cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andreas Veithen <andreas.veit...@gmail.com>
Subject Re: Http basic authentication in JAX RS
Date Fri, 05 Feb 2010 16:20:34 GMT
As you can see, SOAPUI doesn't send any Authorization header. Thus,
this is not a problem with CXF, but SOAPUI (unless SOAPUI only sends
the Authorization header after getting a 401/403 status code).

Andreas

On Fri, Feb 5, 2010 at 17:14, SaravananRamamoorthy
<saravanan.ramamoorthy.s@gmail.com> wrote:
>
> Hi Andread,
>
> Please find the attachment.When the values are send through Header(s) tab, I
> can able to retrieve the information using HeaderParam.
>
> Regards
> SaravananRamamoorthy http://old.nabble.com/file/p27470023/SOAP_UI.zip
> SOAP_UI.zip
>
>
>
> Andreas Veithen-2 wrote:
>>
>> In SOAPUI, after sending the request, you can switch to the "Raw" tab
>> in order to see the request (including headers) that SOAPUI has sent.
>> Can you show us this information?
>>
>> Andreas
>>
>> On Fri, Feb 5, 2010 at 16:13, SaravananRamamoorthy
>> <saravanan.ramamoorthy.s@gmail.com> wrote:
>>>
>>> Hi Andreas ,
>>>
>>> I can able to get the values, when I send the information through
>>> header.It
>>> works fine.
>>> But when I send the credentials using Authentication part,I cannot able
>>> to
>>> retrieve.
>>>
>>> Regards
>>> SaravananRamamoorthy
>>>
>>>
>>>
>>> Andreas Veithen-2 wrote:
>>>>
>>>> What Sergey actually wants you to do is to check if that information
>>>> reaches the JAX-RS service, i.e. to try retrieving this information
>>>> using a method parameter annotated with @HeaderParam("Authorization").
>>>>
>>>> Andreas
>>>>
>>>> On Fri, Feb 5, 2010 at 15:36, SaravananRamamoorthy
>>>> <saravanan.ramamoorthy.s@gmail.com> wrote:
>>>>>
>>>>> Hi Sergey,
>>>>>
>>>>>
>>>>> Thanks for your continuous help.
>>>>> I can able to get the value when the values are given in the header
>>>>> part.
>>>>> What is the case if the credentials are given in Authentication part.
>>>>> I have attached the screenshot for giving the credentials in aut part.
>>>>> In this case how can I retrieve the details.
>>>>> http://old.nabble.com/file/p27468603/authentication.PNG
>>>>> authentication.PNG
>>>>>
>>>>> Regards
>>>>> SaravananRamamoorthy
>>>>>
>>>>>
>>>>> Sergey Beryozkin-2 wrote:
>>>>>>
>>>>>> Can you post the value of this header please ?
>>>>>> cheers, Sergey
>>>>>>
>>>>>>>
>>>>>>> Hi Sergey,
>>>>>>>
>>>>>>> Yes. The authorization header is sent by the client. I have used
>>>>>>> SOAPUI
>>>>>>> for
>>>>>>> this.
>>>>>>>
>>>>>>> Regards
>>>>>>> SaravananRamamoorthy
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Sergey Beryozkin-2 wrote:
>>>>>>>>
>>>>>>>> I've already asked twice : is Authorization header actually
being
>>>>>>>> sent
>>>>>>>> by
>>>>>>>> a client ?
>>>>>>>> Can you tell me please if it is the case or not ? Try adding
a JAXRS
>>>>>>>>
>>>>>>>> @HeaderParam("Authorization") String value
>>>>>>>>
>>>>>>>> to your jaxrs resource method and print the resulting value.
>>>>>>>>
>>>>>>>> cheers. Sergey
>>>>>>>>
>>>>>>>>
>>>>>>>>>
>>>>>>>>> Hi Sergey,
>>>>>>>>>
>>>>>>>>> I tried with MessageContext , MessageContextImpl and
>>>>>>>>> SecurityContext.
>>>>>>>>> But
>>>>>>>>> it
>>>>>>>>> always return null.
>>>>>>>>> Do we need anything to be configure in web.xml?
>>>>>>>>> Regards
>>>>>>>>> SaravananRamamoorthy
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Sergey Beryozkin-2 wrote:
>>>>>>>>>>
>>>>>>>>>> Please check
>>>>>>>>>>
>>>>>>>>>> http://cxf.apache.org/docs/debugging-and-logging.html
>>>>>>>>>>
>>>>>>>>>> and see the list of tools you can use to check if
the
>>>>>>>>>> Authorization
>>>>>>>>>> header
>>>>>>>>>> is actually available on the wire. I also like TcpTrace
:
>>>>>>>>>> http://www.pocketsoap.com/tcptrace/
>>>>>>>>>>
>>>>>>>>>> Provided this header is present, you can parse it
manually by
>>>>>>>>>> using
>>>>>>>>>> JAXRS
>>>>>>>>>> @HeaderParam. I'm sure there're plenty of Base64
decoding
>>>>>>>>>> utils around and CXF has the one too
>>>>>>>>>> (org.apache.cxf.common.util.Base64Utility).
>>>>>>>>>>
>>>>>>>>>> Alternatively youy can have a @Context MessageContext
parameter
>>>>>>>>>> passed
>>>>>>>>>> in
>>>>>>>>>> too and then do
>>>>>>>>>> mc.get(AuthorizationPolicy.class.getName());
>>>>>>>>>>
>>>>>>>>>> Sergey
>>>>>>>>>>
>>>>>>>>>> ----- Original Message -----
>>>>>>>>>> From: "SaravananRamamoorthy" <saravanan.ramamoorthy.s@gmail.com>
>>>>>>>>>> To: <users@cxf.apache.org>
>>>>>>>>>> Sent: Wednesday, February 03, 2010 4:29 PM
>>>>>>>>>> Subject: Re: Http basic authentication in JAX RS
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Hi Sergey,
>>>>>>>>>>>
>>>>>>>>>>> Thanks for your suggestions.
>>>>>>>>>>>
>>>>>>>>>>> I am new to apache cxf.
>>>>>>>>>>>
>>>>>>>>>>> Is there any direct interface or context availabe
to receive the
>>>>>>>>>>> authentication details just like @QueryParam.(for
receiving query
>>>>>>>>>>> string).
>>>>>>>>>>>
>>>>>>>>>>> It is enough to print the username and the password
in the
>>>>>>>>>>> console.
>>>>>>>>>>>
>>>>>>>>>>> Please provide the solution.
>>>>>>>>>>>
>>>>>>>>>>> Regards
>>>>>>>>>>> Saravanan R
