Hi Andreas, Thanks for your suggestions and continous support.
In SoapUI,I was not enable the authentication information to outgoing request in the SOAPUI preferences. We need to explicitly enable the checkbox, I go through the SOAPUI entire documentation and found the solution. Now I can able to retrieve username and password. Please suggest me how to retrieve the domain(realm) using JAX RS. Thank you once again. Regards Saravanan R Andreas Veithen-2 wrote: > > On Fri, Feb 5, 2010 at 17:52, KARR, DAVID (ATTSI) <dk0...@att.com> wrote: >>> -----Original Message----- >>> From: SaravananRamamoorthy [mailto:saravanan.ramamoorth...@gmail.com] >>> Sent: Friday, February 05, 2010 8:31 AM >>> To: users@cxf.apache.org >>> Subject: Re: Http basic authentication in JAX RS >>> >>> >>> Hi Andreas, >>> >>> Thanks for your information. >>> I will try to figure out what I made mistake in SOAP UI. >>> Thanks for your help. >> >> Unless I'm missing something, there is no "mistake" in SoapUI, at least >> with respect to this. I've tried to tell you several times that if you >> don’t specify security constraints in your web.xml, then your application >> will ignore security, and it will not process the Authorization header. > > If you replace "application" by "container", then this is true. Hence > my question on the other thread about the place where he wants > authentication to be performed (by the container, by CXF or by the > JAX-RS service). > >>> Andreas Veithen-2 wrote: >>> > >>> > As you can see, SOAPUI doesn't send any Authorization header. Thus, >>> > this is not a problem with CXF, but SOAPUI (unless SOAPUI only sends >>> > the Authorization header after getting a 401/403 status code). >>> > >>> > Andreas >>> > >>> > On Fri, Feb 5, 2010 at 17:14, SaravananRamamoorthy >>> > <saravanan.ramamoorth...@gmail.com> wrote: >>> >> >>> >> Hi Andread, >>> >> >>> >> Please find the attachment.When the values are send through >>> Header(s) >>> >> tab, I >>> >> can able to retrieve the information using HeaderParam. >>> >> >>> >> Regards >>> >> SaravananRamamoorthy >>> http://old.nabble.com/file/p27470023/SOAP_UI.zip >>> >> SOAP_UI.zip >>> >> >>> >> >>> >> >>> >> Andreas Veithen-2 wrote: >>> >>> >>> >>> In SOAPUI, after sending the request, you can switch to the "Raw" >>> tab >>> >>> in order to see the request (including headers) that SOAPUI has >>> sent. >>> >>> Can you show us this information? >>> >>> >>> >>> Andreas >>> >>> >>> >>> On Fri, Feb 5, 2010 at 16:13, SaravananRamamoorthy >>> >>> <saravanan.ramamoorth...@gmail.com> wrote: >>> >>>> >>> >>>> Hi Andreas , >>> >>>> >>> >>>> I can able to get the values, when I send the information through >>> >>>> header.It >>> >>>> works fine. >>> >>>> But when I send the credentials using Authentication part,I cannot >>> able >>> >>>> to >>> >>>> retrieve. >>> >>>> >>> >>>> Regards >>> >>>> SaravananRamamoorthy >>> >>>> >>> >>>> >>> >>>> >>> >>>> Andreas Veithen-2 wrote: >>> >>>>> >>> >>>>> What Sergey actually wants you to do is to check if that >>> information >>> >>>>> reaches the JAX-RS service, i.e. to try retrieving this >>> information >>> >>>>> using a method parameter annotated with >>> @HeaderParam("Authorization"). >>> >>>>> >>> >>>>> Andreas >>> >>>>> >>> >>>>> On Fri, Feb 5, 2010 at 15:36, SaravananRamamoorthy >>> >>>>> <saravanan.ramamoorth...