Re: HTTP Basic Authentication
Hello, Are you using the http component? http://camel.apache.org/http.html There is a section on authentication there. Example: from("http://examples.com/rest/hello?"; + "authMethod=Basic" + "&authUsername=User" + "&authPassword=Password") .to("mock:answer"); On Thu, Oct 1, 2015 at 1:29 PM, zied123456 wrote: > Hello, > I try to send request to a webservice with camel and i dont found how to > set > httplogin and httppass with > POJO i can do this: > > final String s = my_httpLogin+":"+my_httpPwd; > final byte[] authBytes = s.getBytes(StandardCharsets.UTF_8); > final String encoded = Base64.getEncoder().encodeToString(authBytes); > > and i set it in the header like this: > > con.setRequestProperty("Authorization", "Basic " + encoded); > > How can i do this with Camel Route ? > > > > -- > View this message in context: > http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5772150.html > Sent from the Camel - Users mailing list archive at Nabble.com. > -- Kind regards Joakim Bjørnstad
Re: HTTP Basic Authentication
Hello, I try to send request to a webservice with camel and i dont found how to set httplogin and httppass with POJO i can do this: final String s = my_httpLogin+":"+my_httpPwd; final byte[] authBytes = s.getBytes(StandardCharsets.UTF_8); final String encoded = Base64.getEncoder().encodeToString(authBytes); and i set it in the header like this: con.setRequestProperty("Authorization", "Basic " + encoded); How can i do this with Camel Route ? -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5772150.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Please setup the option of httpClient.authenticationPreemptive to be true. You can find more information here[1] by searching authenticationPreemptive. [1]https://camel.apache.org/http -- Willem Jiang Red Hat, Inc. Web: http://www.redhat.com Blog: http://willemjiang.blogspot.com (English) http://jnn.iteye.com (Chinese) Twitter: willemjiang Weibo: 姜宁willem On October 30, 2014 at 2:52:55 AM, sharathbabuk (sharathba...@hotmail.com) wrote: > The preemptive authentication with HTTPS does not seem to work with > "Camel-Http" > It works only with "camel-http4" > > But I have a limitation on my container ( websphere application server 7.x ) > so cannot use "camel-http4" - does anyone know if this should work with > "camel-http" ?? > > == here is my camel XML DSL == > > > > > > password="{{ssl.store.pass}}" /> > > > > > POST > > > application/json > > > > uri="https:{{host}}{{auditWs.url}}?sslContextParameters=sslContextParameters%26authUsername={{auditWsAuthUsername}}%26authPassword={{auditWsAuthPassword}}%26authenticationPreemptive=true%26bridgeEndpoint=true%26throwExceptionOnFailure=false" > > > > === > I get a 401 ERROR when I use "camel-http" > > > > > > -- > View this message in context: > http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5758314.html > > Sent from the Camel - Users mailing list archive at Nabble.com. >
Re: HTTP Basic Authentication
The preemptive authentication with HTTPS does not seem to work with "Camel-Http" It works only with "camel-http4" But I have a limitation on my container ( websphere application server 7.x ) so cannot use "camel-http4" - does anyone know if this should work with "camel-http" ?? == here is my camel XML DSL == POST application/json http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5758314.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Which version of Camel are you using? Can you try the latest release Camel 2.13.2? If I remember right, there is an issue of setting up the camel-cxfrs endpoint interceptors which was fixed recently. -- Willem Jiang Red Hat, Inc. Web: http://www.redhat.com Blog: http://willemjiang.blogspot.com (English) http://jnn.iteye.com (Chinese) Twitter: willemjiang Weibo: 姜宁willem On September 12, 2014 at 1:54:48 PM, sayed_india (sayed.abdulis...@gmail.com) wrote: > Hello, > Sorry I was referring to the Java Interceptor code above mentioned which > works fine for CXF SOAP. > > Cann't we make it for CXF-REST? > > Thanks, > Sayed > > > > -- > View this message in context: > http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756392.html > > Sent from the Camel - Users mailing list archive at Nabble.com. >
Re: HTTP Basic Authentication
