Hi Hermann
On 22/12/14 11:35, Hermann Angstl wrote:
I'd like to sign HTTP Requests (similar to this
https://tools.ietf.org/html/draft-ietf-oauth-signed-http-request-00).
Therefore I need access to HTTP-Header fields like "Content-Length", "Host", "Date",
"User-Agent", etc.
I tried using ClientRequestFilter, WriterInterceptor and
AbstractPhaseInterceptor (with a very late phase (Phase.SEND)) to implement
this functionality - but it seems the HTTP Headers are set very late - and are
out of my reach.
All I get in the PROTOCOL_HEADERS is "Content-Type" and "Accept".
Does CXF provide a functionality to have access to this kind of information (in
an interceptor)?
Wheather or not my use case makes sense - imho it generally would be nice to
have this functionality ;-)
Most of these headers can be set from the filter itself, or from
HttpConduit, for example, I've checked an HttpClientPolicy class, and it
supports setting headers like Host, Connection, etc... User-Agent can be
set from a filter if preferred.
Content-Length can be set too if an entity is byte[] or if the entity
out stream is cached - in the latter case you'd check the cached content
length, set Content-Length, and only then write the cached entity bytes
out. You may still need to disable the chunked encoding though to ensure
the low-level transport mechanism does not interfere if the chunked
encoding is enabled...
So basically pretty much any HTTP Header can be set from the code -
however in some cases in can be problematic, for example, if you send a
1MB PDF then caching it in order to get Content-Length in advance won;t
be effective; may be not an issue if the payloads are generally small...
FYI I've also asked for the clarifications be added to the draft re
which headers can be dropped during the signing process
Thanks, Sergey
cheers,
Hermann
