As you can see, SOAPUI doesn't send any Authorization header. Thus, this is not a problem with CXF, but SOAPUI (unless SOAPUI only sends the Authorization header after getting a 401/403 status code).
Andreas On Fri, Feb 5, 2010 at 17:14, SaravananRamamoorthy <saravanan.ramamoorth...@gmail.com> wrote: > > Hi Andread, > > Please find the attachment.When the values are send through Header(s) tab, I > can able to retrieve the information using HeaderParam. > > Regards > SaravananRamamoorthy http://old.nabble.com/file/p27470023/SOAP_UI.zip > SOAP_UI.zip > > > > Andreas Veithen-2 wrote: >> >> In SOAPUI, after sending the request, you can switch to the "Raw" tab >> in order to see the request (including headers) that SOAPUI has sent. >> Can you show us this information? >> >> Andreas >> >> On Fri, Feb 5, 2010 at 16:13, SaravananRamamoorthy >> <saravanan.ramamoorth...@gmail.com> wrote: >>> >>> Hi Andreas , >>> >>> I can able to get the values, when I send the information through >>> header.It >>> works fine. >>> But when I send the credentials using Authentication part,I cannot able >>> to >>> retrieve. >>> >>> Regards >>> SaravananRamamoorthy >>> >>> >>> >>> Andreas Veithen-2 wrote: >>>> >>>> What Sergey actually wants you to do is to check if that information >>>> reaches the JAX-RS service, i.e. to try retrieving this information >>>> using a method parameter annotated with @HeaderParam("Authorization"). >>>> >>>> Andreas >>>> >>>> On Fri, Feb 5, 2010 at 15:36, SaravananRamamoorthy >>>> <saravanan.ramamoorth...@gmail.com> wrote: >>>>> >>>>> Hi Sergey, >>>>> >>>>> >>>>> Thanks for your continuous help. >>>>> I can able to get the value when the values are given in the header >>>>> part. >>>>> What is the case if the credentials are given in Authentication part. >>>>> I have attached the screenshot for giving the credentials in aut part. >>>>> In this case how can I retrieve the details. >>>>> http://old.nabble.com/file/p27468603/authentication.PNG >>>>> authentication.PNG >>>>> >>>>> Regards >>>>> SaravananRamamoorthy >>>>> >>>>> >>>>> Sergey Beryozkin-2 wrote: >>>>>> >>>>>> Can you post the value of this header please ? >>>>>> cheers, Sergey >>>>>> >>>>>>> >>>>>>> Hi Sergey, >>>>>>> >>>>>>> Yes. The authorization header is sent by the client. I have used >>>>>>> SOAPUI >>>>>>> for >>>>>>> this. >>>>>>> >>>>>>> Regards >>>>>>> SaravananRamamoorthy >>>>>>> >>>>>>> >>>>>>> >>>>>>> Sergey Beryozkin-2 wrote: >>>>>>>> >>>>>>>> I've already asked twice : is Authorization header actually being >>>>>>>> sent >>>>>>>> by >>>>>>>> a client ? >>>>>>>> Can you tell me please if it is the case or not ? Try adding a JAXRS >>>>>>>> >>>>>>>> @HeaderParam("Authorization") String value >>>>>>>> >>>>>>>> to your jaxrs resource method and print the resulting value. >>>>>>>> >>>>>>>> cheers. Sergey >>>>>>>> >>>>>>>> >>>>>>>>> >>>>>>>>> Hi Sergey, >>>>>>>>> >>>>>>>>> I tried with MessageContext , MessageContextImpl and >>>>>>>>> SecurityContext. >>>>>>>>> But >>>>>>>>> it >>>>>>>>> always return null. >>>>>>>>> Do we need anything to be configure in web.xml? >>>>>>>>> Regards >>>>>>>>> SaravananRamamoorthy >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> Sergey Beryozkin-2 wrote: >>>>>>>>>> >>>>>>>>>> Please check >>>>>>>>>> >>>>>>>>>> http://cxf.apache.org/docs/debugging-and-logging.html >>>>>>>>>> >>>>>>>>>> and see the list of tools you can use to check if the >>>>>>>>>> Authorization >>>>>>>>>> header >>>>>>>>>> is actually available on the wire. I also like TcpTrace : >>>>>>>>>> http://www.pocketsoap.com/tcptrace/ >>>>>>>>>> >>>>>>>>>> Provided this header is present, you can parse it manually by >>>>>>>>>> using >>>>>>>>>> JAXRS >>>>>>>>>> @HeaderParam. I'm sure there're plenty of Base64 decoding >>>>>>>>>> utils around and CXF has the one too >>>>>>>>>> (org.apache.cxf.common.util.Base64Utility). >>>>>>>>>> >>>>>>>>>> Alternatively youy can have a @Context MessageContext parameter >>>>>>>>>> passed >>>>>>>>>> in >>>>>>>>>> too and then do >>>>>>>>>> mc.get(AuthorizationPolicy.class.getName()); >>>>>>>>>> >>>>>>>>>> Sergey >>>>>>>>>> >>>>>>>>>> ----- Original Message ----- >>>>>>>>>> From: "SaravananRamamoorthy" <saravanan.ramamoorth...@gmail.com> >>>>>>>>>> To: <users@cxf.apache.org> >>>>>>>>>> Sent: Wednesday, February 03, 2010 4:29 PM >>>>>>>>>> Subject: Re: Http basic authentication in JAX RS >>>>>>>>>> >>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Hi Sergey, >>>>>>>>>>> >>>>>>>>>>> Thanks for your suggestions. >>>>>>>>>>> >>>>>>>>>>> I am new to apache cxf. >>>>>>>>>>> >>>>>>>>>>> Is there any direct interface or context availabe to receive the >>>>>>>>>>> authentication details just like @QueryParam.