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Sergey Beryozkin-2 wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> Actually, just looked at the source of MessageContextImpl,
it
>>>>>>>>>>>> should
>>>>>>>>>>>> be
>>>>>>>>>>>> mc.get(AuthorizationPolicy.class.getName())
when retrieving
>>>>>>>>>>>> it from MessageContext given that uses toString()
on the object
>>>>>>>>>>>> keys.
>>>>>>>>>>>> Also make sure you're actually seeing an
Authorization header on
>>>>>>>>>>>> the
>>>>>>>>>>>> wire
>>>>>>>>>>>>
>>>>>>>>>>>> cheers, Sergey
>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> Hi Sergey,
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> I tried with your suggestions like
>>>>>>>>>>>>>
>>>>>>>>>>>>> public Response getCredentials(@Context
MessageContext mc)
>>>>>>>>>>>>> {
>>>>>>>>>>>>> AuthorizationPolicy policy =
>>>>>>>>>>>>> (AuthorizationPolicy)mc.get(AuthorizationPolicy.class);
>>>>>>>>>>>>>                System.out.println(policy.getUserName());
>>>>>>>>>>>>>                .......
>>>>>>>>>>>>>                .......
>>>>>>>>>>>>> When I tried to give the Authentication
from SOAP UI, I got
>>>>>>>>>>>>> null.
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> Please correct me where I did the mistake.
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> Regards
>>>>>>>>>>>>> Saravanan R
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> Sergey Beryozkin-2 wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hi
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> The only way at the moment to get
AuthorizationPolicy object
>>>>>>>>>>>>>> in
>>>>>>>>>>>>>> the
>>>>>>>>>>>>>> app
>>>>>>>>>>>>>> code is to do something like this
:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> @Context MessageContext mc;
>>>>>>>>>>>>>> ....
>>>>>>>>>>>>>> AuthorizationPolicy policy =
>>>>>>>>>>>>>> (AuthorizationPolicy)mc.get(AuthorizationPolicy.class);
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> cheers, Sergey
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Hi All,
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I am creating REST application
using JAX RS.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I am using SOAPUI to test the
application.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> My Rest needs to receive the
Http Basic Authentication from
>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>> SOAPUI.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I just want to receive the authentication
details like
>>>>>>>>>>>>>>> username,password and
>>>>>>>>>>>>>>> domain in JAX RS method.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Can anyone give the idea how
to get the authentication
>>>>>>>>>>>>>>> details
>>>>>>>>>>>>>>> in
>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>> parameter of the method.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I ended up not needing this, but
I experimented with creating
>>>>>>>>>>>>>> an
>>>>>>>>>>>>>> "AuthorizationRequestHandler" class
(implements
>>>>>>>>>>>>>> RequestHandler)
>>>>>>>>>>>>>> and
>>>>>>>>>>>>>> putting that in my "jaxrs:providers"
list.  That requires a
>>>>>>>>>>>>>> "handleRequest(Message message, ClassResourceInfo
>>>>>>>>>>>>>> classResourceInfo)"
>>>>>>>>>>>>>> method, where I can call "AuthorizationPolicy
policy  =
>>>>>>>>>>>>>> message.get(AuthorizationPolicy.class);".
 The
>>>>>>>>>>>>>> AuthorizationPolicy
>>>>>>>>>>>>>> contains the username and password.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> What is not clear to me, however,
is where this object is
>>>>>>>>>>>>>> available
>>>>>>>>>>>>>> somehow at the controller level.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> --
>>>>>>>>>>>>> View this message in context:
>>>>>>>>>>>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27437539.html
>>>>>>>>>>>>> Sent from the cxf-user mailing list archive
at Nabble.com.
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> View this message in context:
>>>>>>>>>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27439212.html
>>>>>>>>>>> Sent from the cxf-user mailing list archive at
Nabble.com.
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> View this message in context:
>>>>>>>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27452426.html
>>>>>>>>> Sent from the cxf-user mailing list archive at Nabble.com.
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> View this message in context:
>>>>>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27467082.html
>>>>>>> Sent from the cxf-user mailing list archive at Nabble.com.
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>> --
>>>>> View this message in context:
>>>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27468603.html
>>>>> Sent from the cxf-user mailing list archive at Nabble.com.
>>>>>
>>>>>
>>>>
>>>>
>>>
>>> --
>>> View this message in context:
>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27469191.html
>>> Sent from the cxf-user mailing list archive at Nabble.com.
>>>
>>>
>>
>>
>
> --
> View this message in context: http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27470023.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>
>

Mime
  • Unnamed multipart/mixed (inline, None, 0 bytes)
View raw message