Hello, Sorry I was referring to the Java Interceptor code above mentioned which works fine for CXF SOAP. Cann't we make it for CXF-REST? Thanks, Sayed -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756392.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Hello, Thanks a lot for the response.Will try and let you know. please share a sample code snippet. However the same code works for me at server side for CXF-SOAP so why not for CXF-REST ? Regards, Sayed -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756346.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
The configuration only work for the client side, if you want to enable the HTTP Basic Authentication on the server side, you need to setup the Jetty ServletContextHandler for it. -- Willem Jiang Red Hat, Inc. Web: http://www.redhat.com Blog: http://willemjiang.blogspot.com (English) http://jnn.iteye.com (Chinese) Twitter: willemjiang Weibo: 姜宁willem On September 9, 2014 at 1:26:41 PM, sayed_india (sayed.abdulis...@gmail.com) wrote: > Hello, > > Pls find below my query of CXF-RS with Basic authentication: > > public void configure() throws Exception { > System.out.println("inside route"); > Map properties = new HashMap(); > AuthorizationPolicy authPolicy = new AuthorizationPolicy(); > authPolicy.setAuthorizationType(HttpAuthHeader.AUTH_TYPE_BASIC); > authPolicy.setUserName("test"); > authPolicy.setPassword("test"); > authPolicy.setAuthorization("true"); > > // properties.put(AuthorizationPolicy.class.getName(), authPolicy); > > properties.put("org.apache.cxf.configuration.security.AuthorizationPolicy", > authPolicy); > > CxfRsEndpoint myCxfEp = > (CxfRsEndpoint)getContext().getEndpoint("cxfrs:http://0.0.0.0:9090?resourceClasses=com.test.CompanyService&bindingStyle=SimpleConsumer";); > > myCxfEp.configureProperties(properties); > from(myCxfEp) > > ... > > I have tested it using SOAPUI doesn't ask for any authentication. > > Please suggest .. > > Thanks, > Sayed > > > > -- > View this message in context: > http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756208.html > > Sent from the Camel - Users mailing list archive at Nabble.com. >
Re: HTTP Basic Authentication
Hello, Pls find below my query of CXF-RS with Basic authentication: public void configure() throws Exception { System.out.println("inside route"); Map properties = new HashMap(); AuthorizationPolicy authPolicy = new AuthorizationPolicy(); authPolicy.setAuthorizationType(HttpAuthHeader.AUTH_TYPE_BASIC); authPolicy.setUserName("test"); authPolicy.setPassword("test"); authPolicy.setAuthorization("true"); // properties.put(AuthorizationPolicy.class.getName(), authPolicy); properties.put("org.apache.cxf.configuration.security.AuthorizationPolicy", authPolicy); CxfRsEndpoint myCxfEp = (CxfRsEndpoint)getContext().getEndpoint("cxfrs:http://0.0.0.0:9090?resourceClasses=com.test.CompanyService&bindingStyle=SimpleConsumer";); myCxfEp.configureProperties(properties); from(myCxfEp) ... I have tested it using SOAPUI doesn't ask for any authentication. Please suggest .. Thanks, Sayed -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756208.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Hello Experts, Pls share me the CXF-REST code reference to use the above Java Authentication: Not getting an idea how to include this BasicAuthAuthorizationInterceptor in REST end point either in Spring or Java DSL: Spring End point: http://localhost:9090?resourceClasses=com.test.Service"/> Java End Point: from("cxfrs:http://0.0.0.0:9090?resourceClasses=com.test.Service&bindingStyle=SimpleConsumer";).. Need a quick solution. Thanks and Regards, Sayed -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756154.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Hello, I tried with the code shared ,seems working fine at server end for CXF-SOAP as tested through SOAPUI tool. Please share the code for CXF REST Service. However I need a Java client to call the service. Tried many options but gives me errors. Please send me a sample Java main client to test the authentication. My CXF end point declaration: http://localhost:9050/service/EmployeeDetailsService"; serviceClass="in.ns.com.EmployeeDetailsPort" wsdlURL="META-INF/wsdl/webservice.wsdl" > - java client: -- public static void main(String[] args) throws Exception { URL url = new URL(WS_URL); QName qname = new QName("http://com.ns.in";, "EmployeeDetailsPortService"); Service service = Service.create(url, qname); EmployeeDetailsPort hello = service.getPort(EmployeeDetailsPort.class); BindingProvider port =(BindingProvider)service.getPort(EmployeeDetailsPort.class); port.