned to max-stale, it represents the number of seconds beyond the expiration time of a response up to which the consumer can still accept that response. If no value is assigned, it means the consumer can accept a stale response of any age.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>min-fresh</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The c
onsumer wants a response that will be still be fresh for at least the specified number of seconds indicated.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>no-transform</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>Caches must not modify media type or location of the content in a response between a provider and a consumer.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>only-if-cached</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>Caches should return only responses that are currently stored in the cache, and not responses that need to be reloaded or revalidated.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>cache-extension</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>Specifies additional extensions to the other cache directives. Extensions might be informational or behavioral. An extended directive is specified in the context of a standard directive, so that applications not
understanding the extended directive can at least adhere to the behavior mandated by the standard directive.</p></td></tr></tbody></table></div><h1 id="ClientHTTPTransport(includingSSLsupport)-ANoteAboutChunking">A Note About Chunking</h1><p>There are two ways of putting a body into an HTTP stream:</p><ul><li>The "standard" way used by most browsers is to specify a Content-Length header in the HTTP headers. This allows the receiver to know how much data is coming and when to stop reading. The problem with this approach is that the length needs to be pre-determined. The data cannot be streamed as generated as the length needs to be calculated upfront. Thus, if chunking is turned off, we need to buffer the data in a byte buffer (or temp file if too large) so that the Content-Length can be calculated.</li><li>Chunked - with this mode, the data is sent to the receiver in chunks. Each chunk is preceded by a hexidecimal chunk size. When a chunk size is 0, the receiver knows all the data h
as been received. This mode allows better streaming as we just need to buffer a small amount, up to 8K by default, and when the buffer fills, write out the chunk.</li></ul><p>In general, Chunked will perform better as the streaming can take place directly. HOWEVER, there are some problems with chunking:</p><ul><li>Many proxy servers don't understand it, especially older proxy servers. Many proxy servers want the Content-Length up front so they can allocate a buffer to store the request before passing it onto the real server.</li><li>Some of the older WebServices stacks also have problems with Chunking. Specifically, older versions of .NET.</li></ul><p>If you are getting strange errors (generally not soap faults, but other HTTP type errors) when trying to interact with a service, try turning off chunking to see if that helps.</p><h1 id="ClientHTTPTransport(includingSSLsupport)-Whentosetcustomheaders">When to set custom headers</h1><p>If you use a custom CXF interceptor to set one or
more outbound HTTP headers then it is recommended to get this interceptor running at a stage preceding the WRITE stage, before the outbound body is written out.</p><p>Otherwise the custom headers may get lost. The headers may get retained in some cases even if they are added after the body is written out, example, when a chunking threshold value (4K by default) has not been reached,</p><p>but relying on it for the headers not to be lost is brittle and should be avoided.</p><h1 id="ClientHTTPTransport(includingSSLsupport)-AsynchronousHTTPConduit">Asynchronous HTTP Conduit</h1><p>Please see <a shape="rect" href="asynchronous-client-http-transport.html">Asynchronous HTTP Conduit</a> page for more information.</p></div>
+</div></div><h2 id="ClientHTTPTransport(includingSSLsupport)-ClientCacheControlDirectives">Client Cache Control Directives</h2><p>The following table lists the cache control directives supported by an HTTP client.</p><div class="table-wrap"><table class="wrapped confluenceTable"><colgroup span="1"><col span="1"><col span="1"></colgroup><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Directive</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>Behavior</p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>no-cache</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>Caches cannot use a particular response to satisfy subsequent requests without first revalidating that response with the server. If specific response header fields are specified with this value, the restriction applies only to those header fields within the response. If no response header fields are specified, the restriction applies to the entire response.</p></td></tr><tr><t
d colspan="1" rowspan="1" class="confluenceTd"><p>no-store</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>Caches must not store any part of a response or any part of the request that invoked it.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>max-age</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The consumer can accept a response whose age is no greater than the specified time in seconds.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>max-stale</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The consumer can accept a response that has exceeded its expiration time. If a value is assigned to max-stale, it represents the number of seconds beyond the expiration time of a response up to which the consumer can still accept that response. If no value is assigned, it means the consumer can accept a stale response of any age.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>min-fresh</p></td
><td colspan="1" rowspan="1" class="confluenceTd"><p>The consumer wants a response that will be still be fresh for at least the specified number of seconds indicated.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>no-transform</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>Caches must not modify media type or location of the content in a response between a provider and a consumer.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>only-if-cached</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>Caches should return only responses that are currently stored in the cache, and not responses that need to be reloaded or revalidated.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>cache-extension</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>Specifies additional extensions to the other cache directives. Extensions might be informational or behavioral. An extended directive is specified in the
context of a standard directive, so that applications not understanding the extended directive can at least adhere to the behavior mandated by the standard directive.</p></td></tr></tbody></table></div><h1 id="ClientHTTPTransport(includingSSLsupport)-ANoteAboutChunking">A Note About Chunking</h1><p>There are two ways of putting a body into an HTTP stream:</p><ul><li>The "standard" way used by most browsers is to specify a Content-Length header in the HTTP headers. This allows the receiver to know how much data is coming and when to stop reading. The problem with this approach is that the length needs to be pre-determined. The data cannot be streamed as generated as the length needs to be calculated upfront. Thus, if chunking is turned off, we need to buffer the data in a byte buffer (or temp file if too large) so that the Content-Length can be calculated.</li><li>Chunked - with this mode, the data is sent to the receiver in chunks. Each chunk is preceded by a hexidecimal chunk size.
When a chunk size is 0, the receiver knows all the data has been received. This mode allows better streaming as we just need to buffer a small amount, up to 8K by default, and when the buffer fills, write out the chunk.</li></ul><p>In general, Chunked will perform better as the streaming can take place directly. HOWEVER, there are some problems with chunking:</p><ul><li>Many proxy servers don't understand it, especially older proxy servers. Many proxy servers want the Content-Length up front so they can allocate a buffer to store the request before passing it onto the real server.</li><li>Some of the older WebServices stacks also have problems with Chunking. Specifically, older versions of .NET.</li></ul><p>If you are getting strange errors (generally not soap faults, but other HTTP type errors) when trying to interact with a service, try turning off chunking to see if that helps.</p><h1 id="ClientHTTPTransport(includingSSLsupport)-Whentosetcustomheaders">When to set custom headers
</h1><p>If you use a custom CXF interceptor to set one or more outbound HTTP headers then it is recommended to get this interceptor running at a stage preceding the WRITE stage, before the outbound body is written out.</p><p>Otherwise the custom headers may get lost. The headers may get retained in some cases even if they are added after the body is written out, example, when a chunking threshold value (4K by default) has not been reached,</p><p>but relying on it for the headers not to be lost is brittle and should be avoided.</p><h1 id="ClientHTTPTransport(includingSSLsupport)-AsynchronousHTTPConduit">Asynchronous HTTP Conduit</h1><p>Please see <a shape="rect" href="asynchronous-client-http-transport.html">Asynchronous HTTP Conduit</a> page for more information.</p></div>
</div>
<!-- Content -->
</td>