camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christian Müller <christian.muel...@gmail.com>
Subject Re: HTTP Basic Authentication
Date Sat, 26 Oct 2013 08:25:03 GMT
Martin is using the http component, not the CXF component...

Did you checked [1]? You can set the auth options per endpoint.

[1] http://camel.apache.org/http.html

Best,

Christian
-----------------

Software Integration Specialist

Apache Member
V.P. Apache Camel | Apache Camel PMC Member | Apache Camel committer
Apache Incubator PMC Member

https://www.linkedin.com/pub/christian-mueller/11/551/642


On Sat, Oct 26, 2013 at 5:44 AM, contactreji <contactreji@gmail.com> wrote:

> Hi
>
> I used a interceptor approach. The java code for interceptor is as follows
>
> *package outotec.com.mes.bw.copper_recovery_perc;*
> *import java.io.IOException;*
> *import java.io.OutputStream;*
> *import java.net.HttpURLConnection;*
> *import java.util.Arrays;*
> *import java.util.List;*
> *import java.util.Map;*
> *import org.apache.cxf.binding.soap.interceptor.SoapHeaderInterceptor;*
> *import org.apache.cxf.configuration.security.AuthorizationPolicy;*
> *import org.apache.cxf.endpoint.Endpoint;*
> *import org.apache.cxf.interceptor.Fault;*
> *import org.apache.cxf.message.Exchange;*
> *import org.apache.cxf.message.Message;*
> *import org.apache.cxf.transport.Conduit;*
> *import org.apache.cxf.ws.addressing.EndpointReferenceType;*
> *import org.apache.log4j.Logger;*
> *import org.springframework.beans.factory.annotation.Required;*
> *
> *
> */***
> * * CXF Interceptor that provides HTTP Basic Authentication validation.*
> * * *
> * * Based on the concepts outline here:*
> * *
> http://chrisdail.com/2008/03/31/apache-cxf-with-http-basic-authentication*
> * **
> * * @author CDail*
> * */*
> *public class BasicAuthAuthorizationInterceptor extends
> SoapHeaderInterceptor {*
> *
> *
> *    protected Logger log = Logger.getLogger(getClass());*
> *    *
> *    /** Map of allowed users to this system with their corresponding
> passwords. */*
> *    private Map<String,String> users;*
> *    *
> *    @Required*
> *    public void setUsers(Map<String, String> users) {*
> *        this.users = users;*
> *    }*
> *    *
> *    @Override public void handleMessage(Message message) throws Fault {*
> *        // This is set by CXF*
> *        AuthorizationPolicy policy =
> message.get(AuthorizationPolicy.class);*
> *        *
> *        // If the policy is not set, the user did not specify credentials*
> *        // A 401 is sent to the client to indicate that authentication is
> required*
> *        if (policy == null) {*
> *            if (log.isDebugEnabled()) {*
> *                log.debug("User attempted to log in with no
> credentials");*
> *            }*
> *            sendErrorResponse(message,
> HttpURLConnection.HTTP_UNAUTHORIZED);*
> *            return;*
> *        }*
> *        *
> *        if (log.isDebugEnabled()) {*
> *            log.debug("Logging in use: " + policy.getUserName());*
> *        }*
> *        *
> *        // Verify the password*
> *        String realPassword = users.get(policy.getUserName());*
> *        if (realPassword == null ||
> !realPassword.equals(policy.getPassword())) {*
> *            log.error("Invalid username or password for user: " +
> policy.getUserName());*
> *           *
> *            sendErrorResponse(message, HttpURLConnection.HTTP_FORBIDDEN);*
> *        }*
> *    }*
> *    *
> *    private void sendErrorResponse(Message message, int responseCode) {*
> *        Message outMessage = getOutMessage(message);*
> *        outMessage.put(Message.RESPONSE_CODE, responseCode);*
> *        *
> *        // Set the response headers*
> *        Map<String, List<String>> responseHeaders =*
> *            (Map<String,
> List<String>>)message.get(Message.PROTOCOL_HEADERS);*
> *        if (responseHeaders != null) {*
> *            responseHeaders.put("WWW-Authenticate", Arrays.asList(new
> String[]{"Basic realm=realm"}));*
> *            responseHeaders.put("Content-Length", Arrays.asList(new
> String[]{"0"}));*
> *        }*
> *        message.getInterceptorChain().abort();*
> *        try {*
> *            getConduit(message).prepare(outMessage);*
> *            close(outMessage);*
> *        } catch (IOException e) {*
> *            log.warn(e.getMessage(), e);*
> *        }*
> *    }*
> *    *
> *    private Message getOutMessage(Message inMessage) {*
> *        Exchange exchange = inMessage.getExchange();*
> *        Message outMessage = exchange.getOutMessage();*
> *        if (outMessage == null) {*
> *            Endpoint endpoint = exchange.get(Endpoint.class);*
> *            outMessage = endpoint.getBinding().createMessage();*
