+/*]]>*/

Authentication
- Basic Authentication
- Digest Authentication
- Supplying dynamic authorization
- Spnego Authentication (Kerberos)
  - Credential Delegation
  @@ -286,7 +286,7 @@ http.setClient(httpClientPolicy); </http-conf:conduit> ... ]]> -

The http-conf:conduit element has a number of child elements that specify configuration information. They are described below. See also Sun's JSSE Guide for more information on configuring SSL.

Element	Description
`http-conf:client`	Specifies the HTTP connection properties such as timeouts, keep-alive requests, content types, etc.
`http-conf:authorization`	Sp ecifies the the parameters for configuring the basic authentication method that the endpoint uses preemptively.
`http-conf:proxyAuthorization`	Specifies the parameters for configuring basic authentication against outgoing HTTP proxy servers.
`http-conf:tlsClientParameters`	Specifies the parameters used to configure SSL/TLS.
`http-conf:basicAuthSupplier`	Specifies the bean reference or class name of the object that supplies the the basic authentication information used by the endpoint both preemptively or in response to a 401 HTTP challenge.
`http-conf:trustDecider`	Specifies the bean reference or class name of the object that checks the HTTP(S) URLConnection object in order to establish trust for a connection with an HTTPS service provider before any information is transmitted.

The `client` element

The http-conf:client element is used to configure the non-security properties of a client's HTTP connection. Its attributes, described below, specify the connection's properties.

< td colspan="1" rowspan="1" class="confluenceTd">

Specifies the amount of time, in milliseconds, that the client will attempt to establish a connection before it times out. The default is 30000 (30 seconds).
0 specifies that the client will continue to attempt to open a connection indefinitely.

< tr>

Attribute	Description
`ConnectionTimeout`
`ReceiveTimeout`	Specifies the amount of time, in milliseconds, that the client will wait for a response before it times out. The default is 60000. 0 specifies that the client will wait indefinitely.
`AutoRedirect`	Specifies if the client will automatically follow a server issued redirection. The default is false.
`MaxRetransmits`	Specifies the maximum number of times a client will retransmit a request to satisfy a redirect. The default is -1 which specifies that unlimited retransmissions are allowed.
`AllowChunking`	Specifies whether the client will send requests using chunking. The default is true which specifies that the client will use chunking when sending requests. Chunking cannot be used used if either of the following are true: `http-conf:basicAuthSupplier` is configured to provide credentials preemptively. `AutoRedirect` is set to true. In both cases the value of `AllowChunking` is i gnored and chunking is disallowed. See note about chunking below.
`ChunkingThreshold`	Specifies the threshold at which CXF will switch from non-chunking to chunking. By default, messages less than 4K are buffered and sent non-chunked. Once this threshold is reached, the message is chunked.
`Accept`	Specifies what media types the client is prepared to handle. The value is used as the value of the HTTP `Accept` property. The value of the attribute is specified using as multipurpose internet mail extensions (MIME) types. See note about chunking below.
`AcceptLanguage`	Specifies what language (for example, American English) the client prefers for the purposes of receiving a response. The value is used as the value of the HTTP AcceptLanguage property. Language tags are regulated by the International Organization for Standards (ISO) and are typically formed by combining a language code, determined by the ISO-639 standard, and country code, determined by the ISO-3166 standard, separated by a hyphen. For example, en-US represents American English.
`AcceptEncoding`	Specifies what content encodings the client is prepared to handle. Content encoding labels are regulated by the Internet Assigned Numbers Authority (IANA). The value is used as the value of the HTTP `AcceptEncoding` property.
`ContentType`	Specifies the media type of the data being sent in the body of a message. Media types are specified using multipurpose internet mail extensions (MIME) types. The value is used as the value of the HTTP `ContentType` property. The default is `text/xml`. Tip: For web services, this should be set to `text/xml`. If the client is sending HTML form data to a CGI script, this should be set to application/x-www-form-urlencoded. If the HTTP POST request is bound to a fixed payload format (as opposed to SOAP), the content type is typically set to application/octet-stream.
`Host`	Specifies the Internet host and port number of the resource on which the request is being invoked. The value is used as the value of the HTTP `Host` property. Tip: This attribute is typically not required. It is only required by certain DNS scenarios or application designs. For example, it indicates what host the client prefers for clusters (that is, for virtual servers mapping to the same Internet protocol (IP) address).
`Connection`	Specifies whether a particular connection is to be kept open or closed after each request/response dialog. There are two valid values: `Keep-Alive`(default) specifies that the client wants to keep its connection open after the initial request/response sequence. If the server honors it, the connection is kept open until the consumer closes it. `close` s pecifies that the connection to the server is closed after each request/response sequence.
`CacheControl`	Specifies directives about the behavior that must be adhered to by caches involved in the chain comprising a request from a client to a server.
`Cookie`	Specifies a static cookie to be sent with all requests.
`BrowserType`	Specifies information about the browser from which the request originates. In the HTTP specification from the World Wide Web consortium (W3C) this is also known as the user-agent. Some servers optimize based upon the client that is s ending the request.
`Referer`	Specifies the URL of the resource that directed the consumer to make requests on a particular service. The value is used as the value of the HTTP Referer property. Note: This HTTP property is used when a request is the result of a browser user clicking on a hyperlink rather than typing a URL. This can allow the server to optimize processing based upon previous task flow, and to generate lists of back-links to resources for the purposes of logging, optimized caching, tracing of obsolete or mistyped links, and so on. However, it is typically not used in web services applications. Important: If the AutoRedirect attribute is set to true and the request is redirected, any value specified in the Refe rerattribute is overridden. The value of the HTTP Referer property will be set to the URL of the service who redirected the consumer's original request.
`DecoupledEndpoint`	Specifies the URL of a decoupled endpoint for the receipt of responses over a separate server->client connection. Warning: You must configure both the client and server to use WS-Addressing for the decoupled endpoint to work.
`ProxyServer`	Specifies the URL of the proxy server through which requests are routed.
`ProxyServerPort`	Specifie s the port number of the proxy server through which requests are routed.
`ProxyServerType`	Specifies the type of proxy server used to route requests. Valid values are: HTTP(default) SOCKS