@gmail.com> wrote: >>> >>>>>> >>> >>>>>> Hi Sergey, >>> >>>>>> >>> >>>>>> >>> >>>>>> Thanks for your continuous help. >>> >>>>>> I can able to get the value when the values are given in the >>> header >>> >>>>>> part. >>> >>>>>> What is the case if the credentials are given in Authentication >>> part. >>> >>>>>> I have attached the screenshot for giving the credentials in aut >>> >>>>>> part. >>> >>>>>> In this case how can I retrieve the details. >>> >>>>>> http://old.nabble.com/file/p27468603/authentication.PNG >>> >>>>>> authentication.PNG >>> >>>>>> >>> >>>>>> Regards >>> >>>>>> SaravananRamamoorthy >>> >>>>>> >>> >>>>>> >>> >>>>>> Sergey Beryozkin-2 wrote: >>> >>>>>>> >>> >>>>>>> Can you post the value of this header please ? >>> >>>>>>> cheers, Sergey >>> >>>>>>> >>> >>>>>>>> >>> >>>>>>>> Hi Sergey, >>> >>>>>>>> >>> >>>>>>>> Yes. The authorization header is sent by the client. I have >>> used >>> >>>>>>>> SOAPUI >>> >>>>>>>> for >>> >>>>>>>> this. >>> >>>>>>>> >>> >>>>>>>> Regards >>> >>>>>>>> SaravananRamamoorthy >>> >>>>>>>> >>> >>>>>>>> >>> >>>>>>>> >>> >>>>>>>> Sergey Beryozkin-2 wrote: >>> >>>>>>>>> >>> >>>>>>>>> I've already asked twice : is Authorization header actually >>> being >>> >>>>>>>>> sent >>> >>>>>>>>> by >>> >>>>>>>>> a client ? >>> >>>>>>>>> Can you tell me please if it is the case or not ? Try adding >>> a >>> >>>>>>>>> JAXRS >>> >>>>>>>>> >>> >>>>>>>>> @HeaderParam("Authorization") String value >>> >>>>>>>>> >>> >>>>>>>>> to your jaxrs resource method and print the resulting value. >>> >>>>>>>>> >>> >>>>>>>>> cheers. Sergey >>> >>>>>>>>> >>> >>>>>>>>> >>> >>>>>>>>>> >>> >>>>>>>>>> Hi Sergey, >>> >>>>>>>>>> >>> >>>>>>>>>> I tried with MessageContext , MessageContextImpl and >>> >>>>>>>>>> SecurityContext. >>> >>>>>>>>>> But >>> >>>>>>>>>> it >>> >>>>>>>>>> always return null. >>> >>>>>>>>>> Do we need anything to be configure in web.xml? >>> >>>>>>>>>> Regards >>> >>>>>>>>>> SaravananRamamoorthy >>> >>>>>>>>>> >>> >>>>>>>>>> >>> >>>>>>>>>> >>> >>>>>>>>>> Sergey Beryozkin-2 wrote: >>> >>>>>>>>>>> >>> >>>>>>>>>>> Please check >>> >>>>>>>>>>> >>> >>>>>>>>>>> http://cxf.apache.org/docs/debugging-and-logging.html >>> >>>>>>>>>>> >>> >>>>>>>>>>> and see the list of tools you can use to check if the >>> >>>>>>>>>>> Authorization >>> >>>>>>>>>>> header >>> >>>>>>>>>>> is actually available on the wire. I also like TcpTrace : >>> >>>>>>>>>>> http://www.pocketsoap.com/tcptrace/ >>> >>>>>>>>>>> >>> >>>>>>>>>>> Provided this header is present, you can parse it manually >>> by >>> >>>>>>>>>>> using >>> >>>>>>>>>>> JAXRS >>> >>>>>>>>>>> @HeaderParam. I'm sure there're plenty of Base64 decoding >>> >>>>>>>>>>> utils around and CXF has the one too >>> >>>>>>>>>>> (org.apache.cxf.common.util.Base64Utility). >>> >>>>>>>>>>> >>> >>>>>>>>>>> Alternatively youy can have a @Context MessageContext >>> parameter >>> >>>>>>>>>>> passed >>> >>>>>>>>>>> in >>> >>>>>>>>>>> too and then do >>> >>>>>>>>>>> mc.get(AuthorizationPolicy.class.getName()); >>> >>>>>>>>>>> >>> >>>>>>>>>>> Sergey >>> >>>>>>>>>>> >>> >>>>>>>>>>> ----- Original Message ----- >>> >>>>>>>>>>> From: "SaravananRamamoorthy" >>> <saravanan.ramamoorth...@gmail.com> >>> >>>>>>>>>>> To: <users@cxf.apache.org> >>> >>>>>>>>>>> Sent: Wednesday, February 03, 2010 4:29 PM >>> >>>>>>>>>>> Subject: Re: Http basic authentication in JAX RS >>> >>>>>>>>>>> >>> >>>>>>>>>>> >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> Hi Sergey, >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> Thanks for your suggestions. >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> I am new to apache cxf. >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> Is there any direct interface or context availabe to >>> receive >>> >>>>>>>>>>>> the >>> >>>>>>>>>>>> authentication details just like @QueryParam.