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "user-id"); port.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "test"); System.out.println(hello.employeeDetailsOpr( new FindEmpRequest("123"))); Error:Exception in thread "main" com.sun.xml.internal.ws.model.RuntimeModelerException: A WebService annotation is not present on class: in.ns.com.EmployeeDetailsPort Thanks and regards, Sayed -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756117.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
One thing should be point out, CXF uses Http URL Connector which is from JDK by default. If you are using CXF 2.7.x and enable the async http client setting, it will use the Apache Http Client 4.x to send the request. -- Willem Jiang Red Hat, Inc. Web: http://www.redhat.com Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/) (English) http://jnn.iteye.com (http://jnn.javaeye.com/) (Chinese) Twitter: willemjiang Weibo: 姜宁willem On Tuesday, October 29, 2013 at 6:46 PM, alexey-s wrote: > You'll be surprised. CXF uses the same library Apache HttpComponents. > CXF client initially twice sends an HTTP request. The first request without > authorization. Second with authorization. > > For a GET request such behavior is acceptable. For a POST request is very > bad. > > > Aleksey > > > > -- > View this message in context: > http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742348.html > Sent from the Camel - Users mailing list archive at Nabble.com > (http://Nabble.com).
RE: HTTP Basic Authentication
Rules of the game sets the other side - http server. Two requests are always bad, whether it's on an external authentication server, or proxy server. It is necessary to send a file size of 1 MByte. Length of HTTP request is about 1.3 MByte. Two queries will give 2.6 MByte. Aleksey -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742354.html Sent from the Camel - Users mailing list archive at Nabble.com.
RE: HTTP Basic Authentication
Hi, it happens by design: " Generally, preemptive authentication can be considered less * secure than a response to an authentication challenge * and therefore discouraged." (see https://hc.apache.org/httpcomponents-client-4.3.x/httpclient/examples/org/apache/http/examples/client/ClientPreemptiveBasicAuthentication.java) Regards, Tom -Original Message- From: alexey-s [mailto:alex...@mail.ru] Sent: Dienstag, 29. Oktober 2013 11:47 To: users@camel.apache.org Subject: Re: HTTP Basic Authentication You'll be surprised. CXF uses the same library Apache HttpComponents. CXF client initially twice sends an HTTP request. The first request without authorization. Second with authorization. For a GET request such behavior is acceptable. For a POST request is very bad. Aleksey -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742348.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
You'll be surprised. CXF uses the same library Apache HttpComponents. CXF client initially twice sends an HTTP request. The first request without authorization. Second with authorization. For a GET request such behavior is acceptable. For a POST request is very bad. Aleksey -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742348.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
I just captured the http request and response and found some thing interesting. When camel-http send the request to back end server which is protected with HTTP Basic Authentication, HttpClient sends a request without Authentication inform first, then it sends the request with the Authentication header when it get the 401 response. If you just want to camel-http send the request with the Authentication header, you can set url like this. from("direct:endpoint").to("http://localhost:8081?authMethod=Basic&authUsername=user1&authPassword=pwd&httpClient.authenticationPreemptive=true";); -- Willem Jiang Red Hat, Inc. Web: http://www.redhat.com Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/) (English) http://jnn.iteye.com (http://jnn.javaeye.com/) (Chinese) Twitter: willemjiang Weibo: 姜宁willem On Tuesday, October 