Re: HTTP Basic Authentication
Hello,
Are you using the http component?
http://camel.apache.org/http.html
There is a section on authentication there.
Example:
from("http://examples.com/rest/hello?;
+ "authMethod=Basic"
+ "=User"
+ "=Password")
.to("mock:answer");
On Thu, Oct 1, 2015 at 1:29 PM, zied123456 wrote:
> Hello,
> I try to send request to a webservice with camel and i dont found how to
> set
> httplogin and httppass with
> POJO i can do this:
>
> final String s = my_httpLogin+":"+my_httpPwd;
> final byte[] authBytes = s.getBytes(StandardCharsets.UTF_8);
> final String encoded = Base64.getEncoder().encodeToString(authBytes);
>
> and i set it in the header like this:
>
> con.setRequestProperty("Authorization", "Basic " + encoded);
>
> How can i do this with Camel Route ?
>
>
>
> --
> View this message in context:
> http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5772150.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
--
Kind regards
Joakim Bjørnstad
Re: HTTP Basic Authentication
Hello,
I try to send request to a webservice with camel and i dont found how to set
httplogin and httppass with
POJO i can do this:
final String s = my_httpLogin+":"+my_httpPwd;
final byte[] authBytes = s.getBytes(StandardCharsets.UTF_8);
final String encoded = Base64.getEncoder().encodeToString(authBytes);
and i set it in the header like this:
con.setRequestProperty("Authorization", "Basic " + encoded);
How can i do this with Camel Route ?
--
View this message in context:
http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5772150.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
The preemptive authentication with HTTPS does not seem to work with
Camel-Http
It works only with camel-http4
But I have a limitation on my container ( websphere application server 7.x )
so cannot use camel-http4 - does anyone know if this should work with
camel-http ??
== here is my camel XML DSL ==
camel:sslContextParameters id=sslContextParameters
camel:keyManagers keyPassword={{ssl.store.pass}}
camel:keyStore resource={{ssl.store.path}}
password={{ssl.store.pass}} /
/camel:keyManagers
/camel:sslContextParameters
setHeader headerName=CamelHttpMethod
constantPOST/constant
/setHeader
setHeader headerName=Content-Type
constantapplication/json/constant
/setHeader
setExchangePattern pattern=InOut /
to
uri=https:{{host}}{{auditWs.url}}?sslContextParameters=sslContextParameters%26authUsername={{auditWsAuthUsername}}%26authPassword={{auditWsAuthPassword}}%26authenticationPreemptive=true%26bridgeEndpoint=true%26throwExceptionOnFailure=false
===
I get a 401 ERROR when I use camel-http
--
View this message in context:
http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5758314.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Please setup the option of httpClient.authenticationPreemptive to be true.
You can find more information here[1] by searching authenticationPreemptive.
[1]https://camel.apache.org/http
--
Willem Jiang
Red Hat, Inc.
Web: http://www.redhat.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.iteye.com (Chinese)
Twitter: willemjiang
Weibo: 姜宁willem
On October 30, 2014 at 2:52:55 AM, sharathbabuk (sharathba...@hotmail.com)
wrote:
The preemptive authentication with HTTPS does not seem to work with
Camel-Http
It works only with camel-http4
But I have a limitation on my container ( websphere application server 7.x )
so cannot use camel-http4 - does anyone know if this should work with
camel-http ??