(for >>> receiving >>> >>>>>>>>>>>> query >>> >>>>>>>>>>>> string). >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> It is enough to print the username and the password in the >>> >>>>>>>>>>>> console. >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> Please provide the solution. >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> Regards >>> >>>>>>>>>>>> Saravanan R >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> Sergey Beryozkin-2 wrote: >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>> Actually, just looked at the source of >>> MessageContextImpl, it >>> >>>>>>>>>>>>> should >>> >>>>>>>>>>>>> be >>> >>>>>>>>>>>>> mc.get(AuthorizationPolicy.class.getName()) when >>> retrieving >>> >>>>>>>>>>>>> it from MessageContext given that uses toString() on the >>> >>>>>>>>>>>>> object >>> >>>>>>>>>>>>> keys. >>> >>>>>>>>>>>>> Also make sure you're actually seeing an Authorization >>> header >>> >>>>>>>>>>>>> on >>> >>>>>>>>>>>>> the >>> >>>>>>>>>>>>> wire >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>> cheers, Sergey >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> Hi Sergey, >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> I tried with your suggestions like >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> public Response getCredentials(@Context MessageContext >>> mc) >>> >>>>>>>>>>>>>> { >>> >>>>>>>>>>>>>> AuthorizationPolicy policy = >>> >>>>>>>>>>>>>> (AuthorizationPolicy)mc.get(AuthorizationPolicy.class); >>> >>>>>>>>>>>>>> System.out.println(policy.getUserName()); >>> >>>>>>>>>>>>>> ....... >>> >>>>>>>>>>>>>> ....... >>> >>>>>>>>>>>>>> When I tried to give the Authentication from SOAP UI, I >>> got >>> >>>>>>>>>>>>>> null. >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> Please correct me where I did the mistake. >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> Regards >>> >>>>>>>>>>>>>> Saravanan R >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> Sergey Beryozkin-2 wrote: >>> >>>>>>>>>>>>>>> >>> >>>>>>>>>>>>>>> Hi >>> >>>>>>>>>>>>>>> >>> >>>>>>>>>>>>>>> The only way at the moment to get AuthorizationPolicy >>> object >>> >>>>>>>>>>>>>>> in >>> >>>>>>>>>>>>>>> the >>> >>>>>>>>>>>>>>> app >>> >>>>>>>>>>>>>>> code is to do something like this : >>> >>>>>>>>>>>>>>> >>> >>>>>>>>>>>>>>> @Context MessageContext mc; >>> >>>>>>>>>>>>>>> .... >>> >>>>>>>>>>>>>>> AuthorizationPolicy policy = >>> >>>>>>>>>>>>>>> (AuthorizationPolicy)mc.get(AuthorizationPolicy.class); >>> >>>>>>>>>>>>>>> >>> >>>>>>>>>>>>>>> cheers, Sergey >>> >>>>>>>>>>>>>>> >>> >>>>>>>>>>>>>>> >>> >>>>>>>>>>>>>>> >>> >>>>>>>>>>>>>>>> >>> >>>>>>>>>>>>>>>> Hi All, >>> >>>>>>>>>>>>>>>> >>> >>>>>>>>>>>>>>>> I am creating REST application using JAX RS. >>> >>>>>>>>>>>>>>>> >>> >>>>>>>>>>>>>>>> I am using SOAPUI to test the application. >>> >>>>>>>>>>>>>>>> >>> >>>>>>>>>>>>>>>> My Rest needs to receive the Http Basic Authentication >>> from >>> >>>>>>>>>>>>>>>> the >>> >>>>>>>>>>>>>>>> SOAPUI. >>> >>>>>>>>>>>>>>>> >>> >>>>>>>>>>>>>>>> I just want to receive the authentication details like >>> >>>>>>>>>>>>>>>> username,password and >>> >>>>>>>>>>>>>>>> domain in JAX RS method. >>> >>>>>>>>>>>>>>>> >>> >>>>>>>>>>>>>>>> Can anyone give