Hi This should be fixed now, however I might need to apply one more fix. Example, given
Authorization: WSSE profile="UsernameToken" one will get a list with 2 elements conatining WSSE and profile="UsernameToken" but I'll have to check if "WSSE profile" constitutes a name part of the http header name/value pair. I could not quite figure out if a ' ' between two tokens such as "WSSE" and "profile" acted as a separator or not. cheers, Sergey -----Original Message----- From: Sergey Beryozkin Sent: Thu 1/7/2010 7:37 AM To: [email protected]; [email protected] Subject: RE: reading header lines Hi John It is a CXF JAX-RS bug, I was certain I fixed the issue with double quotes and with embedded ',' but the reg expression I was so happy with splits it the way you see it when headers contain name/quoted value pairs I'm looking into it. Will try to get the fix into the soon to be released 2.2.6. In meantime you might just want to deal directly with Message.PROTOCOL_HEADERS. Or knowing that in 2.2.5 multiple values are produced out of headers with quoted values then you can just concatenate them back again - this code will work even with the incoming fix. cheers, Sergey -----Original Message----- From: John Klassa [mailto:[email protected]] Sent: Wed 1/6/2010 4:40 PM To: [email protected] Subject: reading header lines [ This may not be a CXF question. If not, my apologies. ] I saw some sample code somewhere, that Daniel posted in response to a question about reading the Authorization header (in the context of HTTP basic authentication). In that code, he made use of something along the lines of: List<String> authLines = headers.getRequestHeader(HttpHeaders.AUTHORIZATION); to read the header value. In my effort to make WSSE UsernameToken work, I was trying to follow this same model.[1] However, I find that while a header of: Authorization: Basic XakgewlkAksadsas== results in authLines having a single element in it, with value "Basic XakgewlkAksadsas==" -- as expected -- sending a header of: Authorization: WSSE profile="UsernameToken" results in authLines having *two* elements in it: Element #1: WSSE profile= Element #2: "UsernameToken" (the first has the "=" in it; the second has the quotes). If I look at the "X-WSSE" header, similarly, it seems to have each key and value split out, with an "=" at the end of each key. So, for example, the part of the X-WSSE header that looks like: Nonce="CE1F325AFFE4D8D53FE6FE2F9CD83B92" comes through as two elements: Element #1: Nonce= Element #2: "CE1F325AFFE4D8D53FE6FE2F9CD83B92" This seems somewhat odd to me. I looked at the docs for getRequestHeader, and it seems to indicate that you get a key and a value -- with no mention that the value is split on the-character-after-"=" and also on ",". Since I'm trying to process this header's contents robustly, I'd like to be sure that this is the normal behavior, and that it's what I need to accommodate. :-) [1] This related to my previous message, about selective authentication, to which Sergey replied. My plan is to get authentication working the brute-force way (to get the details working), then refactor the algorithm into a request handler filter per Sergey's suggestions.