Example using the `Client` Element

The example below shows a the configuration for an HTTP client that wants to keep its connection to the server open between requests, will only retransmit requests once per invocation, and cannot use chunking streams.

HTTP Consumer Endpoint Configuration

+

The http-conf:conduit element has a number of child elements that specify configuration information. They are described below. See also Sun's JSSE Guide for more information on configuring SSL.

Element	Description
`http-conf:client`	Specifies the HTTP connection properties such as timeouts, keep-alive requests, content types, etc.
`http-conf:authorization`	Sp ecifies the the parameters for configuring the basic authentication method that the endpoint uses preemptively.
`http-conf:proxyAuthorization`	Specifies the parameters for configuring basic authentication against outgoing HTTP proxy servers.
`http-conf:tlsClientParameters`	Specifies the parameters used to configure SSL/TLS.
`http-conf:basicAuthSupplier`	Specifies the bean reference or class name of the object that supplies the the basic authentication information used by the endpoint both preemptively or in response to a 401 HTTP challenge.
`http-conf:trustDecider`	Specifies the bean reference or class name of the object that checks the HTTP(S) URLConnection object in order to establish trust for a connection with an HTTPS service provider before any information is transmitted.

The `client` element

The http-conf:client element is used to configure the non-security properties of a client's HTTP connection. Its attributes, described below, specify the connection's properties.

< td colspan="1" rowspan="1" class="confluenceTd">

Specifies the amount of time, in milliseconds, that the client will attempt to establish a connection before it times out. The default is 30000 (30 seconds).
0 specifies that the client will continue to attempt to open a connection indefinitely.