29, 2013 at 5:13 PM, Willem jiang wrote: > I did a quick test with the camel trunk ( I think it’s same with last camel > release 2.12.1), the HTTP Basic Authentication setting is work out of box. > > from("direct:endpoint").to("http://localhost:8081?authMethod=Basic&authUsername=user1&authPassword=pwd”); > > I think you need to double check if the authPassword setting, It should be a > plaint text. > > -- > Willem Jiang > > Red Hat, Inc. > Web: http://www.redhat.com > Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/) > (English) > http://jnn.iteye.com (http://jnn.javaeye.com/) (Chinese) > Twitter: willemjiang > Weibo: 姜宁willem > > > > > > On Tuesday, October 29, 2013 at 1:03 AM, martin11 wrote: > > > Hi Christian, > > > > I tried to use HTTP auth options: > > > > .to("http://{{server}}:{{port}}/{{address}}?authMethod=Basic&authUsername={{user}}&authPassword={{password}}";) > > > > But it fails again: > > > > INFO - Basic authentication scheme selected > > DEBUG - Took 1889 millis to send to: > > Endpoint[http://172.24.40.110:5985/wsman?authMethod=Basic&authPassword=**&authUsername=Administrator] > > INFO - basic authentication scheme selected > > INFO - No credentials available for BASIC 'WSMAN'@172.24.40.110:5985 > > DEBUG - Took 45 millis to send to: Endpoint[http://172.24.40.110:5985/wsman] > > ERROR - Failed delivery for (MessageId: ID-asgard-47899-1382979475336-0-11 > > on ExchangeId: ID-asgard-47899-1382979475336-0-9). Exhausted after delivery > > attempt: 1 caught: > > org.apache.camel.component.http.HttpOperationFailedException: HTTP operation > > failed invoking http://172.24.40.110:5985/wsman with statusCode: 401 > > > > > > > > -- > > View this message in context: > > http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742320.html > > Sent from the Camel - Users mailing list archive at Nabble.com > > (http://Nabble.com). > > > >
Re: HTTP Basic Authentication
I did a quick test with the camel trunk ( I think it’s same with last camel release 2.12.1), the HTTP Basic Authentication setting is work out of box. from("direct:endpoint").to("http://localhost:8081?authMethod=Basic&authUsername=user1&authPassword=pwd”); I think you need to double check if the authPassword setting, It should be a plaint text. -- Willem Jiang Red Hat, Inc. Web: http://www.redhat.com Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/) (English) http://jnn.iteye.com (http://jnn.javaeye.com/) (Chinese) Twitter: willemjiang Weibo: 姜宁willem On Tuesday, October 29, 2013 at 1:03 AM, martin11 wrote: > Hi Christian, > > I tried to use HTTP auth options: > > .to("http://{{server}}:{{port}}/{{address}}?authMethod=Basic&authUsername={{user}}&authPassword={{password}}";) > > But it fails again: > > INFO - Basic authentication scheme selected > DEBUG - Took 1889 millis to send to: > Endpoint[http://172.24.40.110:5985/wsman?authMethod=Basic&authPassword=**&authUsername=Administrator] > INFO - basic authentication scheme selected > INFO - No credentials available for BASIC 'WSMAN'@172.24.40.110:5985 > DEBUG - Took 45 millis to send to: Endpoint[http://172.24.40.110:5985/wsman] > ERROR - Failed delivery for (MessageId: ID-asgard-47899-1382979475336-0-11 > on ExchangeId: ID-asgard-47899-1382979475336-0-9). Exhausted after delivery > attempt: 1 caught: > org.apache.camel.component.http.HttpOperationFailedException: HTTP operation > failed invoking http://172.24.40.110:5985/wsman with statusCode: 401 > > > > -- > View this message in context: > http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742320.html > Sent from the Camel - Users mailing list archive at Nabble.com > (http://Nabble.com). >
Re: HTTP Basic Authentication