== here is my camel XML DSL ==
password={{ssl.store.pass}} /
POST
application/json
uri=https:{{host}}{{auditWs.url}}?sslContextParameters=sslContextParameters%26authUsername={{auditWsAuthUsername}}%26authPassword={{auditWsAuthPassword}}%26authenticationPreemptive=true%26bridgeEndpoint=true%26throwExceptionOnFailure=false
===
I get a 401 ERROR when I use camel-http
--
View this message in context:
http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5758314.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Which version of Camel are you using? Can you try the latest release Camel 2.13.2? If I remember right, there is an issue of setting up the camel-cxfrs endpoint interceptors which was fixed recently. -- Willem Jiang Red Hat, Inc. Web: http://www.redhat.com Blog: http://willemjiang.blogspot.com (English) http://jnn.iteye.com (Chinese) Twitter: willemjiang Weibo: 姜宁willem On September 12, 2014 at 1:54:48 PM, sayed_india (sayed.abdulis...@gmail.com) wrote: Hello, Sorry I was referring to the Java Interceptor code above mentioned which works fine for CXF SOAP. Cann't we make it for CXF-REST? Thanks, Sayed -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756392.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Hello, Thanks a lot for the response.Will try and let you know. please share a sample code snippet. However the same code works for me at server side for CXF-SOAP so why not for CXF-REST ? Regards, Sayed -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756346.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Hello, Sorry I was referring to the Java Interceptor code above mentioned which works fine for CXF SOAP. Cann't we make it for CXF-REST? Thanks, Sayed -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756392.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Hello,
Pls find below my query of CXF-RS with Basic authentication:
public void configure() throws Exception {
System.out.println(inside route);
MapString, Object properties = new HashMapString, Object();
AuthorizationPolicy authPolicy = new AuthorizationPolicy();
authPolicy.setAuthorizationType(HttpAuthHeader.AUTH_TYPE_BASIC);
authPolicy.setUserName(test);
authPolicy.setPassword(test);
authPolicy.setAuthorization(true);
// properties.put(AuthorizationPolicy.class.getName(), authPolicy);
properties.put(org.apache.cxf.configuration.security.AuthorizationPolicy,
authPolicy);
CxfRsEndpoint myCxfEp =
(CxfRsEndpoint)getContext().getEndpoint(cxfrs:http://0.0.0.0:9090?resourceClasses=com.test.CompanyServicebindingStyle=SimpleConsumer;);
myCxfEp.configureProperties(properties);
from(myCxfEp)
...
I have tested it using SOAPUI doesn't ask for any authentication.
Please suggest ..
Thanks,
Sayed
--
View this message in context:
http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756208.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
The configuration only work for the client side, if you want to enable the HTTP
Basic Authentication on the server side, you need to setup the Jetty
ServletContextHandler for it.
--
Willem Jiang
Red Hat, Inc.
Web: http://www.redhat.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.iteye.com (Chinese)
Twitter: willemjiang
Weibo: 姜宁willem
On September 9, 2014 at 1:26:41 PM, sayed_india (sayed.abdulis...@gmail.com)
wrote:
Hello,
Pls find below my query of CXF-RS with Basic authentication:
public void configure() throws Exception {
System.out.println(inside route);
Map properties = new HashMap();
AuthorizationPolicy authPolicy = new AuthorizationPolicy();
authPolicy.setAuthorizationType(HttpAuthHeader.AUTH_TYPE_BASIC);
authPolicy.setUserName(test);
authPolicy.setPassword(test);
authPolicy.setAuthorization(true);
// properties.put(AuthorizationPolicy.class.getName(), authPolicy);
properties.put(org.apache.cxf.configuration.security.AuthorizationPolicy,
authPolicy);
CxfRsEndpoint myCxfEp =
(CxfRsEndpoint)getContext().getEndpoint(cxfrs:http://0.0.0.0:9090?resourceClasses=com.test.CompanyServicebindingStyle=SimpleConsumer;);
myCxfEp.configureProperties(properties);
from(myCxfEp)
...
I have tested it using SOAPUI doesn't ask for any authentication.
Please suggest ..
Thanks,
Sayed
--
View this message in context:
http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756208.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Hello Experts, Pls share me the CXF-REST code reference to use the above Java Authentication: Not getting an idea how to include this BasicAuthAuthorizationInterceptor in REST end point either in Spring or Java DSL: Spring End point: from uri=cxfrs:http://localhost:9090?resourceClasses=com.test.Service/ Java End Point: from(cxfrs:http://0.0.0.0:9090?resourceClasses=com.test.ServicebindingStyle=SimpleConsumer;).. Need a quick solution. Thanks and Regards, Sayed -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756154.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Hello,
I tried with the code shared ,seems working fine at server end for CXF-SOAP
as tested through SOAPUI tool.
