Return-Path: X-Original-To: apmail-cxf-users-archive@www.apache.org Delivered-To: apmail-cxf-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id A9E93E9F3 for ; Thu, 17 Jan 2013 10:03:49 +0000 (UTC) Received: (qmail 88755 invoked by uid 500); 17 Jan 2013 10:03:49 -0000 Delivered-To: apmail-cxf-users-archive@cxf.apache.org Received: (qmail 88466 invoked by uid 500); 17 Jan 2013 10:03:48 -0000 Mailing-List: contact users-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@cxf.apache.org Delivered-To: mailing list users@cxf.apache.org Received: (qmail 88442 invoked by uid 99); 17 Jan 2013 10:03:47 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 17 Jan 2013 10:03:47 +0000 X-ASF-Spam-Status: No, hits=2.2 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_NONE,SPF_PASS,WEIRD_PORT X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of ashakirin@talend.com designates 64.95.72.241 as permitted sender) Received: from [64.95.72.241] (HELO mxout.myoutlookonline.com) (64.95.72.241) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 17 Jan 2013 10:03:41 +0000 Received: from mxout.myoutlookonline.com (localhost [127.0.0.1]) by mxout.myoutlookonline.com (Postfix) with ESMTP id 893D2556CD5; Thu, 17 Jan 2013 05:03:19 -0500 (EST) X-Virus-Scanned: by SpamTitan at mail.lan Received: from S10HUB003.SH10.lan (unknown [10.110.2.1]) by mxout.myoutlookonline.com (Postfix) with ESMTP id C3AA5556CFD; Thu, 17 Jan 2013 05:03:17 -0500 (EST) Received: from S10BE002.SH10.lan ([::1]) by S10HUB003.SH10.lan ([::1]) with mapi id 14.01.0379.000; Thu, 17 Jan 2013 05:02:53 -0500 From: Andrei Shakirin To: "users@cxf.apache.org" CC: Daniel Kulp Subject: FW: Re:RE: CXF client to support multi-user Thread-Topic: Re:RE: CXF client to support multi-user Thread-Index: AQHN8BdLgrOCQBjJ60+BsPimkFcMiZhIkOEwgAJhCgCAAl9FwA== Date: Thu, 17 Jan 2013 10:02:52 +0000 Message-ID: References: <1674b13a.d71a.13c2a57c24c.Coremail.wanglilai_2002@163.com> <458b0ffc.dda2.13c3f1619f5.Coremail.wanglilai_2002@163.com> In-Reply-To: <458b0ffc.dda2.13c3f1619f5.Coremail.wanglilai_2002@163.com> Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [87.193.254.34] Content-Type: multipart/alternative; boundary="_000_D225CD69196F3F4A9F4174B2FCA06F886FA099S10BE002SH10lan_" MIME-Version: 1.0 X-Virus-Checked: Checked by ClamAV on apache.org --_000_D225CD69196F3F4A9F4174B2FCA06F886FA099S10BE002SH10lan_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi, I don't find configuration regarding authorization cache in CXFAuthenticato= r and URLConnectionHTTPConduit, but would like to ask Dan to be 100% sure. Patch from you is also always welcome. Regards, Andrei. From: wanglilai [mailto:wanglilai_2002@163.com] Sent: Dienstag, 15. Januar 2013 17:41 To: Andrei Shakirin Subject: Re:RE: CXF client to support multi-user Hi Andrei, Thanks for looking into this. I just found the root cause, this is NTLM spe= cific problem, since it's connection based, Authorization header is not use= d at all, instead HTTPUrlConnections delegates connection to sun.net.www.pr= otocol.https.HttpsURLConnectionImpl which is getting serverAuthorization vi= a java.net.Authenticator. requestPasswordAuthentication(), and then maintai= n authorization info in sun.net.www.protocol.http.AuthCacheValue.cache, how= ever the cacheKey comprises of host/port/protocol/realm which is the same f= or two of my requests. My workaround is to disable the cache by overriding sun.net.www.protocol.ht= tp.AuthCacheValue.cache, if CXF can provide some configuration ability rega= rding the auth cache, it would be great. Thanks, -Roger At 2013-01-14 17:25:40,"Andrei Shakirin" > wrote: >Hi, > >Cannot reproduce your problem under CXF 2.7.X. > >The code: > JaxWsProxyFactoryBean factory1 =3D new