Return-Path: Delivered-To: apmail-cxf-users-archive@www.apache.org Received: (qmail 86667 invoked from network); 5 Feb 2010 12:26:54 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 5 Feb 2010 12:26:54 -0000 Received: (qmail 44530 invoked by uid 500); 5 Feb 2010 12:26:53 -0000 Delivered-To: apmail-cxf-users-archive@cxf.apache.org Received: (qmail 44445 invoked by uid 500); 5 Feb 2010 12:26:53 -0000 Mailing-List: contact users-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@cxf.apache.org Delivered-To: mailing list users@cxf.apache.org Received: (qmail 44435 invoked by uid 99); 5 Feb 2010 12:26:53 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 05 Feb 2010 12:26:53 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of lists@nabble.com designates 216.139.236.158 as permitted sender) Received: from [216.139.236.158] (HELO kuber.nabble.com) (216.139.236.158) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 05 Feb 2010 12:26:43 +0000 Received: from isper.nabble.com ([192.168.236.156]) by kuber.nabble.com with esmtp (Exim 4.63) (envelope-from ) id 1NdNGQ-0001Ez-CF for users@cxf.apache.org; Fri, 05 Feb 2010 04:26:22 -0800 Message-ID: <27467082.post@talk.nabble.com> Date: Fri, 5 Feb 2010 04:26:22 -0800 (PST) From: SaravananRamamoorthy To: users@cxf.apache.org Subject: Re: Http basic authentication in JAX RS In-Reply-To: <003a01caa65c$6bcab810$1f02050a@emea.progress.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Nabble-From: saravanan.ramamoorthy.s@gmail.com References: <27416364.post@talk.nabble.com> <00c401caa4b4$96cd35a0$1f02050a@emea.progress.com> <27437539.post@talk.nabble.com> <022601caa4ea$22597130$1f02050a@emea.progress.com> <27439212.post@talk.nabble.com> <026401caa4ef$2fadaa90$1f02050a@emea.progress.com> <27452426.post@talk.nabble.com> <003a01caa65c$6bcab810$1f02050a@emea.progress.com> X-Virus-Checked: Checked by ClamAV on apache.org Hi Sergey, Yes. The authorization header is sent by the client. I have used SOAPUI for this. Regards SaravananRamamoorthy Sergey Beryozkin-2 wrote: > > I've already asked twice : is Authorization header actually being sent by > a client ? > Can you tell me please if it is the case or not ? Try adding a JAXRS > > @HeaderParam("Authorization") String value > > to your jaxrs resource method and print the resulting value. > > cheers. Sergey > > >> >> Hi Sergey, >> >> I tried with MessageContext , MessageContextImpl and SecurityContext. But >> it >> always return null. >> Do we need anything to be configure in web.xml? >> Regards >> SaravananRamamoorthy >> >> >> >> Sergey Beryozkin-2 wrote: >>> >>> Please check >>> >>> http://cxf.apache.org/docs/debugging-and-logging.html >>> >>> and see the list of tools you can use to check if the Authorization >>> header >>> is actually available on the wire. I also like TcpTrace : >>> http://www.pocketsoap.com/tcptrace/ >>> >>> Provided this header is present, you can parse it manually by using >>> JAXRS >>> @HeaderParam. I'm sure there're plenty of Base64 decoding >>> utils around and CXF has the one too >>> (org.apache.cxf.common.util.Base64Utility). >>> >>> Alternatively youy can have a @Context MessageContext parameter passed >>> in >>> too and then do >>> mc.get(AuthorizationPolicy.class.getName()); >>> >>> Sergey >>> >>> ----- Original Message ----- >>> From: "SaravananRamamoorthy" >>> To: >>> Sent: Wednesday, February 03, 2010 4:29 PM >>> Subject: Re: Http basic authentication in JAX RS >>> >>> >>>> >>>> Hi Sergey, >>>> >>>> Thanks for your suggestions. >>>> >>>> I am new to apache cxf. >>>> >>>> Is there any direct interface or context availabe to receive the >>>> authentication details just like @QueryParam.