You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by kettch <gr...@gmail.com> on 2010/08/26 00:24:56 UTC
Moving from Axis to CXF
I've got an Axis webservice that I've been charged with moving to CXF.
The one thing that is confounding me is how to get the authentication info.
For example, this is the existing snippet in the Axis version:
MessageContext mc = MessageContext.getCurrentContext();
try {
authenticator.authenticate(mc.getUsername(),mc.getPassword());
...
operation=mc.getOperation().getName();
} catch(Exception e){
logger.warn("User authentication error - " + mc.getUsername());
throw new AxisFault(new QName(""),"User Authentication Error",
"getUser",new Element[]{});
}
Now as far as I've been able to find online, the "new" version should look
like:
@Resource private WebServiceContext context; // In the class definition
....
MessageContext mc = context.getMessageContext();
AuthorizationPolicy policy =
(AuthorizationPolicy)mc.get(AuthorizationPolicy.class);
try {
authenticator.authenticate(policy.getUsername(),policy.getPassword());
...
operation = ((QName)mc.get(Message.WSDL_OPERATION)).toString();
} catch(Exception e){
logger.warn("User authentication error - " + mc.getUsername());
throw new AxisFault(new QName(""),"User Authentication Error",
"getUser",new Element[]{});
}
But I am getting an exception thrown when getting the AuthorizationPolicy
like this:
AuthorizationPolicy policy =
(AuthorizationPolicy)mc.get(AuthorizationPolicy.class);
saying that "java.lang.Class cannot be cast to java.lang.String".
All of the examples I've seen online have the exact same code...what am I
doing wrong? I'm new to CXF so I'm sure it's something stupid. I'm using CXF
2.2.10.
--
View this message in context: http://cxf.547215.n5.nabble.com/Moving-from-Axis-to-CXF-tp2653453p2653453.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: Moving from Axis to CXF
Posted by kettch <gr...@gmail.com>.
Hmm, according to Wireshark, there are no packets being sent with
http.authorization or http.basicauth headers.
The tester client is .Net, simplified code to isolate this particular issue
(just generated a new web reference class pointing to a simple test
webmethod exposed in the same cxf project) is:
Dim proxy As New helloworld.HelloWorldService()
proxy.Credentials = New NetworkCredential("Administrator", "Administrator")
Dim result As String = proxy.greet()
Response.Write(result)
In this case, the test webmethod code is:
public String greet(){
MessageContext mc = context.getMessageContext();
Principal authUser = context.getUserPrincipal();
AuthorizationPolicy policy =
(AuthorizationPolicy)mc.get(AuthorizationPolicy.class.getName());
String username = "";
String password = "";
if(policy != null){
username = policy.getUserName();
password = policy.getPassword();
}
return "Hello, " + username + ":" + password;
}
Both authUser and policy are null objects, so something is definitely wrong
with how the authentication gets set and/or accessed.
I'll see if I can add a quick test client in Java to try the authentication
out with. In the meantime, ideas are most welcome...
--
View this message in context: http://cxf.547215.n5.nabble.com/Moving-from-Axis-to-CXF-tp2653453p2740457.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: Moving from Axis to CXF
Posted by Daniel Kulp <dk...@apache.org>.
On Thursday 26 August 2010 6:19:11 pm kettch wrote:
> Daniel Kulp wrote:
> > Actually, it's on the WebServiceContext.
> >
> > context.getUserPrincipal()
> >
> > Dan
>
> I found that just as I got your reply. :)
>
> The problem is that context.getUserPrincipal() also returns a null object
> so that doesn't want to work either.
>
> Something fishy is going on here...
That would mean the webservice container (like tomcat) isn't providing any
information. Can you wireshark the transfer and make sure that the
authentication header is in the HTTP headers? It sounds like there isn't
any basic auth stuff there which would mean the client isn't configured to
send it.
--
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog
Re: Moving from Axis to CXF
Posted by kettch <gr...@gmail.com>.
Daniel Kulp wrote:
>
> Actually, it's on the WebServiceContext.
>
> context.getUserPrincipal()
>
> Dan
>
I found that just as I got your reply. :)
The problem is that context.getUserPrincipal() also returns a null object so
that doesn't want to work either.
Something fishy is going on here...
Ryan
--
View this message in context: http://cxf.547215.n5.nabble.com/Moving-from-Axis-to-CXF-tp2653453p2739299.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: Moving from Axis to CXF
Posted by Daniel Kulp <dk...@apache.org>.