Please share the code for CXF REST Service.
However I need a Java client to call the service.
Tried many options but gives me errors.
Please send me a sample Java main client to test the authentication.
My CXF end point declaration:
bean id=securityInterceptor
class=com.test.BasicAuthAuthorizationInterceptor
property name=usersmapentry key=user-id value=test
//map/property
/bean
cxf:cxfEndpoint id=ReportIncidentEndpoint
address=http://localhost:9050/service/EmployeeDetailsService;
serviceClass=in.ns.com.EmployeeDetailsPort
wsdlURL=META-INF/wsdl/webservice.wsdl
cxf:inInterceptorsref
bean=securityInterceptor//cxf:inInterceptors
/cxf:cxfEndpoint
/beans
-
java client:
--
public static void main(String[] args) throws Exception {
URL url = new URL(WS_URL);
QName qname = new QName(http://com.ns.in;,
EmployeeDetailsPortService);
Service service = Service.create(url, qname);
EmployeeDetailsPort hello =
service.getPort(EmployeeDetailsPort.class);
BindingProvider port
=(BindingProvider)service.getPort(EmployeeDetailsPort.class);
port.getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
user-id);
port.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
test);
System.out.println(hello.employeeDetailsOpr( new FindEmpRequest(123)));
Error:Exception in thread main
com.sun.xml.internal.ws.model.RuntimeModelerException: A WebService
annotation is not present on class: in.ns.com.EmployeeDetailsPort
Thanks and regards,
Sayed
--
View this message in context:
http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5756117.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
I did a quick test with the camel trunk ( I think it’s same with last camel
release 2.12.1), the HTTP Basic Authentication setting is work out of box.
from(direct:endpoint).to(http://localhost:8081?authMethod=BasicauthUsername=user1authPassword=pwd”);
I think you need to double check if the authPassword setting, It should be a
plaint text.
--
Willem Jiang
Red Hat, Inc.
Web: http://www.redhat.com
Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/)
(English)
http://jnn.iteye.com (http://jnn.javaeye.com/) (Chinese)
Twitter: willemjiang
Weibo: 姜宁willem
On Tuesday, October 29, 2013 at 1:03 AM, martin11 wrote:
Hi Christian,
I tried to use HTTP auth options:
.to(http://{{server}}:{{port}}/{{address}}?authMethod=BasicauthUsername={{user}}authPassword={{password}};)
But it fails again:
INFO - Basic authentication scheme selected
DEBUG - Took 1889 millis to send to:
Endpoint[http://172.24.40.110:5985/wsman?authMethod=BasicauthPassword=**authUsername=Administrator]
INFO - basic authentication scheme selected
INFO - No credentials available for BASIC 'WSMAN'@172.24.40.110:5985
DEBUG - Took 45 millis to send to: Endpoint[http://172.24.40.110:5985/wsman]
ERROR - Failed delivery for (MessageId: ID-asgard-47899-1382979475336-0-11
on ExchangeId: ID-asgard-47899-1382979475336-0-9). Exhausted after delivery
attempt: 1 caught:
org.apache.camel.component.http.HttpOperationFailedException: HTTP operation
failed invoking http://172.24.40.110:5985/wsman with statusCode: 401
--
View this message in context:
http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742320.html
Sent from the Camel - Users mailing list archive at Nabble.com
(http://Nabble.com).
Re: HTTP Basic Authentication
I just captured the http request and response and found some thing interesting.
When camel-http send the request to back end server which is protected with
HTTP Basic Authentication,
HttpClient sends a request without Authentication inform first, then it sends
the request with the Authentication header when it get the 401 response.
If you just want to camel-http send the request with the Authentication header,
you can set url like this.
from(direct:endpoint).to(http://localhost:8081?authMethod=BasicauthUsername=user1authPassword=pwdhttpClient.authenticationPreemptive=true;);
--
Willem Jiang
Red Hat, Inc.