Hi Christian, I tried to use HTTP auth options: .to("http://{{server}}:{{port}}/{{address}}?authMethod=Basic&authUsername={{user}}&authPassword={{password}}";) But it fails again: INFO - Basic authentication scheme selected DEBUG - Took 1889 millis to send to: Endpoint[http://172.24.40.110:5985/wsman?authMethod=Basic&authPassword=**&authUsername=Administrator] INFO - basic authentication scheme selected INFO - No credentials available for BASIC 'WSMAN'@172.24.40.110:5985 DEBUG - Took 45 millis to send to: Endpoint[http://172.24.40.110:5985/wsman] ERROR - Failed delivery for (MessageId: ID-asgard-47899-1382979475336-0-11 on ExchangeId: ID-asgard-47899-1382979475336-0-9). Exhausted after delivery attempt: 1 caught: org.apache.camel.component.http.HttpOperationFailedException: HTTP operation failed invoking http://172.24.40.110:5985/wsman with statusCode: 401 -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742320.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Martin is using the http component, not the CXF component... Did you checked [1]? You can set the auth options per endpoint. [1] http://camel.apache.org/http.html Best, Christian - Software Integration Specialist Apache Member V.P. Apache Camel | Apache Camel PMC Member | Apache Camel committer Apache Incubator PMC Member https://www.linkedin.com/pub/christian-mueller/11/551/642 On Sat, Oct 26, 2013 at 5:44 AM, contactreji wrote: > Hi > > I used a interceptor approach. The java code for interceptor is as follows > > *package outotec.com.mes.bw.copper_recovery_perc;* > *import java.io.IOException;* > *import java.io.OutputStream;* > *import java.net.HttpURLConnection;* > *import java.util.Arrays;* > *import java.util.List;* > *import java.util.Map;* > *import org.apache.cxf.binding.soap.interceptor.SoapHeaderInterceptor;* > *import org.apache.cxf.configuration.security.AuthorizationPolicy;* > *import org.apache.cxf.endpoint.Endpoint;* > *import org.apache.cxf.interceptor.Fault;* > *import org.apache.cxf.message.Exchange;* > *import org.apache.cxf.message.Message;* > *import org.apache.cxf.transport.Conduit;* > *import org.apache.cxf.ws.addressing.EndpointReferenceType;* > *import org.apache.log4j.Logger;* > *import org.springframework.beans.factory.annotation.Required;* > * > * > */*** > * * CXF Interceptor that provides HTTP Basic Authentication validation.* > * * * > * * Based on the concepts outline here:* > * * > http://chrisdail.com/2008/03/31/apache-cxf-with-http-basic-authentication* > * ** > * * @author CDail* > * */* > *public class BasicAuthAuthorizationInterceptor extends > SoapHeaderInterceptor {* > * > * > *protected Logger log = Logger.getLogger(getClass());* > ** > */** Map of allowed users to this system with their corresponding > passwords. */* > *private Map users;* > ** > *@Required* > *public void setUsers(Map users) {* > *this.users = users;* > *}* > ** > *@Override public void handleMessage(Message message) throws Fault {* > *// This is set by CXF* > *AuthorizationPolicy policy = > message.get(AuthorizationPolicy.class);* > ** > *// If the policy is not set, the user did not specify credentials* > *// A 401 is sent to the client to indicate that authentication is > required* > *if (policy == null) {* > *if (log.isDebugEnabled()) {* > *log.debug("User attempted to log in with no > credentials");* > *}* > *sendErrorResponse(message, > HttpURLConnection.HTTP_UNAUTHORIZED);* > *return;* > *}* > ** > *if (log.isDebugEnabled()) {* > *log.debug("Logging in use: " + policy.getUserName());* > *}* > ** > *// Verify the password* > *String realPassword = users.get(policy.getUserName());* > *if (realPassword == null || > !realPassword.equals(policy.getPassword())) {* > *log.error("Invalid username or password for user: " + > policy.getUserName());* > * * > *sendErrorResponse(message, HttpURLConnection.HTTP_FORBIDDEN);* > *}* > *}* > ** > *private void sendErrorResponse(Message message, int responseCode) {* > *Message outMessage = getOutMessage(message);* > *outMessage.put(Message.RESPONSE_CODE, responseCode);* > ** > *// Set the response headers* > *Map> responseHeaders =* > *(Map List>)message.get(Message.PROTOCOL_HEADERS);* > *if (responseHeaders != null) {* > *responseHeaders.put("WWW-Authenticate", Arrays.asList(new > String[]{"Basic realm=realm"}));* > *responseHeaders.put("Content-Length", Arrays.asList(new > String[]{"0"}));* > *}* > *message.getInterceptorChain().abort();* > *try {* > *getConduit(message).prepare(outMessage);* > *close(outMessage);* > *} catch (IOException e) {* > *log.warn(e.getMessage(), e);* > *}* > *}* > ** > *private Message getOutMessage(Message inMessage) {* > *Exchange exchange = inMessage.getExchange();* > *Message outMessage = exchange.getOutMessage();* > *if (outMessage == null) {* > *Endpoint endpoint = exchange.get(Endpoint.class);* > *outMessage = endpoint.getBinding().createMessage();* > *exchange.setOutMessage(outMessage);* > *}* > *outMessage.putAll(inMessage);* > *return outMessage;* > *}* > ** > *private Conduit getConduit(Message inMessage) throws IOException {* > *Exchange exchange = inMessage.getExchange();* > *EndpointReferenceType target = > exchange.get(EndpointReferenceType.class);* > *Conduit conduit =* > *exchange.getDestination().getBackChannel(inMessage, null, > target);* > *exchange.setConduit(conduit);* > *return con
