No problems, thanks for confirming it actually works :-) cheers, Sergey
On Wed, Dec 29, 2010 at 11:29 AM, Ivan Vitoria Sanchez < [email protected]> wrote: > I found an error at client side! Now the header is properly injected. > > Thank you again Sergey. > > Ivan > > > -----Mensaje original----- > De: Sergey Beryozkin [mailto:[email protected]] > Enviado el: miƩrcoles, 29 de diciembre de 2010 10:59 > Para: [email protected] > Asunto: Re: RV: Authorization header in REST Server > > Can you please verify if it is available on the wire ? > As I said I have the test working so if it is not available in your case > then : > - it is not actually sent in the first place > - it's 'consumed' somehow by the container, ex, if you see SecurityContext > being populated then may be we have a case where the container removes this > header during the SecurityContext creation. > > if it is the latter then may be you can debug somehow and see if this > header > still available as HttpServletRequest parameter or property, etc... > > thanks, Sergey > > On Wed, Dec 29, 2010 at 8:39 AM, Ivan Vitoria Sanchez < > [email protected] > > wrote: > > > Having: > > > > @Context HttpHeaders headers; > > > > This field is available but it has only the following request headers: > > host/user-agent/accept-encoding/Content-Type (the list which is returned > by > > headers.getRequestHeader(headers.AUTHORIZATION) is empty) > > > > Regards, > > > > Ivan > > > > > > -----Mensaje original----- > > De: Ivan Vitoria Sanchez [mailto:[email protected]] > > Enviado el: miƩrcoles, 29 de diciembre de 2010 8:56 > > Para: '[email protected]' > > Asunto: RE: Authorization header in REST Server > > > > Hi, > > > > Authorization is still empty in this scenario: > > > > <operation name="getUserByLogin" verb="GET" path="/login"> > > <param name="securityContext" type="CONTEXT" /> > > <param name="authorization" type="HEADER" /> > > </operation> > > > > public ElementWrapper<MobilityUser> getUserByLogin(@Context > > SecurityContext securityContext, String authorization) > > { > > // securityContext.getUserPrincipal().getName() works!; > > .. > > } > > > > > > As you can see I've found another way to get the user (SecurityContext), > > but > > maybe is not the best approach... > > > > Regards, > > > > Ivan > > > > > > > > -----Mensaje original----- > > De: Sergey Beryozkin [mailto:[email protected]] > > Enviado el: martes, 28 de diciembre de 2010 19:39 > > Para: [email protected] > > Asunto: Re: Authorization header in REST Server > > > > Hi > > > > I've added a test verifying it works > > > > http://svn.apache.org/viewvc?view=revision&revision=1053402 (see the > > Modified links) > > > > Here's the relevant parts : > > > > @Test > > public void testGetBook123UserModelAuthorize() throws Exception { > > JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean(); > > bean.setAddress("http://localhost:"; + PORT + > > "/usermodel/bookstore/books"); > > bean.setUsername("Barry"); > > bean.setPassword("password"); > > > > > > > > bean.setModelRef("classpath:org/apache/cxf/systest/jaxrs/resources/resources > > .xml"); > > WebClient proxy = bean.createWebClient(); > > proxy.path("{id}/authorize", 123); > > > > Book book = proxy.get(Book.class); > > assertEquals(123L, book.getId()); > > } > > > > Model : > > > > <operation name="getBookWithAuthorization" verb="GET" > > path="/books/{id}/authorize"> > > <param name="id" type="PATH"/> > > <param name="authorization" type="HEADER"/> > > </operation> > > > > Note that you really do not need to use JAX-RS annotations such as > > HeaderParam if you chose to go with the user model approach. > > > > Can you please confirm this header is actually available on the wire ? > > Additionally - please have > > > > @Context HttpHeaders headers; > > > > in a field and confirm the header is available by querying it inside the > > method body. > > > > hope it helps, Sergey > > > > On Tue, Dec 28, 2010 at 12:42 PM, Ivan Vitoria Sanchez < > > [email protected]> wrote: > > > > > Hi guys, > > > > > > > > > > > > I can't get the Authorization header param in a JAX-RS server. Is > > > @HeaderParam the way? > > > > > > > > > > > > I've configured CXF 2.3.1 with Spring 3. My applicationContext.xml has > > the > > > following jax-rs server bean: > > > > > > > > > > > > <jaxrs:server id="userServer" > > > modelRef="classpath:/WEB-INF/model/UserModel.xml" address="/users"> > > > > > > ... (logging feature, service bean...) > > > > > > </jaxrs:server> > > > > > > > > > > > > UserModel.xml config: > > > > > > > > > > > > <model xmlns="http://cxf.apache.org/jaxrs";> > > > > > > <resource name=" UserRestService" path="/" > > > consumesType="application/xml" producesType="application/xml"> > > > > > > <operation name="getUserByLogin" verb="GET" path="/login"> > > > > > > <param name="authorization" type="HEADER" /> > > > > > > </operation> > > > > > > </resource> > > > > > > </model> > > > > > > > > > > > > Finally, the service implementation: > > > > > > > > > > > > public class UserRestService implements IRestService > > > > > > { > > > > > > public ElementWrapper<MobilityUser> > > > getUserByLogin(@HeaderParam(HttpHeaders.AUTHORIZATION) String > > > authorization) > > > > > > { > > > > > > // authorization is empty at this point... > > > > > > } > > > > > > } > > > > > > > > > > > > > > > > > > I'm sure the Authorization header is sent because i'm also using Spring > > > Security, which allows the request via Basic Authentication. It doesn't > > > work > > > if i disable Spring Security. > > > > > > > > > > > > Thanks in advance, > > > > > > > > > > > > Ivan > > > > > > > > > > > > > > >