On Thursday 26 August 2010 5:40:44 pm kettch wrote:
> Daniel Kulp wrote:
> > MessageContext mc = context.getMessageContext();
> >
> > Then one of:
> > AuthorizationPolicy policy =
> >
> > (AuthorizationPolicy)mc.get(AuthorizationPolicy.class.getName());
> >
> > or if you want to use JAX-WS standard calls:
> >
> > mc.getPrincipal()
> >
> > to get the User principal from the HTTP stack and pull the username and
> > password from there.
> >
> > Dan
>
> Hmm, this:
>
> AuthorizationPolicy policy =
> (AuthorizationPolicy)mc.get(AuthorizationPolicy.class.getName());
>
> still returns policy as a null object for me (although the earlier
> exception is now gone so that's good).
>
> Also, this:
>
> mc.getPrincipal()
>
> doesn't seem to exist. MessageContext and WrappedMessageContext don't
> appear to have a getPrincipal method, am I missing something again?
Actually, it's on the WebServiceContext.
context.getUserPrincipal()
Dan
>
> Ryan
--
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog
Re: Moving from Axis to CXF
Posted by kettch <gr...@gmail.com>.
Daniel Kulp wrote:
>
> MessageContext mc = context.getMessageContext();
>
> Then one of:
>
> AuthorizationPolicy policy =
> (AuthorizationPolicy)mc.get(AuthorizationPolicy.class.getName());
>
> or if you want to use JAX-WS standard calls:
>
> mc.getPrincipal()
>
> to get the User principal from the HTTP stack and pull the username and
> password from there.
>
> Dan
>
Hmm, this:
AuthorizationPolicy policy =
(AuthorizationPolicy)mc.get(AuthorizationPolicy.class.getName());
still returns policy as a null object for me (although the earlier exception
is now gone so that's good).
Also, this:
mc.getPrincipal()
doesn't seem to exist. MessageContext and WrappedMessageContext don't appear
to have a getPrincipal method, am I missing something again?
Ryan
--
View this message in context: http://cxf.547215.n5.nabble.com/Moving-from-Axis-to-CXF-tp2653453p2739261.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: Moving from Axis to CXF
Posted by Daniel Kulp <dk...@apache.org>.
MessageContext mc = context.getMessageContext();
Then one of:
AuthorizationPolicy policy =
(AuthorizationPolicy)mc.get(AuthorizationPolicy.class.getName());
or if you want to use JAX-WS standard calls:
mc.getPrincipal()
to get the User principal from the HTTP stack and pull the username and
password from there.
Dan
On Wednesday 25 August 2010 6:24:56 pm kettch wrote:
> I've got an Axis webservice that I've been charged with moving to CXF.
>
> The one thing that is confounding me is how to get the authentication info.
>
> For example, this is the existing snippet in the Axis version:
>
> MessageContext mc = MessageContext.getCurrentContext();
> try {
> authenticator.authenticate(mc.getUsername(),mc.getPassword());
> ...
> operation=mc.getOperation().getName();
> } catch(Exception e){
> logger.warn("User authentication error - " + mc.getUsername());
> throw new AxisFault(new QName(""),"User Authentication Error",
> "getUser",new Element[]{});
> }
>
> Now as far as I've been able to find online, the "new" version should look
> like:
>
> @Resource private WebServiceContext context; // In the class definition
> ....
>
> MessageContext mc = context.getMessageContext();
> AuthorizationPolicy policy =
> (AuthorizationPolicy)mc.get(AuthorizationPolicy.class);
> try {
> authenticator.authenticate(policy.getUsername(),policy.getPassword());
> ...
> operation = ((QName)mc.get(Message.WSDL_OPERATION)).toString();
> } catch(Exception e){
> logger.warn("User authentication error - " + mc.getUsername());
> throw new AxisFault(new QName(""),"User Authentication Error",
> "getUser",new Element[]{});
> }
>
>
> But I am getting an exception thrown when getting the AuthorizationPolicy
> like this:
>
> AuthorizationPolicy policy =
> (AuthorizationPolicy)mc.get(AuthorizationPolicy.class);
>
> saying that "java.lang.Class cannot be cast to java.lang.String".
>
> All of the examples I've seen online have the exact same code...what am I
> doing wrong? I'm new to CXF so I'm sure it's something stupid. I'm using
> CXF 2.2.10.
--
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog