cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Kulp <dk...@apache.org>
Subject Re: Digest Authentication: header is missing
Date Wed, 12 Dec 2012 18:39:47 GMT

> Am I missing something?

No,  this is more or less correct.   With digest auth, you normally would send an empty request,
the server would respond back with a challenge, that challenge is then used to create the
token.    For this to work, you would need to setup the conduit to cache the request (might
do that automatically with digest, don't remember).  The server side would need to be setup
to require the digest auth for that URL.  That would depend on the container or the web.xml
auth settings, etc….

Dan



On Dec 12, 2012, at 9:12 AM, Alexey Markevich <amarkevich@talend.com> wrote:

> Hi,
> 
> I'm trying to add Digest Authentication to wsdl_first example from 2.7.0:
> added to wsdl_first\src\main\resources\client-applicationContext.xml
> 
>    <http:conduit name="{http://customerservice.example.com/}CustomerServiceEndpoint.http-conduit"
>        xmlns:sec="http://cxf.apache.org/configuration/security">
>        <http:authorization>
>            <sec:UserName>tadmin</sec:UserName>
>            <sec:Password>tadmin</sec:Password>
>            <sec:AuthorizationType>Digest</sec:AuthorizationType>
>        </http:authorization>
>    </http:conduit>
> 
> Bit service receive following message:
> 
> Address: http://localhost:8040/services/CustomerServicePort
> Encoding: UTF-8
> Http-Method: POST
> Content-Type: text/xml; charset=UTF-8
> Headers: {Accept=[*/*], Cache-Control=[no-cache], connection=[keep-alive], Content-Length=[224],
content-type=[text/xml; charset=UTF-8], Host=[localhost:8040], Pragma=[no-cache], SOAPAction=[""],
User-Agent=[Apache CXF 2.7.0]}
> Payload: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><ns2:getCustomersByName
xmlns:ns2="http://customerservice.example.com/"><name>Smith</name></ns2:getCustomersByName></soap:Body></soap:Envelope>
> 
> In case Basic there is additional header present:
> Authorization=[Basic dGFkbWluOnRhZG1pbg==]
> 
> During debug I found at
> org.apache.cxf.transport.http.auth.DigestAuthSupplier
> following comment
> /* Preemptive authentication is only possible if we have a cached challenge
> 
> Am I missing something?
> 
> -- 
> Regards, Alexey.

-- 
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com


Mime
View raw message