Web: http://www.redhat.com
Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/)
(English)
http://jnn.iteye.com (http://jnn.javaeye.com/) (Chinese)
Twitter: willemjiang
Weibo: 姜宁willem
On Tuesday, October 29, 2013 at 5:13 PM, Willem jiang wrote:
I did a quick test with the camel trunk ( I think it’s same with last camel
release 2.12.1), the HTTP Basic Authentication setting is work out of box.
from(direct:endpoint).to(http://localhost:8081?authMethod=BasicauthUsername=user1authPassword=pwd”);
I think you need to double check if the authPassword setting, It should be a
plaint text.
--
Willem Jiang
Red Hat, Inc.
Web: http://www.redhat.com
Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/)
(English)
http://jnn.iteye.com (http://jnn.javaeye.com/) (Chinese)
Twitter: willemjiang
Weibo: 姜宁willem
On Tuesday, October 29, 2013 at 1:03 AM, martin11 wrote:
Hi Christian,
I tried to use HTTP auth options:
.to(http://{{server}}:{{port}}/{{address}}?authMethod=BasicauthUsername={{user}}authPassword={{password}};)
But it fails again:
INFO - Basic authentication scheme selected
DEBUG - Took 1889 millis to send to:
Endpoint[http://172.24.40.110:5985/wsman?authMethod=BasicauthPassword=**authUsername=Administrator]
INFO - basic authentication scheme selected
INFO - No credentials available for BASIC 'WSMAN'@172.24.40.110:5985
DEBUG - Took 45 millis to send to: Endpoint[http://172.24.40.110:5985/wsman]
ERROR - Failed delivery for (MessageId: ID-asgard-47899-1382979475336-0-11
on ExchangeId: ID-asgard-47899-1382979475336-0-9). Exhausted after delivery
attempt: 1 caught:
org.apache.camel.component.http.HttpOperationFailedException: HTTP operation
failed invoking http://172.24.40.110:5985/wsman with statusCode: 401
--
View this message in context:
http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742320.html
Sent from the Camel - Users mailing list archive at Nabble.com
(http://Nabble.com).
Re: HTTP Basic Authentication
You'll be surprised. CXF uses the same library Apache HttpComponents. CXF client initially twice sends an HTTP request. The first request without authorization. Second with authorization. For a GET request such behavior is acceptable. For a POST request is very bad. Aleksey -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742348.html Sent from the Camel - Users mailing list archive at Nabble.com.
RE: HTTP Basic Authentication
Hi, it happens by design: Generally, preemptive authentication can be considered less * secure than a response to an authentication challenge * and therefore discouraged. (see https://hc.apache.org/httpcomponents-client-4.3.x/httpclient/examples/org/apache/http/examples/client/ClientPreemptiveBasicAuthentication.java) Regards, Tom -Original Message- From: alexey-s [mailto:alex...@mail.ru] Sent: Dienstag, 29. Oktober 2013 11:47 To: users@camel.apache.org Subject: Re: HTTP Basic Authentication You'll be surprised. CXF uses the same library Apache HttpComponents. CXF client initially twice sends an HTTP request. The first request without authorization. Second with authorization. For a GET request such behavior is acceptable. For a POST request is very bad. Aleksey -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742348.html Sent from the Camel - Users mailing list archive at Nabble.com.
RE: HTTP Basic Authentication
Rules of the game sets the other side - http server. Two requests are always bad, whether it's on an external authentication server, or proxy server. It is necessary to send a file size of 1 MByte. Length of HTTP request is about 1.3 MByte. Two queries will give 2.6 MByte. Aleksey -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742354.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
One thing should be point out, CXF uses Http URL Connector which is from JDK by default. If you are using CXF 2.7.x and enable the async http client setting, it will use the Apache Http Client 4.x to send the request. -- Willem Jiang Red Hat, Inc. Web: http://www.redhat.com Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/) (English) http://jnn.iteye.com (http://jnn.javaeye.com/) (Chinese) Twitter: willemjiang Weibo: 姜宁willem On Tuesday, October 29, 2013 at 6:46 PM, alexey-s wrote: You'll be surprised. CXF uses the same library Apache HttpComponents. CXF client initially twice sends an HTTP request. The first request without authorization. Second with authorization. For a GET request such behavior is acceptable. For a POST request is very bad. Aleksey -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742348.html Sent from the Camel - Users mailing list archive at Nabble.com (http://Nabble.com).
