cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gdprao <gdp...@yahoo.com>
Subject Re: HTTP Basic Auth with wsdl2java generated Client
Date Thu, 02 Aug 2007 20:19:10 GMT

Hi Dan,

Thanks for digging into the problem.  I have tried your suggestion. I have
dowloaded the WSDL and supplied WSDL file path instead of http URL to the
client and invoked the service, it worked fine and authentication was
successful. But  you mean the client should be allowed to dowload the WSDL
without authentication and then at the time of invocation should it enforce
authentication?  If that is the case, I would like to know as to how can I
configure basic authentication for the CXF web service.  I have the
following Basic authentication configured for the /services/* url-pattern in
my web.xml as follows:


	<servlet>
		<servlet-name>CXFServlet</servlet-name>
		<display-name>CXF Servlet</display-name>
		<servlet-class>
			org.apache.cxf.transport.servlet.CXFServlet
		</servlet-class>
		<load-on-startup>1</load-on-startup>
	</servlet>

	<servlet-mapping>
		<servlet-name>CXFServlet</servlet-name>
		<url-pattern>/services/*</url-pattern>
	</servlet-mapping>

	<security-constraint>
		<web-resource-collection>
			<web-resource-name>AllServices</web-resource-name>
			<url-pattern>/services/*</url-pattern>
		</web-resource-collection>
		<auth-constraint>
			<role-name>admin</role-name>
		</auth-constraint>
	</security-constraint>
	<login-config>
		<auth-method>BASIC</auth-method>
		<realm-name>ProtectedArea</realm-name>
	</login-config>
	<security-role>
		<role-name>admin</role-name>
	</security-role>

