cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andreas Veithen <andreas.veit...@gmail.com>
Subject Re: Http basic authentication in JAX RS
Date Fri, 05 Feb 2010 14:46:20 GMT
What Sergey actually wants you to do is to check if that information
reaches the JAX-RS service, i.e. to try retrieving this information
using a method parameter annotated with @HeaderParam("Authorization").

Andreas

On Fri, Feb 5, 2010 at 15:36, SaravananRamamoorthy
<saravanan.ramamoorthy.s@gmail.com> wrote:
>
> Hi Sergey,
>
>
> Thanks for your continuous help.
> I can able to get the value when the values are given in the header part.
> What is the case if the credentials are given in Authentication part.
> I have attached the screenshot for giving the credentials in aut part.
> In this case how can I retrieve the details.
> http://old.nabble.com/file/p27468603/authentication.PNG authentication.PNG
>
> Regards
> SaravananRamamoorthy
>
>
> Sergey Beryozkin-2 wrote:
>>
>> Can you post the value of this header please ?
>> cheers, Sergey
>>
>>>
>>> Hi Sergey,
>>>
>>> Yes. The authorization header is sent by the client. I have used SOAPUI
>>> for
>>> this.
>>>
>>> Regards
>>> SaravananRamamoorthy
>>>
>>>
>>>
>>> Sergey Beryozkin-2 wrote:
>>>>
>>>> I've already asked twice : is Authorization header actually being sent
>>>> by
>>>> a client ?
>>>> Can you tell me please if it is the case or not ? Try adding a JAXRS
>>>>
>>>> @HeaderParam("Authorization") String value
>>>>
>>>> to your jaxrs resource method and print the resulting value.
>>>>
>>>> cheers. Sergey
>>>>
>>>>
>>>>>
>>>>> Hi Sergey,
>>>>>
>>>>> I tried with MessageContext , MessageContextImpl and SecurityContext.
>>>>> But
>>>>> it
>>>>> always return null.
>>>>> Do we need anything to be configure in web.xml?
>>>>> Regards
>>>>> SaravananRamamoorthy
>>>>>
>>>>>
>>>>>
>>>>> Sergey Beryozkin-2 wrote:
>>>>>>
>>>>>> Please check
>>>>>>
>>>>>> http://cxf.apache.org/docs/debugging-and-logging.html
>>>>>>
>>>>>> and see the list of tools you can use to check if the Authorization
>>>>>> header
>>>>>> is actually available on the wire. I also like TcpTrace :
>>>>>> http://www.pocketsoap.com/tcptrace/
>>>>>>
>>>>>> Provided this header is present, you can parse it manually by using
>>>>>> JAXRS
>>>>>> @HeaderParam. I'm sure there're plenty of Base64 decoding
>>>>>> utils around and CXF has the one too
>>>>>> (org.apache.cxf.common.util.Base64Utility).
>>>>>>
>>>>>> Alternatively youy can have a @Context MessageContext parameter passed
>>>>>> in
>>>>>> too and then do
>>>>>> mc.get(AuthorizationPolicy.class.getName());
>>>>>>
>>>>>> Sergey
>>>>>>
>>>>>> ----- Original Message -----
>>>>>> From: "SaravananRamamoorthy" <saravanan.ramamoorthy.s@gmail.com>
>>>>>> To: <users@cxf.apache.org>
>>>>>> Sent: Wednesday, February 03, 2010 4:29 PM
>>>>>> Subject: Re: Http basic authentication in JAX RS
>>>>>>
>>>>>>
>>>>>>>
>>>>>>> Hi Sergey,
>>>>>>>
>>>>>>> Thanks for your suggestions.
>>>>>>>
>>>>>>> I am new to apache cxf.
>>>>>>>
>>>>>>> Is there any direct interface or context availabe to receive
the
>>>>>>> authentication details just like @QueryParam.(for receiving query
>>>>>>> string).
>>>>>>>
>>>>>>> It is enough to print the username and the password in the console.
>>>>>>>
>>>>>>> Please provide the solution.
>>>>>>>
>>>>>>> Regards
>>>>>>> Saravanan R
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Sergey Beryozkin-2 wrote:
>>>>>>>>
>>>>>>>> Actually, just looked at the source of MessageContextImpl,
it should
>>>>>>>> be
>>>>>>>> mc.get(AuthorizationPolicy.class.getName()) when retrieving
>>>>>>>> it from MessageContext given that uses toString() on the
object