Re: HTTP Basic Authentication
Hi Christian,
I tried to use HTTP auth options:
.to(http://{{server}}:{{port}}/{{address}}?authMethod=BasicauthUsername={{user}}authPassword={{password}};)
But it fails again:
INFO - Basic authentication scheme selected
DEBUG - Took 1889 millis to send to:
Endpoint[http://172.24.40.110:5985/wsman?authMethod=BasicauthPassword=**authUsername=Administrator]
INFO - basic authentication scheme selected
INFO - No credentials available for BASIC 'WSMAN'@172.24.40.110:5985
DEBUG - Took 45 millis to send to: Endpoint[http://172.24.40.110:5985/wsman]
ERROR - Failed delivery for (MessageId: ID-asgard-47899-1382979475336-0-11
on ExchangeId: ID-asgard-47899-1382979475336-0-9). Exhausted after delivery
attempt: 1 caught:
org.apache.camel.component.http.HttpOperationFailedException: HTTP operation
failed invoking http://172.24.40.110:5985/wsman with statusCode: 401
--
View this message in context:
http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5742229p5742320.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Martin is using the http component, not the CXF component...
Did you checked [1]? You can set the auth options per endpoint.
[1] http://camel.apache.org/http.html
Best,
Christian
-
Software Integration Specialist
Apache Member
V.P. Apache Camel | Apache Camel PMC Member | Apache Camel committer
Apache Incubator PMC Member
https://www.linkedin.com/pub/christian-mueller/11/551/642
On Sat, Oct 26, 2013 at 5:44 AM, contactreji contactr...@gmail.com wrote:
Hi
I used a interceptor approach. The java code for interceptor is as follows
*package outotec.com.mes.bw.copper_recovery_perc;*
*import java.io.IOException;*
*import java.io.OutputStream;*
*import java.net.HttpURLConnection;*
*import java.util.Arrays;*
*import java.util.List;*
*import java.util.Map;*
*import org.apache.cxf.binding.soap.interceptor.SoapHeaderInterceptor;*
*import org.apache.cxf.configuration.security.AuthorizationPolicy;*
*import org.apache.cxf.endpoint.Endpoint;*
*import org.apache.cxf.interceptor.Fault;*
*import org.apache.cxf.message.Exchange;*
*import org.apache.cxf.message.Message;*
*import org.apache.cxf.transport.Conduit;*
*import org.apache.cxf.ws.addressing.EndpointReferenceType;*
*import org.apache.log4j.Logger;*
*import org.springframework.beans.factory.annotation.Required;*
*
*
*/***
* * CXF Interceptor that provides HTTP Basic Authentication validation.*
* * *
* * Based on the concepts outline here:*
* *
http://chrisdail.com/2008/03/31/apache-cxf-with-http-basic-authentication*
* **
* * @author CDail*
* */*
*public class BasicAuthAuthorizationInterceptor extends
SoapHeaderInterceptor {*
*
*
*protected Logger log = Logger.getLogger(getClass());*
**
*/** Map of allowed users to this system with their corresponding
passwords. */*
*private MapString,String users;*
**
*@Required*
*public void setUsers(MapString, String users) {*
*this.users = users;*
*}*
**
*@Override public void handleMessage(Message message) throws Fault {*
*// This is set by CXF*
*AuthorizationPolicy policy =
message.get(AuthorizationPolicy.class);*
**
*// If the policy is not set, the user did not specify credentials*
*// A 401 is sent to the client to indicate that authentication is
required*
*if (policy == null) {*
*if (log.isDebugEnabled()) {*
*log.debug(User attempted to log in with no
credentials);*
*}*
*sendErrorResponse(message,
HttpURLConnection.HTTP_UNAUTHORIZED);*
*return;*
*}*
**
*if (log.isDebugEnabled()) {*
*log.debug(Logging in use: + policy.getUserName());*
*}*
**
*// Verify the password*
*String realPassword = users.get(policy.getUserName());*
*if (realPassword == null ||
!realPassword.equals(policy.getPassword())) {*