Thanks,
Durga


dkulp wrote:
> 
> 
> Hmmm....  this is for the WSDL.    I'm not sure if the code for grabbing 
> the wsdl via HTTP works with the Auth stuff yet.  (I'm pretty sure it 
> doesn't actually now that I think about it)
> 
> Can you download the wsdl manually an point the client at the downloaded 
> wsdl and see if it can communicate?    
> 
> My gut feeling says the invoke communication will work, but the wsdl get 
> stuff won't.  
> 
> Dan
> 
> On Thursday 02 August 2007 15:07, gdprao wrote:
>> Hi,
>>
>> Thanks for the reply.  Please see my following client code and TCP
>> monitor logs.
>>
>> Client Code:
>> ------------
>> SOAPService ss = new SOAPService(wsdlURL, SERVICE_NAME);
>>         Greeter port = ss.getSoapPort();
>> //HTTP authentication code
>>         BindingProvider bp = (BindingProvider)port;
>>        
>> //bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
>> "admin");
>>        
>> //bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
>> "admin");
>>         AuthorizationPolicy authzPolicy =
>>             new AuthorizationPolicy();
>>         authzPolicy.setUserName("admin");
>>         authzPolicy.setPassword("admin");
>>         bp.getRequestContext().put(
>>             AuthorizationPolicy.class.getName(),
>>             authzPolicy
>>         );
>>
>>         System.out.println("Invoking sayHi...");
>>         java.lang.String _sayHi_string = port.sayHi();
>>         System.out.println("Message from service: "+_sayHi_string);
>>
>>
>> applicationContext-cxf.xml:
>> --------------------------
>>
>> <bean id="authWebService"
>> 		class="org.apache.hello_world_soap_http.GreeterImpl">
>> 	</bean>
>>
>> 	<jaxws:endpoint id="authService" implementor="#authWebService"
>> 		address="/GreeterService"/>
>>
>>
>> Request Headers:
>> ----------------
>>
>> GET /authtest/services/GreeterService?wsdl HTTP/1.1
>> User-Agent: Java/1.5.0_11
>> Host: localhost:8080
>> Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
>> Connection: keep-alive
>>
>> Response Headers:
>> ------------------
>>
>> HTTP/1.1 401 Unauthorized
>> Server: Apache-Coyote/1.1
>> Pragma: No-cache
>> Cache-Control: no-cache
>> Expires: Wed, 31 Dec 1969 16:00:00 PST
>> WWW-Authenticate: Basic realm="ProtectedArea"
>> Content-Type: text/html;charset=utf-8
>> Content-Length: 954
>> Date: Thu, 02 Aug 2007 18:53:19 GMT
>>
>> Howerver when I tried the same web service using REST url from the
>> browser, it was successful.
>>
>> http://localhost:8080/authtest/services/GreeterService/sayHi
>>
>> The request headers in tcpmon is as follows:
>>
>> GET /authtest/services/GreeterService/sayHi HTTP/1.1
>> Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
>> application/x-shockwave-flash, application/vnd.ms-excel,
>> application/vnd.ms-powerpoint, application/msword,
>> application/xaml+xml, application/vnd.ms-xpsdocument,
>> application/x-ms-xbap,
>> application/x-ms-application, */*
>> Accept-Language: en-us
>> UA-CPU: x86
>> Accept-Encoding: gzip, deflate
>> User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; WOW64;
>> SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; InfoPath.1; .NET CLR
>> 3.0.04506.30) Host: localhost:8080
>> Connection: Keep-Alive
>> Authorization: Basic YWRtaW46YWRtaW4=
>>
>> Appreciate for the help.
>>
>> Thanks,
>> Durga
>>
>> Willem Jiang-2 wrote:
>> > Can you elaborate the configuration of the CXF web service?
>> > Again,:
>> > Can you use tcpmon[1] to check the authentication informantion has
>> > been set
>> > into the http headers?
>> >
>> > [1] https://tcpmon.dev.java.net/
>> >
>> > Willem.
>> >
>> > gdprao wrote:
>> >> Hi,
>> >>
>> >> I have tried all the options mentioned for the CXF client on this
>> >> thread with username and password to invoke a CXF web service which
>> >> is set up with
>> >> HTTP basic authentication.  I am getting HTTP 401K status code. I
>> >> am using
>> >> CXF 2.0 release version. Can someone shed light on this.
>> >>
>> >> Thanks,
>> >> Durga
>> >>
>> >> Axel Becker wrote:
>> >>> Hi Willem,
>> >>>
>> >>> it follows a log file snip that i created with the tomcat request
>> >>> dumper valve. nearly at the end you can see that the authType is
>> >>> null
>> >>>
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]: REQUEST URI
>> >>> =/GDHSService/services/INFOService
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> authType=null
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> characterEncoding=UTF-8
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> contentLength=-1
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> contentType=text/xml; charset=UTF-8
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> contextPath=/GDHSService
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> header=content-type=text/xml; charset=UTF-8
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> header=soapaction=""
