HTTP basic authentication through CXF interceptor not working

前端 未结 2 638
别跟我提以往
别跟我提以往 2021-02-08 12:23

I\'m having some trouble setting the HTTP Authorization header for a web service request using Apache CXF. I have my client setup through spring:



        
相关标签:
2条回答
  • 2021-02-08 13:08

    I have almost exactly the same setup as yours but I am putting my interceptor in the PRE_PROTOCOL phase. So far, I have not experienced any problem. You might try that.

    I think POST_PROTOCOL is just too late because too much has already been written to the stream.

    0 讨论(0)
  • 2021-02-08 13:28

    If you are looking to externalize the client and authentication best approach is to setup httpConduit in spring context..

     **in your spring context file...**
    
    <beans xmlns="http://www.springframework.org/schema/beans"
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xmlns:jaxws="http://cxf.apache.org/jaxws"
           ...
    
      <bean id="properties" class="org.apache.camel.spring.spi.BridgePropertyPlaceholderConfigurer">
        <property name="locations">
            <util:list>
                <value>file:${config.dir}/application.properties</value>
            </util:list>
        </property>
        <property name="systemPropertiesModeName" value="SYSTEM_PROPERTIES_MODE_OVERRIDE" />
     </bean>
      ...
      <jaxws:client id="serviceClient" serviceClass="com.your.ServiceClass" address="${webservice.soap.address}" >
        <jaxws:inInterceptors>
            <bean id="loggingInInterceptor" class="org.apache.cxf.interceptor.LoggingInInterceptor" >
                <property name="prettyLogging" value="true" />
            </bean>
        </jaxws:inInterceptors>
        <jaxws:outInterceptors>
            <bean id="loggingOutInterceptor" class="org.apache.cxf.interceptor.LoggingOutInterceptor" >
                <property name="prettyLogging" value="true" />
            </bean>
        </jaxws:outInterceptors>
      </jaxws:client>
      ...
    
    
    applicaiton.properties
    ---------------------
    webservices.http.auth.username=userName
    webservices.http.auth.password=Password
    webservice.soap.address=https://your.service.url/services/service
    

    a) by mentioning the SOAP Address in the name attribute. which your can find in your WSDL

    Ex: if in your WSDL..
        <wsdl-definitions ... targetNamespace="http://your.target.namespace.com/" ...>
        ...
        <wsdl:port binding="tns:YourServiceSoapBinding"
            name="YourServiceImplPort">
            <soap:address location="https://your.service.url/services/service" /> 
    

    Then

    ...
    xmlns:http-conf="http://cxf.apache.org/transports/http/configuration"
    xmlns:sec="http://cxf.apache.org/configuration/security"
    ...
    <http-conf:conduit name="https://your.service.url/services/service">
        <http-conf:authorization>
            <sec:UserName>${webservices.http.auth.username}</sec:UserName>
            <sec:Password>${webservices.http.auth.password}</sec:Password>
            <sec:AuthorizationType>Basic</sec:AuthorizationType>
        </http-conf:authorization>
    </http-conf:conduit>
    

    Or b) name attribute should be {targetNamespace}portName.http_conduit

    <http-conf:conduit name="{http://your.target.namespace.com/}YourServiceImplPort.http_conduit">
        <http-conf:authorization>
            <sec:UserName>${webservices.http.auth.username}</sec:UserName>
            <sec:Password>${webservices.http.auth.password}</sec:Password>
            <sec:AuthorizationType>Basic</sec:AuthorizationType>
        </http-conf:authorization>
    </http-conf:conduit>
    
    0 讨论(0)
提交回复
热议问题