*log.error(Invalid username or password for user: +
policy.getUserName());*
* *
*sendErrorResponse(message, HttpURLConnection.HTTP_FORBIDDEN);*
*}*
*}*
**
*private void sendErrorResponse(Message message, int responseCode) {*
*Message outMessage = getOutMessage(message);*
*outMessage.put(Message.RESPONSE_CODE, responseCode);*
**
*// Set the response headers*
*MapString, ListString responseHeaders =*
*(MapString,
ListString)message.get(Message.PROTOCOL_HEADERS);*
*if (responseHeaders != null) {*
*responseHeaders.put(WWW-Authenticate, Arrays.asList(new
String[]{Basic realm=realm}));*
*responseHeaders.put(Content-Length, Arrays.asList(new
String[]{0}));*
*}*
*message.getInterceptorChain().abort();*
*try {*
*getConduit(message).prepare(outMessage);*
*close(outMessage);*
*} catch (IOException e) {*
*log.warn(e.getMessage(), e);*
*}*
*}*
**
*private Message getOutMessage(Message inMessage) {*
*Exchange exchange = inMessage.getExchange();*
*Message outMessage = exchange.getOutMessage();*
*if (outMessage == null) {*
*Endpoint endpoint = exchange.get(Endpoint.class);*
*outMessage = endpoint.getBinding().createMessage();*
*exchange.setOutMessage(outMessage);*
*}*
*outMessage.putAll(inMessage);*
*return outMessage;*
*}*
**
*private Conduit getConduit(Message inMessage) throws IOException {*
*Exchange exchange = inMessage.getExchange();*
*EndpointReferenceType target =
exchange.get(EndpointReferenceType.class);*
*Conduit conduit =*
*exchange.getDestination().getBackChannel(inMessage, null,
target);*
*exchange.setConduit(conduit);*
*return conduit;*
*}*
**
*private void close(Message
Re: HTTP Basic Authentication
Hi
I used a interceptor approach. The java code for interceptor is as follows
*package outotec.com.mes.bw.copper_recovery_perc;*
*import java.io.IOException;*
*import java.io.OutputStream;*
*import java.net.HttpURLConnection;*
*import java.util.Arrays;*
*import java.util.List;*
*import java.util.Map;*
*import org.apache.cxf.binding.soap.interceptor.SoapHeaderInterceptor;*
*import org.apache.cxf.configuration.security.AuthorizationPolicy;*
*import org.apache.cxf.endpoint.Endpoint;*
*import org.apache.cxf.interceptor.Fault;*
*import org.apache.cxf.message.Exchange;*
*import org.apache.cxf.message.Message;*
*import org.apache.cxf.transport.Conduit;*
*import org.apache.cxf.ws.addressing.EndpointReferenceType;*
*import org.apache.log4j.Logger;*
*import org.springframework.beans.factory.annotation.Required;*
*
*
*/***
* * CXF Interceptor that provides HTTP Basic Authentication validation.*
* * *
* * Based on the concepts outline here:*
* *
http://chrisdail.com/2008/03/31/apache-cxf-with-http-basic-authentication*
* **
* * @author CDail*
* */*
*public class BasicAuthAuthorizationInterceptor extends
SoapHeaderInterceptor {*
*
*
*protected Logger log = Logger.getLogger(getClass());*
**
*/** Map of allowed users to this system with their corresponding
passwords. */*
*private MapString,String users;*
**
*@Required*
*public void setUsers(MapString, String users) {*
*this.users = users;*
*}*
**
*@Override public void handleMessage(Message message) throws Fault {*
*// This is set by CXF*
*AuthorizationPolicy policy =
message.get(AuthorizationPolicy.class);*
**
*// If the policy is not set, the user did not specify credentials*
*// A 401 is sent to the client to indicate that authentication is
required*
*if (policy == null) {*
*if (log.isDebugEnabled()) {*
*log.debug(User attempted to log in with no credentials);*
*}*
*sendErrorResponse(message,
HttpURLConnection.HTTP_UNAUTHORIZED);*
*return;*
*}*
**
*if (log.isDebugEnabled()) {*
*log.debug(Logging in use: + policy.getUserName());*
*}*
**
*// Verify the password*
*String realPassword = users.get(policy.getUserName());*