(for receiving query >>>>>>>>>>> string). >>>>>>>>>>> >>>>>>>>>>> It is enough to print the username and the password in the >>>>>>>>>>> console. >>>>>>>>>>> >>>>>>>>>>> Please provide the solution. >>>>>>>>>>> >>>>>>>>>>> Regards >>>>>>>>>>> Saravanan R >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Sergey Beryozkin-2 wrote: >>>>>>>>>>>> >>>>>>>>>>>> Actually, just looked at the source of MessageContextImpl, it >>>>>>>>>>>> should >>>>>>>>>>>> be >>>>>>>>>>>> mc.get(AuthorizationPolicy.class.getName()) when retrieving >>>>>>>>>>>> it from MessageContext given that uses toString() on the object >>>>>>>>>>>> keys. >>>>>>>>>>>> Also make sure you're actually seeing an Authorization header on >>>>>>>>>>>> the >>>>>>>>>>>> wire >>>>>>>>>>>> >>>>>>>>>>>> cheers, Sergey >>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Hi Sergey, >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> I tried with your suggestions like >>>>>>>>>>>>> >>>>>>>>>>>>> public Response getCredentials(@Context MessageContext mc) >>>>>>>>>>>>> { >>>>>>>>>>>>> AuthorizationPolicy policy = >>>>>>>>>>>>> (AuthorizationPolicy)mc.get(AuthorizationPolicy.class); >>>>>>>>>>>>> System.out.println(policy.getUserName()); >>>>>>>>>>>>> ....... >>>>>>>>>>>>> ....... >>>>>>>>>>>>> When I tried to give the Authentication from SOAP UI, I got >>>>>>>>>>>>> null. >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Please correct me where I did the mistake. >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Regards >>>>>>>>>>>>> Saravanan R >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Sergey Beryozkin-2 wrote: >>>>>>>>>>>>>> >>>>>>>>>>>>>> Hi >>>>>>>>>>>>>> >>>>>>>>>>>>>> The only way at the moment to get AuthorizationPolicy object >>>>>>>>>>>>>> in >>>>>>>>>>>>>> the >>>>>>>>>>>>>> app >>>>>>>>>>>>>> code is to do something like this : >>>>>>>>>>>>>> >>>>>>>>>>>>>> @Context MessageContext mc; >>>>>>>>>>>>>> .... >>>>>>>>>>>>>> AuthorizationPolicy policy = >>>>>>>>>>>>>> (AuthorizationPolicy)mc.get(AuthorizationPolicy.class); >>>>>>>>>>>>>> >>>>>>>>>>>>>> cheers, Sergey >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Hi All, >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> I am creating REST application using JAX RS. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> I am using SOAPUI to test the application. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> My Rest needs to receive the Http Basic Authentication from >>>>>>>>>>>>>>> the >>>>>>>>>>>>>>> SOAPUI. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> I just want to receive the authentication details like >>>>>>>>>>>>>>> username,password and >>>>>>>>>>>>>>> domain in JAX RS method. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Can anyone give the idea how to get the authentication >>>>>>>>>>>>>>> details >>>>>>>>>>>>>>> in >>>>>>>>>>>>>>> the >>>>>>>>>>>>>>> parameter of the method. >>>>>>>>>>>>>> >>>>>>>>>>>>>> I ended up not needing this, but I experimented with creating >>>>>>>>>>>>>> an >>>>>>>>>>>>>> "AuthorizationRequestHandler" class (implements >>>>>>>>>>>>>> RequestHandler) >>>>>>>>>>>>>> and >>>>>>>>>>>>>> putting that in my "jaxrs:providers" list. That requires a >>>>>>>>>>>>>> "handleRequest(Message message, ClassResourceInfo >>>>>>>>>>>>>> classResourceInfo)" >>>>>>>>>>>>>> method, where I can call "AuthorizationPolicy policy = >>>>>>>>>>>>>> message.get(AuthorizationPolicy.class);". The >>>>>>>>>>>>>> AuthorizationPolicy >>>>>>>>>>>>>> contains the username and password. >>>>>>>>>>>>>> >>>>>>>>>>>>>> What is not clear to me, however, is where this object is >>>>>>>>>>>>>> available >>>>>>>>>>>>>> somehow at the controller level. >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> View this message in context: >>>>>>>>>>>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27437539.html >>>>>>>>>>>>> Sent from the cxf-user mailing list archive at Nabble.com. >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> View this message in context: >>>>>>>>>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27439212.html >>>>>>>>>>> Sent from the cxf-user mailing list archive at Nabble.com. >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> View this message in context: >>>>>>>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27452426.html >>>>>>>>> Sent from the cxf-user mailing list archive at Nabble.com. >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> -- >>>>>>> View this message in context: >>>>>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27467082.html >>>>>>> Sent from the cxf-user mailing list archive at Nabble.com. >>>>>>> >>>>>> >>>>>> >>>>> >>>>> -- >>>>> View this message in context: >>>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27468603.html >>>>> Sent from the cxf-user mailing list archive at Nabble.com. >>>>> >>>>> >>>> >>>> >>> >>> -- >>> View this message in context: >>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27469191.html >>> Sent from the cxf-user mailing list archive at Nabble.com. >>> >>> >> >> > > -- > View this message in context: > http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27470023.html > Sent from the cxf-user mailing list archive at Nabble.com. > >