(for receiving query >>>> string). >>>> >>>> It is enough to print the username and the password in the console. >>>> >>>> Please provide the solution. >>>> >>>> Regards >>>> Saravanan R >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> Sergey Beryozkin-2 wrote: >>>>> >>>>> Actually, just looked at the source of MessageContextImpl, it should >>>>> be >>>>> mc.get(AuthorizationPolicy.class.getName()) when retrieving >>>>> it from MessageContext given that uses toString() on the object keys. >>>>> Also make sure you're actually seeing an Authorization header on the >>>>> wire >>>>> >>>>> cheers, Sergey >>>>> >>>>>> >>>>>> Hi Sergey, >>>>>> >>>>>> >>>>>> I tried with your suggestions like >>>>>> >>>>>> public Response getCredentials(@Context MessageContext mc) >>>>>> { >>>>>> AuthorizationPolicy policy = >>>>>> (AuthorizationPolicy)mc.get(AuthorizationPolicy.class); >>>>>> System.out.println(policy.getUserName()); >>>>>> ....... >>>>>> ....... >>>>>> When I tried to give the Authentication from SOAP UI, I got null. >>>>>> >>>>>> >>>>>> Please correct me where I did the mistake. >>>>>> >>>>>> >>>>>> Regards >>>>>> Saravanan R >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> Sergey Beryozkin-2 wrote: >>>>>>> >>>>>>> Hi >>>>>>> >>>>>>> The only way at the moment to get AuthorizationPolicy object in the >>>>>>> app >>>>>>> code is to do something like this : >>>>>>> >>>>>>> @Context MessageContext mc; >>>>>>> .... >>>>>>> AuthorizationPolicy policy = >>>>>>> (AuthorizationPolicy)mc.get(AuthorizationPolicy.class); >>>>>>> >>>>>>> cheers, Sergey >>>>>>> >>>>>>> >>>>>>> >>>>>>>> >>>>>>>> Hi All, >>>>>>>> >>>>>>>> I am creating REST application using JAX RS. >>>>>>>> >>>>>>>> I am using SOAPUI to test the application. >>>>>>>> >>>>>>>> My Rest needs to receive the Http Basic Authentication from the >>>>>>>> SOAPUI. >>>>>>>> >>>>>>>> I just want to receive the authentication details like >>>>>>>> username,password and >>>>>>>> domain in JAX RS method. >>>>>>>> >>>>>>>> Can anyone give the idea how to get the authentication details in >>>>>>>> the >>>>>>>> parameter of the method. >>>>>>> >>>>>>> I ended up not needing this, but I experimented with creating an >>>>>>> "AuthorizationRequestHandler" class (implements RequestHandler) and >>>>>>> putting that in my "jaxrs:providers" list. That requires a >>>>>>> "handleRequest(Message message, ClassResourceInfo >>>>>>> classResourceInfo)" >>>>>>> method, where I can call "AuthorizationPolicy policy = >>>>>>> message.get(AuthorizationPolicy.class);". The AuthorizationPolicy >>>>>>> contains the username and password. >>>>>>> >>>>>>> What is not clear to me, however, is where this object is available >>>>>>> somehow at the controller level. >>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> -- >>>>>> View this message in context: >>>>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27437539.html >>>>>> Sent from the cxf-user mailing list archive at Nabble.com. >>>>>> >>>>> >>>>> >>>>> >>>> >>>> -- >>>> View this message in context: >>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27439212.html >>>> Sent from the cxf-user mailing list archive at Nabble.com. >>>> >>> >>> >>> >> >> -- >> View this message in context: >> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27452426.html >> Sent from the cxf-user mailing list archive at Nabble.com. >> > > -- View this message in context: http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27467082.html Sent from the cxf-user mailing list archive at Nabble.com.