*if (realPassword == null ||
!realPassword.equals(policy.getPassword())) {*
*log.error(Invalid username or password for user: +
policy.getUserName());*
* *
*sendErrorResponse(message, HttpURLConnection.HTTP_FORBIDDEN);*
*}*
*}*
**
*private void sendErrorResponse(Message message, int responseCode) {*
*Message outMessage = getOutMessage(message);*
*outMessage.put(Message.RESPONSE_CODE, responseCode);*
**
*// Set the response headers*
*MapString, ListString responseHeaders =*
*(MapString,
ListString)message.get(Message.PROTOCOL_HEADERS);*
*if (responseHeaders != null) {*
*responseHeaders.put(WWW-Authenticate, Arrays.asList(new
String[]{Basic realm=realm}));*
*responseHeaders.put(Content-Length, Arrays.asList(new
String[]{0}));*
*}*
*message.getInterceptorChain().abort();*
*try {*
*getConduit(message).prepare(outMessage);*
*close(outMessage);*
*} catch (IOException e) {*
*log.warn(e.getMessage(), e);*
*}*
*}*
**
*private Message getOutMessage(Message inMessage) {*
*Exchange exchange = inMessage.getExchange();*
*Message outMessage = exchange.getOutMessage();*
*if (outMessage == null) {*
*Endpoint endpoint = exchange.get(Endpoint.class);*
*outMessage = endpoint.getBinding().createMessage();*
*exchange.setOutMessage(outMessage);*
*}*
*outMessage.putAll(inMessage);*
*return outMessage;*
*}*
**
*private Conduit getConduit(Message inMessage) throws IOException {*
*Exchange exchange = inMessage.getExchange();*
*EndpointReferenceType target =
exchange.get(EndpointReferenceType.class);*
*Conduit conduit =*
*exchange.getDestination().getBackChannel(inMessage, null,
target);*
*exchange.setConduit(conduit);*
*return conduit;*
*}*
**
*private void close(Message outMessage) throws IOException {*
*OutputStream os = outMessage.getContent(OutputStream.class);*
*os.flush();*
*os.close();*
*}*
*}*
And I configured my endpoint (in my case, its a web service CXF endpoint)
as shown below.
*
*
*cxf:cxfEndpoint id=MESEndpoint*
* address=http://10.43.25.123:8181/mes/myWebserviceEndPoint*
* serviceClass=my.package.serviceClassImpl*
* wsdlURL=wsdl/myWSDL.wsdl*
* serviceName=p1:serviceNameFromWsdl*
* xmlns:p1=my.sample.webservice.wsdl.targetNamespace xmlns:soap=
http://schemas.xmlsoap.org/wsdl/soap/;*
* cxf:inInterceptors*
*
*
* ref
Re: HTTP Basic Authentication
Thanks for the reply. The problem got resolved after adding httpClient.authenticationPreemptive=true -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5729500p5729680.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP Basic Authentication
Hi Not sure if you can configure the http client to follow redirects, that may allow the http client to detect the redirect and provide the credentials for basic auth after the redirect. On Wed, Mar 20, 2013 at 1:37 PM, cgsk karthik2...@gmail.com wrote: Hi There, I am using Jetty endpoint exposed which invokes a external service using HTTP component and the external service requires a Basic Auth. So I am passing the query parameters as below: bridgeEndpoint=trueauthMethod=BasicthrowExceptionOnFailure=falseauthUsername=usernameauthPassword=authPassword It works fine in Firefox, but when invoked using Chrome, it discards the Basic auth params and it does a retry again with Basic Auth params added in the retry call. Any idea about why there is difference in Chrome compared to Firefox? Do we need add any additional param in camel http call to handle this? -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-Basic-Authentication-tp5729500.html Sent from the Camel - Users mailing list archive at Nabble.com. -- Claus Ibsen - Red Hat, Inc. FuseSource is now part of Red Hat Email: cib...@redhat.com Web: http://fusesource.com Twitter: davsclaus Blog: http://davsclaus.com Author of Camel in Action: http://www.manning.com/ibsen
