Hi Paul,
I sucessfully wrote a mediator and remote debugged it. The mediator is
called with:
<class name="de.subnatural.synapse.SimpleAuthenticationMediator"/>
in a <sequence> that is referred by a <proxy> entry.
Now come the problems:
> The uid/pw can be extracted like this:
> Map map = (Map) msgCtx.getProperty(MessageContext.TRANSPORT_HEADERS);
1) The Hashmap "properties" in msgCtx is empty so I can´t retrieve any
headers from it.
2) First problem might be an result of the second one. A HTTP client
only sends basic auth username/pw when the server requests them. Synapse
doesn´t request any and so the client sends no authorization headers.
Can I somehow tell Synapse to force basic authentication on the Proxy
Service Endpoint?
Michael
Paul Fremantle schrieb:
Michael
Good question!
So you need to basically write a mediator that grabs the Username from
the MessageContext and then checks it. If it succeeds you can pass the
message on, otherwise you can fault back.
The uid/pw can be extracted like this:
Map map = (Map) msgCtx.getProperty(MessageContext.TRANSPORT_HEADERS);
String tmp = (String) map.get("Authorization");
String username = null;
String password = null;
if (tmp != null) {
tmp = tmp.trim();
}
if (tmp != null && tmp.startsWith("Basic ")) {
tmp = new String(Base64.decode(tmp.substring(6)));
int i = tmp.indexOf(':');
if (i == -1) {
username = tmp;
} else {
username = tmp.substring(0, i);
}
if (i != -1) {
password = tmp.substring(i + 1);
if (password != null && password.equals("")) {
password = null;
}
}
}
You can see how to fault by looking at the fault mediator.
If you've written a mediator before -- or want the challenge -- it
should be pretty straightforward. Would you like to contribute it
back?
If you need help I'll be happy to help out.
Paul
On 1/5/07, Michael Buchholz <[EMAIL PROTECTED]> wrote:
Hi,
first: congratulations to the synapse dev-team for graduating from the
incubator!
second: I´m a little stuck with a feature I need...
I would like to use synapse as a proxy for internal web-services. The
samples show how to achieve this. But in addition to the proxy
functionality I need that all proxy-services require the clients to
authenticate with a username (password is not required...).
Also the authentication if the username is correct or not must be done
by a java class I provide.
Any idea how this can be achieved? HTTPS with basic authentication by a
self written username check java class would be sufficient...
Michael
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
