cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: Http proxy with STS
Date Mon, 28 Apr 2014 15:57:20 GMT
The simplest way of doing this is to just define http:conduit in Spring as
per the following, which should get picked up by all clients:

https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/cxf-client.xml;h=41291d063acd23090424add371f816e8bba38bd7;hb=HEAD

I'm not sure offhand how this can be done in code.

Colm.


On Sat, Apr 26, 2014 at 12:48 AM, lotos <splevko@gmail.com> wrote:

> I just faced with the problem that if I use http proxy and STS at the same
> time it doesn't work.
> Conversation regarding security token doesn't go through the proxy. Only
> main request goes through the proxy. As a result it's not possible to get
> that token at all.
>
> *Is it possible to force CXF to use proxy for all network communications?*
>
> *Java code for proxy*
>
>        / Client client = ClientProxy.getClient(port);
>         HTTPConduit http = (HTTPConduit) client.getConduit();
>
>         HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
>         httpClientPolicy.setProxyServer("localhost");
>         httpClientPolicy.setProxyServerPort(3128);
>         http.setClient(httpClientPolicy);/
>
> *Policy part of the WSDL:*
> /<wsp:Policy wsu:Id="WSHttpBinding_IAccountService_policy">
>         <wsp:ExactlyOne>
>             <wsp:All>
>                 <sp:TransportBinding
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>                     <wsp:Policy>
>                         <sp:TransportToken>
>                             <wsp:Policy>
>                                 <sp:HttpsToken
> RequireClientCertificate="false"/>
>                             </wsp:Policy>
>                         </sp:TransportToken>
>                         <sp:AlgorithmSuite>
>                             <wsp:Policy>
>                                 <sp:Basic256/>
>                             </wsp:Policy>
>                         </sp:AlgorithmSuite>
>                         <sp:Layout>
>                             <wsp:Policy>
>                                 <sp:Strict/>
>                             </wsp:Policy>
>                         </sp:Layout>
>                         <sp:IncludeTimestamp/>
>                     </wsp:Policy>
>                 </sp:TransportBinding>
>                 <sp:EndorsingSupportingTokens
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>                     <wsp:Policy>
>                         <sp:SecureConversationToken
>
> sp:IncludeToken="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient
> ">
>                             <wsp:Policy>
>                                 <sp:BootstrapPolicy>
>                                     <wsp:Policy>
>                                         <sp:SignedParts>
>                                             <sp:Body/>
>                                             <sp:Header Name="To"
> Namespace="http://www.w3.org/2005/08/addressing"/>
>                                             <sp:Header Name="From"
> Namespace="http://www.w3.org/2005/08/addressing"/>
>                                             <sp:Header Name="FaultTo"
> Namespace="http://www.w3.org/2005/08/addressing"/>
>                                             <sp:Header Name="ReplyTo"
> Namespace="http://www.w3.org/2005/08/addressing"/>
>                                             <sp:Header Name="MessageID"
>
> Namespace="http://www.w3.org/2005/08/addressing"/>
>                                             <sp:Header Name="RelatesTo"
>
> Namespace="http://www.w3.org/2005/08/addressing"/>
>                                             <sp:Header Name="Action"
> Namespace="http://www.w3.org/2005/08/addressing"/>
>                                         </sp:SignedParts>
>                                         <sp:EncryptedParts>
>                                             <sp:Body/>
>                                         </sp:EncryptedParts>
>                                         <sp:TransportBinding>
>                                             <wsp:Policy>
>                                                 <sp:TransportToken>
>                                                     <wsp:Policy>
>                                                         <sp:HttpsToken
> RequireClientCertificate="false"/>
>                                                     </wsp:Policy>
>                                                 </sp:TransportToken>
>                                                 <sp:AlgorithmSuite>
>                                                     <wsp:Policy>
>                                                         <sp:Basic256/>
>                                                     </wsp:Policy>
>                                                 </sp:AlgorithmSuite>
>                                                 <sp:Layout>
>                                                     <wsp:Policy>
>                                                         <sp:Strict/>
>                                                     </wsp:Policy>
>                                                 </sp:Layout>
>                                                 <sp:IncludeTimestamp/>
>                                             </wsp:Policy>
>                                         </sp:TransportBinding>
>                                         <sp:EndorsingSupportingTokens>
>                                             <wsp:Policy>
>                                                 <sp:X509Token
>
> sp:IncludeToken="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient
> ">
>                                                     <wsp:Policy>
>
> <sp:RequireThumbprintReference/>
>
> <sp:WssX509V3Token10/>
>                                                     </wsp:Policy>
>                                                 </sp:X509Token>
>                                                 <sp:SignedParts>
>                                                     <sp:Header Name="To"
>
> Namespace="http://www.w3.org/2005/08/addressing"/>
>                                                 </sp:SignedParts>
>                                             </wsp:Policy>
>                                         </sp:EndorsingSupportingTokens>
>                                         <sp:Wss11>
>                                             <wsp:Policy>
>
> <sp:MustSupportRefThumbprint/>
>                                             </wsp:Policy>
>                                         </sp:Wss11>
>                                         <sp:Trust10>
>                                             <wsp:Policy>
>
> <sp:MustSupportIssuedTokens/>
>                                                 <sp:RequireClientEntropy/>
>                                                 <sp:RequireServerEntropy/>
>                                             </wsp:Policy>
>                                         </sp:Trust10>
>                                     </wsp:Policy>
>                                 </sp:BootstrapPolicy>
>                             </wsp:Policy>
>                         </sp:SecureConversationToken>
>                     </wsp:Policy>
>                 </sp:EndorsingSupportingTokens>
>                 <sp:Wss11
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>                     <wsp:Policy/>
>                 </sp:Wss11>
>                 <sp:Trust10
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>                     <wsp:Policy>
>                         <sp:MustSupportIssuedTokens/>
>                         <sp:RequireClientEntropy/>
>                         <sp:RequireServerEntropy/>
>                     </wsp:Policy>
>                 </sp:Trust10>
>                 <wsaw:UsingAddressing/>
>             </wsp:All>
>         </wsp:ExactlyOne>
>     </wsp:Policy>/
>
>
>
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/Http-proxy-with-STS-tp5743324.html
> Sent from the cxf-dev mailing list archive at Nabble.com.
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message