Re: HTTP basic authentication for cxf endpoint
Hi, You need to configure a bus object with https and inject it into your cxfEndpoint. Please check out the example below. For more details check out the bus configuration section of your CXF documentation. There is no need to explicitly inject the bus into the endpoint. The presence of a bus object in Spring automatically overrides the need for creation of the default bus. Cheers, Ashwin... == cxf:cxfEndpoint id=thebean wsdlURL=greeting-wsdl.xml serviceClass=tutorial.hanbo.webservice.Greeting address=http://localhost:8080/greeting/ cxf:bus cxf:features p:policies/ cxf:logging/ /cxf:features /cxf:bus !-- -- !-- Any services listening on port 9002 must use the following -- !-- Transport Layer Security (TLS) settings -- !-- -- httpj:engine-factory bus=cxf httpj:engine port=9002 httpj:tlsServerParameters sec:keyManagers keyPassword=password sec:keyStore type=pkcs12 password=password resource=org/apache/cxf/systest/ws/wssc/certs/alice.p12/ /sec:keyManagers /httpj:tlsServerParameters /httpj:engine /httpj:engine-factory /cxf:cxfEndpoint - - Ashwin Karpe Apache Camel Committer Sr Principal Consultant FUSESource (a Progress Software Corporation subsidiary) http://fusesource.com http://fusesource.com Blog: http://opensourceknowledge.blogspot.com http://opensourceknowledge.blogspot.com - -- View this message in context: http://camel.465427.n5.nabble.com/HTTP-basic-authentication-for-cxf-endpoint-tp3046867p3047032.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: HTTP basic authentication for cxf endpoint
Please check out the CXF http client configuer[1], and add these in your
beans.xml
beans xmlns=http://www.springframework.org/schema/beans;
xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;
xmlns:http-conf=http://cxf.apache.org/transports/http/configuration;
xmlns:security=http://cxf.apache.org/configuration/security;
xsi:schemaLocation=http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://cxf.apache.org/configuration/security
http://cxf.apache.org/schemas/configuration/security.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd;
http-conf:conduit name=*.http-conduit
http-conf:authorization
security:UserName= /
security:Password= /
/http-conf:authorization
/http-conf:conduit
/beans
[1]http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
Willem
On 9/30/10 7:43 PM, xiaotao183 wrote:
Hi,
I am looking for a way that I could possibly inject the http basic
authentication credential to cxf endpoint to invoke a remote ws which has
http basic authentication enabled.
Here is the beans.xml
osgi:camelContext xmlns=http://camel.apache.org/schema/spring;
routeBuilder ref=myTransform/
/osgi:camelContext
bean id=myTransform
class=org.apache.servicemix.examples.camel.MyRouteBuilder
/bean
cxf:cxfEndpoint
id=thebean
wsdlURL=greeting-wsdl.xml
serviceClass=tutorial.hanbo.webservice.Greeting
address=http://localhost:8080/greeting;
/cxf:cxfEndpoint
Here is the actual camel route
from(timer://javaTimer?fixedRate=trueperiod=2000).log(LoggingLevel.INFO,
Sending a ping!)
.process(new Processor()
{
public void process(Exchange ex) throws Exception
{
ex.getIn().setHeader(CxfConstants.OPERATION_NAME,
greetClient);
MessageContentsList list = new
MessageContentsList();
list.add(0, hi);
ex.getIn().setBody(list);
}
}).to(cxf:bean:thebean).process(new Processor()
{
public void process(Exchange ex) throws Exception
{
System.out.println(ex);
}
});
Thanks
--
Willem
--
Open Source Integration: http://www.fusesource.com
Blog:http://willemjiang.blogspot.com (English)
http://jnn.javaeye.com (Chinese)
Twitter: http://twitter.com/willemjiang