Re: HTTP Basic Authentication
Hi I used a interceptor approach. The java code for interceptor is as follows *package outotec.com.mes.bw.copper_recovery_perc;* *import java.io.IOException;* *import java.io.OutputStream;* *import java.net.HttpURLConnection;* *import java.util.Arrays;* *import java.util.List;* *import java.util.Map;* *import org.apache.cxf.binding.soap.interceptor.SoapHeaderInterceptor;* *import org.apache.cxf.configuration.security.AuthorizationPolicy;* *import org.apache.cxf.endpoint.Endpoint;* *import org.apache.cxf.interceptor.Fault;* *import org.apache.cxf.message.Exchange;* *import org.apache.cxf.message.Message;* *import org.apache.cxf.transport.Conduit;* *import org.apache.cxf.ws.addressing.EndpointReferenceType;* *import org.apache.log4j.Logger;* *import org.springframework.beans.factory.annotation.Required;* * * */*** * * CXF Interceptor that provides HTTP Basic Authentication validation.* * * * * * Based on the concepts outline here:* * * http://chrisdail.com/2008/03/31/apache-cxf-with-http-basic-authentication* * ** * * @author CDail* * */* *public class BasicAuthAuthorizationInterceptor extends SoapHeaderInterceptor {* * * *protected Logger log = Logger.getLogger(getClass());* ** */** Map of allowed users to this system with their corresponding passwords. */* *private Map users;* ** *@Required* *public void setUsers(Map users) {* *this.users = users;* *}* ** *@Override public void handleMessage(Message message) throws Fault {* *// This is set by CXF* *AuthorizationPolicy policy = message.get(AuthorizationPolicy.class);* ** *// If the policy is not set, the user did not specify credentials* *// A 401 is sent to the client to indicate that authentication is required* *if (policy == null) {* *if (log.isDebugEnabled()) {* *log.debug("User attempted to log in with no credentials");* *}* *sendErrorResponse(message, HttpURLConnection.HTTP_UNAUTHORIZED);* *return;* *}* ** *if (log.isDebugEnabled()) {* *log.debug("Logging in use: " + policy.getUserName());* *}* ** *// Verify the password* *String realPassword = users.get(policy.getUserName());* *if (realPassword == null || !realPassword.equals(policy.getPassword())) {* *log.error("Invalid username or password for user: " + policy.getUserName());* * * *sendErrorResponse(message, HttpURLConnection.HTTP_FORBIDDEN);* *}* *}* ** *private void sendErrorResponse(Message message, int responseCode) {* *Message outMessage = getOutMessage(message);* *outMessage.put(Message.RESPONSE_CODE, responseCode);* ** *// Set the response headers* *Map> responseHeaders =* *(Map>)message.get(Message.PROTOCOL_HEADERS);* *if (responseHeaders != null) {* *responseHeaders.put("WWW-Authenticate", Arrays.asList(new String[]{"Basic realm=realm"}));* *responseHeaders.put("Content-Length", Arrays.asList(new String[]{"0"}));* *}* *message.getInterceptorChain().abort();* *try {* *getConduit(message).prepare(outMessage);* *close(outMessage);* *} catch (IOException e) {* *log.warn(e.getMessage(), e);* *}* *}* ** *private Message getOutMessage(Message inMessage) {* *Exchange exchange = inMessage.getExchange();* *Message outMessage = exchange.getOutMessage();* *if (outMessage == null) {* *Endpoint endpoint = exchange.get(Endpoint.class);* *outMessage = endpoint.getBinding().createMessage();* *exchange.setOutMessage(outMessage);* *}* *outMessage.putAll(inMessage);* *return outMessage;* *}* ** *private Conduit getConduit(Message inMessage) throws IOException {* *Exchange exchange = inMessage.getExchange();* *EndpointReferenceType target = exchange.get(EndpointReferenceType.class);* *Conduit conduit =* *exchange.getDestination().getBackChannel(inMessage, null, target);* *exchange.setConduit(conduit);* *return conduit;* *}* ** *private void close(Message outMessage) throws IOException {* *OutputStream os = outMessage.getContent(OutputStream.class);* *os.flush();* *os.close();* *}* *}* And I configured my endpoint (in my case, its a web service CXF endpoint) as shown below. * * *http://10.43.25.123:8181/mes/myWebserviceEndPoint"* * serviceClass="my.package.serviceClassImpl"* * wsdlURL="wsdl/myWSDL.wsdl"* * serviceName="p1:serviceNameFromWsdl"* * xmlns:p1="my.sample.webservice.wsdl.targetNamespace" xmlns:soap=" http://schemas.xmlsoap.org/wsdl/soap/";>* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * It works fine for me. Would be nice if you could