> *            exchange.setOutMessage(outMessage);*
> *        }*
> *        outMessage.putAll(inMessage);*
> *        return outMessage;*
> *    }*
> *    *
> *    private Conduit getConduit(Message inMessage) throws IOException {*
> *        Exchange exchange = inMessage.getExchange();*
> *        EndpointReferenceType target =
> exchange.get(EndpointReferenceType.class);*
> *        Conduit conduit =*
> *            exchange.getDestination().getBackChannel(inMessage, null,
> target);*
> *        exchange.setConduit(conduit);*
> *        return conduit;*
> *    }*
> *    *
> *    private void close(Message outMessage) throws IOException {*
> *        OutputStream os = outMessage.getContent(OutputStream.class);*
> *        os.flush();*
> *        os.close();*
> *    }*
> *}*
>
>
> And I configured my endpoint (in my case, its a web service CXF endpoint)
> as shown below.
> *
> *
> *<cxf:cxfEndpoint id="MESEndpoint"*
> * address="http://10.43.25.123:8181/mes/myWebserviceEndPoint"*
> * serviceClass="my.package.serviceClassImpl"*
> * wsdlURL="wsdl/myWSDL.wsdl"*
> * serviceName="p1:serviceNameFromWsdl"*
> * xmlns:p1="my.sample.webservice.wsdl.targetNamespace" xmlns:soap="
> http://schemas.xmlsoap.org/wsdl/soap/">*
> * <cxf:inInterceptors>*
> *
> *
> * <ref bean="securityInterceptor" />*
> *
> *
> * </cxf:inInterceptors>*
> *
> *
> * </cxf:cxfEndpoint>*
> *
> *
> *
> *
> * <bean id="securityInterceptor"
>
> class="outotec.com.mes.bw.copper_recovery_perc.BasicAuthAuthorizationInterceptor">
> *
> * <property name="users">*
> * <map>*
> * <entry key="${fuse_userID}" value="${fuse_userPassword}" />*
> * </map>*
> * </property>*
> *
> *
> * </bean>*
>
> It works fine for me.
>
> Would be nice if you could discuss your approach here.
>
>
>
> On Fri, Oct 25, 2013 at 3:30 PM, martin11 [via Camel] <
> ml-node+s465427n5742229h78@n5.nabble.com> wrote:
>
> > Hello,
> >
> > I`m trying to set BASIC Authentication on HTTP component (camel ver.
> > 2.11.0).
> > I know that I can use header settings like this one:
> > .setHeader("Authorization", constant("Basic base64string")) and it works
> > fine.
> >
> > But I`m looking for more elegant way to setup basic auth. Something like
> > in CXF spring bean and http:authorization properties.
> >
> > --------- 1st test -------
> > So I tried to use HttpClientConfigurer:
> > <bean id="myHttpConfig"
> >
> class="org.apache.camel.component.http.BasicAuthenticationHttpClientConfigurer">
> >     <constructor-arg index="0" value="false"/>
> >     <constructor-arg index="1" value="${user}"/>
> >     <constructor-arg index="2" value="${password}"/>
> > </bean>
> >
> > and in route:
> > .to("http://
> {{server}}:{{port}}/{{address}}?httpClientConfigurerRef=myHttpConfig")
> >
> >
> > I got an error:
> > INFO  - basic authentication scheme selected
> > INFO  - No credentials available for BASIC 'WSMAN'@172.24.40.110:5985
> > org.apache.camel.component.http.HttpOperationFailedException: HTTP
> > operation failed invoking http://172.24.40.110:5985/wsman with
> > statusCode: 401
> >
> > Why is not set BASIC credentials?
> >
> > --------- 2nd test -------
> > I also try other way:
> > <bean id="myAuth"
> > class="org.apache.camel.component.http.HttpConfiguration">
> >     <property name="authMethod" value="Basic"/>
> >     <property name="authUsername" value="${user}"/>
> >     <property name="authPassword" value="${password}"/>
> > </bean>
> >
> > <bean id="http" class="org.apache.camel.component.http.HttpComponent">
> >     <property name="camelContext" ref="myContext"/>
> >     <property name="httpConfiguration" ref="myAuth"/>
> > </bean>
> >
> > and in route:
> > .to("http://{{server}}:{{port}}/{{address}}")
> >
> > I got an error:
> > INFO  - Basic authentication scheme selected
> > java.io.IOException: Server returned HTTP response code: 400 for URL:
> > http://172.24.40.110:5985/wsman
> >
> >
> > What is the correct configuration for http basic authentication?
> >
> > Thanks for any advice.
> >
> > ------------------------------
> >  If you reply to this email, your message will be added to the discussion
> > below:
> >
> http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229.html
> >  To unsubscribe from Camel - Users, click here<
> http://camel.465427.n5.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=465428&code=Y29udGFjdHJlamlAZ21haWwuY29tfDQ2NTQyOHwxMDA0OTE4MjMz
> >
> > .
> > NAML<
> http://camel.465427.n5.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml
> >
> >
>
>
>
>
> --
> View this message in context:
> http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742239.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message