Re: JAX-RS Client implementing a challenge/response authentication

May be I can add a property to support authorization retransmits without WWW-Authenticate Sergey On 25/10/16 12:42, Sergey Beryozkin wrote: Well, WWW-Authenticate is there to indicate to the client that the Authorization needs to be completed, this is standard HTTP. 401 alone can mean

Re: JAX-RS Client implementing a challenge/response authentication

Well, WWW-Authenticate is there to indicate to the client that the Authorization needs to be completed, this is standard HTTP. 401 alone can mean anything, for example, the client password or user name may be wrong, or the server can use 401 for some other reasons related to the access of some

Re: JAX-RS Client implementing a challenge/response authentication

I do have the issue that WrappedOutputStream.processRetransmit is not even triggered, so it does not even reach the authorizationRetransmit method. What might be the issue here? > On 25 Oct 2016, at 13:12, Konrad Windszus wrote: > > This is a 3rd party server I unfortunately

Re: JAX-RS Client implementing a challenge/response authentication

This is a 3rd party server I unfortunately cannot influence. Any way to to modify the WWW-Authorize handling in CXF? Where is the piece of code being responsible for triggering the retransmit evaluating the WWW-Authorize header? Thanks, Konrad > On 25 Oct 2016, at 12:23, Sergey Beryozkin

Re: JAX-RS Client implementing a challenge/response authentication

Hi Why can't the server return WWW-Authenticate ? Cheers, Sergey On 25/10/16 11:04, Konrad Windszus wrote: Thanks for that tip. Unfortunately my custom HttpAuthSupplier is only called once (before the request is triggered). No matter whether I return null or the empty string in my

Re: JAX-RS Client implementing a challenge/response authentication

Thanks for that tip. Unfortunately my custom HttpAuthSupplier is only called once (before the request is triggered). No matter whether I return null or the empty string in my getAuthorization method my HttpAuthSupplier is not called a second time. The reason is that the underlying close method

Re: JAX-RS Client implementing a challenge/response authentication

Hi AFAIK, CXF HttpConduit will attempt a re-transmit if 401 is returned and a custom CXF HttpAuthSupplier is registered. For example, see

JAX-RS Client implementing a challenge/response authentication

I want to call a ReST web service with a JAX-RS client based on CXF. That web service has a custom authentication based on cookies and challenge/response authentication. To get authenticated (i.e. whenever a regular call returns a 401) a dedicated GET request must be issued to get the