< tr>

Attribute	Description
`ConnectionTimeout`
`ReceiveTimeout`	Specifies the amount of time, in milliseconds, that the client will wait for a response before it times out. The default is 60000. 0 specifies that the client will wait indefinitely.
`AutoRedirect`	Specifies if the client will automatically follow a server issued redirection. The default is false.
`MaxRetransmits`	Specifies the maximum number of times a client will retransmit a request to satisfy a redirect. The default is -1 which specifies that unlimited retransmissions are allowed.
`AllowChunking`	Specifies whether the client will send requests using chunking. The default is true which specifies that the client will use chunking when sending requests. Chunking cannot be used used if either of the following are true: `http-conf:basicAuthSupplier` is configured to provide credentials preemptively. `AutoRedirect` is set to true. In both cases the value of `AllowChunking` is i gnored and chunking is disallowed. See note about chunking below.
`ChunkingThreshold`	Specifies the threshold at which CXF will switch from non-chunking to chunking. By default, messages less than 4K are buffered and sent non-chunked. Once this threshold is reached, the message is chunked.
`Accept`	Specifies what media types the client is prepared to handle. The value is used as the value of the HTTP `Accept` property. The value of the attribute is specified using as multipurpose internet mail extensions (MIME) types. See note about chunking below.
`AcceptLanguage`	Specifies what language (for example, American English) the client prefers for the purposes of receiving a response. The value is used as the value of the HTTP AcceptLanguage property. Language tags are regulated by the International Organization for Standards (ISO) and are typically formed by combining a language code, determined by the ISO-639 standard, and country code, determined by the ISO-3166 standard, separated by a hyphen. For example, en-US represents American English.
`AcceptEncoding`	Specifies what content encodings the client is prepared to handle. Content encoding labels are regulated by the Internet Assigned Numbers Authority (IANA). The value is used as the value of the HTTP `AcceptEncoding` property.
`ContentType`	Specifies the media type of the data being sent in the body of a message. Media types are specified using multipurpose internet mail extensions (MIME) types. The value is used as the value of the HTTP `ContentType` property. The default is `text/xml`. Tip: For web services, this should be set to `text/xml`. If the client is sending HTML form data to a CGI script, this should be set to application/x-www-form-urlencoded. If the HTTP POST request is bound to a fixed payload format (as opposed to SOAP), the content type is typically set to application/octet-stream.
`Host`	Specifies the Internet host and port number of the resource on which the request is being invoked. The value is used as the value of the HTTP `Host` property. Tip: This attribute is typically not required. It is only required by certain DNS scenarios or application designs. For example, it indicates what host the client prefers for clusters (that is, for virtual servers mapping to the same Internet protocol (IP) address).
`Connection`	Specifies whether a particular connection is to be kept open or closed after each request/response dialog. There are two valid values: `Keep-Alive`(default) specifies that the client wants to keep its connection open after the initial request/response sequence. If the server honors it, the connection is kept open until the consumer closes it. `close` s pecifies that the connection to the server is closed after each request/response sequence.
`CacheControl`	Specifies directives about the behavior that must be adhered to by caches involved in the chain comprising a request from a client to a server.
`Cookie`	Specifies a static cookie to be sent with all requests.
`BrowserType`	Specifies information about the browser from which the request originates. In the HTTP specification from the World Wide Web consortium (W3C) this is also known as the user-agent. Some servers optimize based upon the client that is s ending the request.
`Referer`	Specifies the URL of the resource that directed the consumer to make requests on a particular service. The value is used as the value of the HTTP Referer property. Note: This HTTP property is used when a request is the result of a browser user clicking on a hyperlink rather than typing a URL. This can allow the server to optimize processing based upon previous task flow, and to generate lists of back-links to resources for the purposes of logging, optimized caching, tracing of obsolete or mistyped links, and so on. However, it is typically not used in web services applications. Important: If the AutoRedirect attribute is set to true and the request is redirected, any value specified in the Refe rerattribute is overridden. The value of the HTTP Referer property will be set to the URL of the service who redirected the consumer's original request.
`DecoupledEndpoint`	Specifies the URL of a decoupled endpoint for the receipt of responses over a separate server->client connection. Warning: You must configure both the client and server to use WS-Addressing for the decoupled endpoint to work.
`ProxyServer`	Specifies the URL of the proxy server through which requests are routed.
`ProxyServerPort`	Specifie s the port number of the proxy server through which requests are routed.
NonProxyHosts	Specifies a list of hosts that should be directly routed. This value is a list of patterns separated by '\|', where each pattern may start or end with a '*' for wildcard matching.
`ProxyServerType`	Specifies the type of proxy server used to route requests. Valid values are: HTTP(default) SOCKS

Example using the `Client` Element

The example below shows a the configuration for an HTTP client that wants to keep its connection to the server open between requests, will only retransmit requests once per invocation, and cannot use chunking streams.

HTTP Consumer Endpoint Configuration

The client element

Example using the Client Element

The client element

Example using the Client Element

The `client` element

Example using the `Client` Element

The `client` element

Example using the `Client` Element