Re: HTTP Basic Authentication
Thanks for the reply. The problem got resolved after adding httpClient.authenticationPreemptive=true -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5729500p5729680.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Hi Not sure if you can configure the http client to follow redirects, that may allow the http client to detect the redirect and provide the credentials for basic auth after the redirect. On Wed, Mar 20, 2013 at 1:37 PM, cgsk wrote: > Hi There, > > I am using Jetty endpoint exposed which invokes a external service using > HTTP component and the external service requires a Basic Auth. So I am > passing the query parameters as below: > > bridgeEndpoint=true&authMethod=Basic&throwExceptionOnFailure=false&authUsername=username&authPassword=authPassword > > It works fine in Firefox, but when invoked using Chrome, it discards the > Basic auth params and it does a retry again with Basic Auth params added in > the retry call. Any idea about why there is difference in Chrome compared to > Firefox? Do we need add any additional param in camel http call to handle > this? > > > > -- > View this message in context: > http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5729500.html > Sent from the Camel - Users mailing list archive at Nabble.com. -- Claus Ibsen - Red Hat, Inc. FuseSource is now part of Red Hat Email: cib...@redhat.com Web: http://fusesource.com Twitter: davsclaus Blog: http://davsclaus.com Author of Camel in Action: http://www.manning.com/ibsen
Re: HTTP basic authentication for cxf endpoint
Please check out the CXF http client configuer[1], and add these in your beans.xml http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:http-conf="http://cxf.apache.org/transports/http/configuration"; xmlns:security="http://cxf.apache.org/configuration/security"; xsi:schemaLocation="http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd";> [1]http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html Willem On 9/30/10 7:43 PM, xiaotao183 wrote: Hi, I am looking for a way that I could possibly inject the http basic authentication credential to cxf endpoint to invoke a remote ws which has http basic authentication enabled. Here is the beans.xml http://camel.apache.org/schema/spring";> http://localhost:8080/greeting";> Here is the actual camel route from("timer://javaTimer?fixedRate=true&period=2000").log(LoggingLevel.INFO, "Sending a ping!") .process(new Processor() { public void process(Exchange ex) throws Exception { ex.getIn().setHeader(CxfConstants.OPERATION_NAME, "greetClient"); MessageContentsList list = new MessageContentsList(); list.add(0, "hi"); ex.getIn().setBody(list); } }).to("cxf:bean:thebean").process(new Processor() { public void process(Exchange ex) throws Exception { System.out.println(ex); } }); Thanks -- Willem -- Open Source Integration: http://www.fusesource.com Blog:http://willemjiang.blogspot.com (English) http://jnn.javaeye.com (Chinese) Twitter: http://twitter.com/willemjiang
Re: HTTP basic authentication for cxf endpoint
Hi, You need to configure a bus object with https and inject it into your cxfEndpoint. Please check out the example below. For more details check out the bus configuration section of your CXF documentation. There is no need to explicitly inject the bus into the endpoint. The presence of a bus object in Spring automatically overrides the need for creation of the default bus. Cheers, Ashwin... == http://localhost:8080/greeting"/> - - Ashwin Karpe Apache Camel Committer & Sr Principal Consultant FUSESource (a Progress Software Corporation subsidiary) http://fusesource.com http://fusesource.com Blog: http://opensourceknowledge.blogspot.com http://opensourceknowledge.blogspot.com - -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-basic-authentication-for-cxf-endpoint-tp3046867p3047032.html Sent from the Camel - Users mailing list archive at Nabble.com.