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> header=cache-control=no-cache
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> header=pragma=no-cache
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> header=user-agent=Java/1.5.0_11
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> header=host=localhost:8080
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> header=accept=text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> header=connection=keep-alive
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> header=transfer-encoding=chunked
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> locale=de_DE
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> method=POST
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> pathInfo=/INFOService
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> protocol=HTTP/1.1
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> queryString=null
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> remoteAddr=127.0.0.1
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> remoteHost=127.0.0.1
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> remoteUser=null
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> requestedSessionId=null
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> scheme=http
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> serverName=localhost
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> serverPort=8080
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> servletPath=/services
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> isSecure=false
>> >>> 2007-07-25 19:19:54 RequestDumperValve[/GDHSService]:
>> >>> ---------------------------------------------------------------
>> >>> 2007-07-25 19:19:59 RequestDumperValve[/GDHSService]:
>> >>> ---------------------------------------------------------------
>> >>> 2007-07-25 19:19:59 RequestDumperValve[/GDHSService]:
>> >>> authType=null
>> >>> 2007-07-25 19:19:59 RequestDumperValve[/GDHSService]:
>> >>> contentLength=-1
>> >>> 2007-07-25 19:19:59 RequestDumperValve[/GDHSService]:
>> >>> contentType=text/xml;charset=utf-8
>> >>> 2007-07-25 19:19:59 RequestDumperValve[/GDHSService]:
>> >>> header=Content-Type=text/xml;charset=utf-8
>> >>> 2007-07-25 19:19:59 RequestDumperValve[/GDHSService]:
>> >>> header=Transfer-Encoding=chunked
>> >>> 2007-07-25 19:19:59 RequestDumperValve[/GDHSService]:
>> >>> header=Date=Wed, 25 Jul 2007 17:19:59 GMT
>> >>> 2007-07-25 19:19:59 RequestDumperValve[/GDHSService]:
>> >>> header=Server=Apache-Coyote/1.1
>> >>> 2007-07-25 19:19:59 RequestDumperValve[/GDHSService]:
>> >>> header=Connection=close
>> >>> 2007-07-25 19:19:59 RequestDumperValve[/GDHSService]:
>> >>> message=null
>> >>> 2007-07-25 19:19:59 RequestDumperValve[/GDHSService]:
>> >>> remoteUser=null
>> >>> 2007-07-25 19:19:59 RequestDumperValve[/GDHSService]:
>> >>> status=500
>> >>> 2007-07-25 19:19:59 RequestDumperValve[/GDHSService]:
>> >>> ===============================================================
>> >>>
>> >>> thanks for your help
>> >>> Axel
>> >>>
>> >>> Willem Jiang-2 wrote:
>> >>>> Hi Axel,
>> >>>>
>> >>>> I checked the HTTPConduit code, your way to set the http basic
>> >>>> authentication is right.
>> >>>>
>> >>>> Can you use tcpmon to check the authentication informantion has
>> >>>> been set
>> >>>> into the http headers?
>> >>>>
>> >>>> If not, I think it must be the CXF's bug.
>> >>>>
>> >>>>
>> >>>> Willem.
>> >>>>
>> >>>> Axel Becker wrote:
>> >>>>> Hi,
>> >>>>>
>> >>>>> i generated the client code with the wsdl2java from an existing
>> >>>>> wsdl.
>> >>>>>
>> >>>>> now i want to connect to this service (it is an axis 1
>> >>>>> webservice). the
>> >>>>> service ist protected with a http basic authentication. i use
>> >>>>> the following
>> >>>>> code, but it doesnt work :-(
>> >>>>>
>> >>>>> INFOServiceService ss = new INFOServiceService(SERVICE_URL,
>> >>>>> SERVICE_NAME);
>> >>>>>
>> >>>>> Client client = ClientProxy.getClient(ss.getINFOService());
>> >>>>> HTTPConduit httpConduit = (HTTPConduit) client.getConduit();
>> >>>>>
>> >>>>> httpConduit.getAuthorization().setUserName("username1");
>> >>>>> httpConduit.getProxyAuthorization().setUserName("username1");
>> >>>>>
>> >>>>> INFOService service = ss.getINFOService();
>> >>>>> //do somthing with service
>> >>>>>
>> >>>>> Where is the mistake?
>> >>>>>
>> >>>>> Thanks for your help!
>> >>>>> Axel
>> >>>>>
>> >>>>>
>> >>>>> PS: the serverside (axis1) code to get the auth parameter is:
>> >>>>> String username =
>> >>>>> MessageContext.getCurrentContext().getUsername();
> 
> -- 
> J. Daniel Kulp
> Principal Engineer
> IONA
> P: 781-902-8727    C: 508-380-7194
> daniel.kulp@iona.com
> http://www.dankulp.com/blog
> 
> 

-- 
View this message in context: http://www.nabble.com/HTTP-Basic-Auth-with-wsdl2java-generated-Client-tf4148070.html#a11971969
Sent from the cxf-user mailing list archive at Nabble.com.


Mime
View raw message