JaxWsProxyFactoryBean(); > factory1.getInInterceptors().add(new LoggingInInterceptor()); > factory1.getOutInterceptors().add(new LoggingOutInterceptor()); > factory1.setAddress("http://localhost:9001/helloWorld"); > HelloWorld hello1 =3D factory1.create(HelloWorld.class); > org.apache.cxf.endpoint.Client client1 =3D ClientProxy.getClient(h= ello1); > HTTPConduit conduit1 =3D (HTTPConduit)client1.getConduit(); > conduit1.getAuthorization().setAuthorizationType("NTLM"); > conduit1.getAuthorization().setUserName("XXXuser12"); > conduit1.getAuthorization().setPassword("XXXpwd12"); > > JaxWsProxyFactoryBean factory2 =3D new JaxWsProxyFactoryBean(); > factory2.getInInterceptors().add(new LoggingInInterceptor()); > factory2.getOutInterceptors().add(new LoggingOutInterceptor()); > factory2.setAddress("http://localhost:9001/helloWorld"); > HelloWorld hello2 =3D factory2.create(HelloWorld.class); > org.apache.cxf.endpoint.Client client2 =3D ClientProxy.getClient(h= ello2); > HTTPConduit conduit2 =3D (HTTPConduit)client2.getConduit(); > conduit2.getAuthorization().setAuthorizationType("NTLM"); > conduit2.getAuthorization().setUserName("YYYuser22"); > conduit2.getAuthorization().setPassword("YYYpwd22"); > > System.out.println(hello1.sayHi("World")); > System.out.println(hello2.sayHi("World")); > >Sends different Authorization header for each request and use different co= nduits as well as HTTPUrlConnections. >Which CXF version do you use? > >Cheers, >Andrei. > >> -----Original Message----- >> From: wanglilai [mailto:wanglilai_2002@163.com] >> Sent: Freitag, 11. Januar 2013 17:01 >> To: users@cxf.apache.org >> Subject: CXF client to support multi-user >> >> Hi, >> >> I am using CXF client to connect to Exchange WebService, and I need to >> support multiple users in the runtime. >> >> I did something like this: >> >> .... >> >> JaxWsProxyfactoryBean factory1 =3D new JaxWsProxyfactoryBean(); >> >> factory1.setServiceClass(exchangeServicePortType.class); >> >> factory1.setAddress(url); >> >> exchangeServicePortType exchangeService1 =3D >> (exchangeServicePortType) factory1 >> >> .create(); >> >> Client proxy =3D ClientProxy.getClient(exchangeService1); >> >> HTTPconduit conduit1 =3D (HTTPconduit) proxy.getconduit(); >> >> ...... >> >> conduit1.getAuthorization().setAuthorizationType("NTLM"); >> >> conduit1.getAuthorization().setUserName(userName1); >> >> conduit1.getAuthorization().setPassword(password1); >> >> exchangeService1.getItem(....); >> >> >> >> >> >> JaxWsProxyfactoryBean factory2 =3D new JaxWsProxyfact= oryBean(); >> >> factory2.setServiceClass(exchangeServicePortType.clas= s); >> >> factory2.setAddress(url); >> >> exchangeServicePortType exchangeService2 =3D >> (exchangeServicePortType) factory2 >> >> .create(); >> >> Client proxy =3D ClientProxy.getClient(exchangeServic= e2); >> >> HTTPconduit conduit2 =3D (HTTPconduit) proxy.getcondu= it(); >> >> >> >> ...... >> >> conduit2.getAuthorization().setAuthorizationType("NTL= M"); >> >> conduit2.getAuthorization().setUserName(userName2); >> >> conduit2.getAuthorization().setPassword(password2); >> >> exchangeService2.getItem(....); >> >> >> >> Basically I created 2 services with different username/password, I am >> expecting the CXF client to use different credentials for 2 requests, bu= t I >> found out it's always using the same credential(userName1/password1), >> even on 2nd request. As I know NTLM is connection based, the CXF will >> create a new HttpURLConnection per request. However HttpURLConnection >> instances could share the underlying network connection. >> >> Much appreciated if there is any workaround to solve my multi-user case. >> >> >> >> Thanks, >> >> -Roger --_000_D225CD69196F3F4A9F4174B2FCA06F886FA099S10BE002SH10lan_--