Re: Making Axis work with HTTP/Basic authentication and a VB.Net client

Fri, 28 Apr 2006 06:15:11 -0700

To answer your question - yes, that is my setup.

On 4/28/06, Kevin O'Rourke <[EMAIL PROTECTED]> wrote:
Thanks for the information.  Just to be sure I understand:
- you have written your own AuthenticationHandler class and added it as
a handler in server-config.wsdd
- you have added the HTTPAuthHandler to the "http" transport flow in
server-config.wsdd
- in your services' .wsdd file you have added the "Authenticate" handler
to the request flow.

Is that correct?

So it looks like I need to write my own handler class to send back a 401
error to the client if no username and password are supplied.

I would have expected that functionality to be part of the
HTTPAuthHandler, seeing as it's a part of HTTP/Basic authentication.

Rich Rodriguez wrote:
> The auth handler I have is defined outside the service as:
>
>     <handler name="Authenticate"
> type="java:my.custom.AuthenticationHandler"/>
>
> The transport request flow is defined as:
>
>        <requestFlow>
>             <handler type="URLMapper"/>
>             <handler
> type="java:org.apache.axis.handlers.http.HTTPAuthHandler"/>
>         </requestFlow>
>
> And each service has a request flow of:
>
>         <requestFlow>
>            <handler type="Authenticate"/>
>         </requestFlow>
>
>
> On 4/27/06, *Kevin O'Rourke* <[EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED]>> wrote:
>
>     I'm trying to do authentication for my Axis web service using HTTP/Basic
>     over SSL, as this seemed to be the easiest option.  The client is
>     written in Visual Basic .Net 2005.
>
>     I've added the HTTPAuthHandler to my WSDD file:
>     ...
>     <service name="NtiAuth" provider="java:RPC">
>       <requestFlow>
>         <handler type="java:org.apache.axis.handlers.http.HTTPAuthHandler"/>
>         <handler type="soapmonitor"/>
>       </requestFlow>
>       <responseFlow>
>         <handler type="java:org.apache.axis.handlers.http.HTTPAuthHandler"/>
>         <handler type="soapmonitor"/>
>       </responseFlow>
>     ...
>
>     However no authentication is happening.  The VB.Net client seems to be
>     waiting for a "401 WWW-Authenticate Basic" error from the server, to
>     indicate that the server wants authentication.  Axis isn't sending a
>     401
>     but is instead just happily giving me a null username and password.
>
>     Does anyone know how I can persuade Axis to send back a 401 error?
>
>     Kevin
>
>


Reply via email to