>>>>>>>> keys.
>>>>>>>> Also make sure you're actually seeing an Authorization header
on the
>>>>>>>> wire
>>>>>>>>
>>>>>>>> cheers, Sergey
>>>>>>>>
>>>>>>>>>
>>>>>>>>> Hi Sergey,
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> I tried with your suggestions like
>>>>>>>>>
>>>>>>>>> public Response getCredentials(@Context MessageContext
mc)
>>>>>>>>> {
>>>>>>>>> AuthorizationPolicy policy =
>>>>>>>>> (AuthorizationPolicy)mc.get(AuthorizationPolicy.class);
>>>>>>>>>                System.out.println(policy.getUserName());
>>>>>>>>>                .......
>>>>>>>>>                .......
>>>>>>>>> When I tried to give the Authentication from SOAP UI,
I got null.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Please correct me where I did the mistake.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Regards
>>>>>>>>> Saravanan R
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Sergey Beryozkin-2 wrote:
>>>>>>>>>>
>>>>>>>>>> Hi
>>>>>>>>>>
>>>>>>>>>> The only way at the moment to get AuthorizationPolicy
object in
>>>>>>>>>> the
>>>>>>>>>> app
>>>>>>>>>> code is to do something like this :
>>>>>>>>>>
>>>>>>>>>> @Context MessageContext mc;
>>>>>>>>>> ....
>>>>>>>>>> AuthorizationPolicy policy =
>>>>>>>>>> (AuthorizationPolicy)mc.get(AuthorizationPolicy.class);
>>>>>>>>>>
>>>>>>>>>> cheers, Sergey
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Hi All,
>>>>>>>>>>>
>>>>>>>>>>> I am creating REST application using JAX RS.
>>>>>>>>>>>
>>>>>>>>>>> I am using SOAPUI to test the application.
>>>>>>>>>>>
>>>>>>>>>>> My Rest needs to receive the Http Basic Authentication
from the
>>>>>>>>>>> SOAPUI.
>>>>>>>>>>>
>>>>>>>>>>> I just want to receive the authentication details
like
>>>>>>>>>>> username,password and
>>>>>>>>>>> domain in JAX RS method.
>>>>>>>>>>>
>>>>>>>>>>> Can anyone give the idea how to get the authentication
details in
>>>>>>>>>>> the
>>>>>>>>>>> parameter of the method.
>>>>>>>>>>
>>>>>>>>>> I ended up not needing this, but I experimented with
creating an
>>>>>>>>>> "AuthorizationRequestHandler" class (implements RequestHandler)
>>>>>>>>>> and
>>>>>>>>>> putting that in my "jaxrs:providers" list.  That
requires a
>>>>>>>>>> "handleRequest(Message message, ClassResourceInfo
>>>>>>>>>> classResourceInfo)"
>>>>>>>>>> method, where I can call "AuthorizationPolicy policy
 =
>>>>>>>>>> message.get(AuthorizationPolicy.class);".  The AuthorizationPolicy
>>>>>>>>>> contains the username and password.
>>>>>>>>>>
>>>>>>>>>> What is not clear to me, however, is where this object
is
>>>>>>>>>> available
>>>>>>>>>> somehow at the controller level.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> View this message in context:
>>>>>>>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27437539.html
>>>>>>>>> Sent from the cxf-user mailing list archive at Nabble.com.
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> View this message in context:
>>>>>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27439212.html
>>>>>>> Sent from the cxf-user mailing list archive at Nabble.com.
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>> --
>>>>> View this message in context:
>>>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27452426.html
>>>>> Sent from the cxf-user mailing list archive at Nabble.com.
>>>>>
>>>>
>>>>
>>>
>>> --
>>> View this message in context:
>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27467082.html
>>> Sent from the cxf-user mailing list archive at Nabble.com.
>>>
>>
>>
>
> --
> View this message in context: http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27468603.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>
>

Mime
View raw message