the idea how to get the authentication >>> >>>>>>>>>>>>>>>> details >>> >>>>>>>>>>>>>>>> in >>> >>>>>>>>>>>>>>>> the >>> >>>>>>>>>>>>>>>> parameter of the method. >>> >>>>>>>>>>>>>>> >>> >>>>>>>>>>>>>>> I ended up not needing this, but I experimented with >>> >>>>>>>>>>>>>>> creating >>> >>>>>>>>>>>>>>> an >>> >>>>>>>>>>>>>>> "AuthorizationRequestHandler" class (implements >>> >>>>>>>>>>>>>>> RequestHandler) >>> >>>>>>>>>>>>>>> and >>> >>>>>>>>>>>>>>> putting that in my "jaxrs:providers" list. That >>> requires a >>> >>>>>>>>>>>>>>> "handleRequest(Message message, ClassResourceInfo >>> >>>>>>>>>>>>>>> classResourceInfo)" >>> >>>>>>>>>>>>>>> method, where I can call "AuthorizationPolicy policy = >>> >>>>>>>>>>>>>>> message.get(AuthorizationPolicy.class);". The >>> >>>>>>>>>>>>>>> AuthorizationPolicy >>> >>>>>>>>>>>>>>> contains the username and password. >>> >>>>>>>>>>>>>>> >>> >>>>>>>>>>>>>>> What is not clear to me, however, is where this object >>> is >>> >>>>>>>>>>>>>>> available >>> >>>>>>>>>>>>>>> somehow at the controller level. >>> >>>>>>>>>>>>>>> >>> >>>>>>>>>>>>>>> >>> >>>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> -- >>> >>>>>>>>>>>>>> View this message in context: >>> >>>>>>>>>>>>>> http://old.nabble.com/Http-basic-authentication-in-JAX- >>> RS-tp27416364p27437539.html >>> >>>>>>>>>>>>>> Sent from the cxf-user mailing list archive at >>> Nabble.com. >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> -- >>> >>>>>>>>>>>> View this message in context: >>> >>>>>>>>>>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS- >>> tp27416364p27439212.html >>> >>>>>>>>>>>> Sent from the cxf-user mailing list archive at Nabble.com. >>> >>>>>>>>>>>> >>> >>>>>>>>>>> >>> >>>>>>>>>>> >>> >>>>>>>>>>> >>> >>>>>>>>>> >>> >>>>>>>>>> -- >>> >>>>>>>>>> View this message in context: >>> >>>>>>>>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS- >>> tp27416364p27452426.html >>> >>>>>>>>>> Sent from the cxf-user mailing list archive at Nabble.com. >>> >>>>>>>>>> >>> >>>>>>>>> >>> >>>>>>>>> >>> >>>>>>>> >>> >>>>>>>> -- >>> >>>>>>>> View this message in context: >>> >>>>>>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS- >>> tp27416364p27467082.html >>> >>>>>>>> Sent from the cxf-user mailing list archive at Nabble.com. >>> >>>>>>>> >>> >>>>>>> >>> >>>>>>> >>> >>>>>> >>> >>>>>> -- >>> >>>>>> View this message in context: >>> >>>>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS- >>> tp27416364p27468603.html >>> >>>>>> Sent from the cxf-user mailing list archive at Nabble.com. >>> >>>>>> >>> >>>>>> >>> >>>>> >>> >>>>> >>> >>>> >>> >>>> -- >>> >>>> View this message in context: >>> >>>> http://old.nabble.com/Http-basic-authentication-in-JAX-RS- >>> tp27416364p27469191.html >>> >>>> Sent from the cxf-user mailing list archive at Nabble.com. >>> >>>> >>> >>>> >>> >>> >>> >>> >>> >> >>> >> -- >>> >> View this message in context: >>> >> http://old.nabble.com/Http-basic-authentication-in-JAX-RS- >>> tp27416364p27470023.html >>> >> Sent from the cxf-user mailing list archive at Nabble.com. >>> >> >>> >> >>> > >>> > >>> >>> -- >>> View this message in context: http://old.nabble.com/Http-basic- >>> authentication-in-JAX-RS-tp27416364p27470342.html >>> Sent from the cxf-user mailing list archive at Nabble.com. >> >> > > -- View this message in context: http://old.nabble.com/Http-basic-authentication-in-JAX-RS-tp27416364p27495332.html Sent from the cxf-user mailing list archive at Nabble.com.