[Axis2] Improvements to Authentication support in http transport

Thu, 14 Sep 2006 00:42:51 -0700

Hi Devs,

The configuration of Axis2 client side for HTTP authentication has been undergone some major improvements as per JIRA 1081 and 1082.

The underline HTTP transport helper, commons-httpclient supports three different types of HTTP authentication schemes: NTLM, Digest and Basic. By setting proper credentials,Httpclient does provide the authentication, based on the challenge that server provides. This is transparent to the user.

Thus, Axis2's authentication has been improved to give this transparency as needed. When user provide its credentials, Axis2 create the correct credential objects and set the correct authentication scope to Httpclient.

To Achieve this, There will exist only one transport related bean "Authenticator" in Axis2. This is an static inner class in HttpTransportProperties. This will have getters and setters to set "host","domain" etc. (Please see the API for more information). Once the Authenticator object being filled with, it has to be set to the Options, with the parameter "AUTHENTICATE". This will be available in HttpConstants. Sample code as follows,

...

Options options = new Option();

HttpTransportProperties.Authenticator auth = new HttpTransportProperties.Authenticator();
auth.setUsername("name");
auth.setPassword("password");
auth.setDomain("domain");
auth.set..

options.setProperty(org.apache.axis2.transport.http.HTTPConstants.AUTHENTICATE,auth);

...

Once the proper credentials are set to auth, the underling Axis2 transport framework will create the proper credential objects and authentication scope and set it to Httpclient.  

With Httpclient, NTLM has the highest precedence over Digest and Basic authentication schemes.

Axis2 enables preemptive authentication. Thus, in this mode Httpclient will send the basic authentication response even before the server gives an unauthorized response in certain situations, thus reducing the overhead of making the connection. This is related to JIRA 1081.

Please do provide your consensus on the prior. Please do test this with you existing clients and let us know the results.

Thank you

Saminda

Reply via email to