There's been a couple people having issues with basic auth lately.
Unfortunately, I haven't been able to reproduce any of it. :-(
I THINK it's a client side thing. To check, wireshark the tcp socket
and see if there is an Authorization HTTP header. If not, it's a
client side issue. That said, the simple cases I've done all have
worked fine. The header is there. My gut feeling says there is some
spring config thing or policy thing or similar that is causing a
conflict and is causing the header to no be written. I'll probably
need a fairly detailed test case (client side + wsdl would be fine for
now, shouldn't need server side stuff) that has all the configs, code,
etc... I've tried several things and I'm always seeing the header,
but I'm definitely not familiar enough with the policy stuff to get that
completely configured to see if that's the issue.
Dan
On Friday 31 August 2007, Chris Campbell wrote:
> Yes, http, and CXFServlet is running in Tomcat 5.5
>
> Fred Dushin wrote:
> > Just to be sure, are you using HTTP?
> >
> > Also, are you using the Jetty HTTP destination on the server side,
> > or Tomcat?
> >
> > On Aug 31, 2007, at 1:13 PM, Chris Campbell wrote:
> >> The AuthorizationPolicy is null in the server interceptor.
> >>
> >> Now my client does this
> >>
> >> BindingProvider bp = (BindingProvider)client;
> >> java.util.Map<String, Object> context = bp.getRequestContext();
> >> context.put(javax.xml.ws.BindingProvider.USERNAME_PROPERTY,
> >> "foouser");
> >> context.put(javax.xml.ws.BindingProvider.PASSWORD_PROPERTY,
> >> "foopass");
> >>
> >> My server interceptor does this (it is a Phase.USER_LOGICAL in
> >> interceptor)
> >>
> >> // policy is always null here...
> >> AuthorizationPolicy policy =
> >> message.get(AuthorizationPolicy.class); String username =
> >> policy.getUserName();
> >> String password = policy.getPassword();
> >>
> >> Thanks.
> >>
> >> Daniel Kulp wrote:
> >>> On Thursday 30 August 2007, Chris Campbell wrote:
> >>>> On client I have:
> >>>>
> >>>> java.util.Map<String, Object> context =
> >>>> ((javax.xml.ws.BindingProvider)client).getRequestContext();
> >>>> context.put("username", "chris");
> >>>> context.put("password", "foobar");
> >>>>
> >>>> How do I access that context on the server side in my
> >>>> interceptor? I cannot seem to find where it is in the Message
> >>>> object, or am I horribly misunderstanding something?
> >>>
> >>> With those keys, they wouldn't get to the server. You would
> >>> need to use the BindingProvider.* keys.
> >>>
> >>> On the server side in an interceptor, you should be able to do:
> >>> AuthorizationPolicy policy =
> >>> message.get(AuthorizationPolicy.class);
--
J. Daniel Kulp
Principal Engineer
IONA
P: 781-902-8727 C: 508-380-7194
[EMAIL PROTECTED]
http://www.dankulp.com/blog
