[jira] [Commented] (CXF-6741) Apache CXF - Kerberos Authentication Invocation error:

[Colm O hEigeartaigh (JIRA)]

    [ 
https://issues.apache.org/jira/browse/CXF-6741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15091971#comment-15091971
 ] 

Colm O hEigeartaigh commented on CXF-6741:
------------------------------------------


You might find this system test helpful:

https://git-wip-us.apache.org/repos/asf?p=cxf-fediz.git;a=blob;f=systests/kerberos/src/test/java/org/apache/cxf/fediz/integrationtests/KerberosTest.java;h=57c98765dc3c7ddd00c845949121c308b00e9582;hb=HEAD

I'm closing this JIRA as it's not a CXF bug.

> Apache CXF - Kerberos Authentication Invocation error:
> ------------------------------------------------------
>
>                 Key: CXF-6741
>                 URL: https://issues.apache.org/jira/browse/CXF-6741
>             Project: CXF
>          Issue Type: Bug
>            Reporter: Remya Thomas
>
> We have a Restful webservice[developed using Apache CXF] which is protected 
> by kerberos, below are the cxf configurations, <jaxrs:server id="MYServices" 
> address="/">
>               <jaxrs:serviceBeans>
>                       <ref bean="firstServiceImpl" />
>               </jaxrs:serviceBeans>
>               <jaxrs:providers>
>                        <ref bean="kerberosFilter"/>
>                       <ref bean="jsonProvider" />
>                       <ref bean="xmlProvider" />
>               </jaxrs:providers>
>               <jaxrs:extensionMappings>
>                       <entry key="json" value="application/json" />
>                       <entry key="xml" value="application/xml" />
>               </jaxrs:extensionMappings>
>               <jaxrs:inInterceptors>
>                       <ref bean="restInInterceptor" />
>               </jaxrs:inInterceptors>
>               <jaxrs:outFaultInterceptors>
>                       <ref bean="errorOutFaultInterceptor" />
>               </jaxrs:outFaultInterceptors>
>       </jaxrs:server>
>       
>       <bean id="kerberosFilter" 
> class="org.apache.cxf.jaxrs.security.KerberosAuthenticationFilter">
>    <property name="loginContextName" value="spnego-server"/> </bean> Also 
> "spnego-server" from login config which is spnego-client {
>       com.sun.security.auth.module.Krb5LoginModule required; };
> spnego-server {
>       com.sun.security.auth.module.Krb5LoginModule required
>       storeKey=true
>       useKeyTab=true
>       keyTab="FILE:/etc/hellokeytab.keytab"
>       principal=HTTP/hostname.india.com
>       isInitiator=false;
> };
> We have a webapplication which is trying to invoke this kerberos protected 
> webservices, through org.apache.commons.httpclient.HttpClient , but we are 
> getting "401 UnAuthorized Exception" error every time.
> HttpClient httpclient = new HttpClient(); GetMethod get = new 
> GetMethod(resourceURL);
>   get.setRequestHeader(entry.getKey(), value); Since the service is protected 
> by kerberos, i found that we need to set the below as headers in client
> Authorization: Negotiate "the encrypted service ticket"
> But how can we get the "the encrypted service ticket" and set it explicity 
> into HTTPclient headers?
> We are using thirdparty REST clients(Example: Mozilla REST client & Chrome's 
> REST CLIENT) there also , how to set the Authorization Negotiate ?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)