I found an error at client side! Now the header is properly injected. Thank you again Sergey.
Ivan -----Mensaje original----- De: Sergey Beryozkin [mailto:[email protected]] Enviado el: miƩrcoles, 29 de diciembre de 2010 10:59 Para: [email protected] Asunto: Re: RV: Authorization header in REST Server Can you please verify if it is available on the wire ? As I said I have the test working so if it is not available in your case then : - it is not actually sent in the first place - it's 'consumed' somehow by the container, ex, if you see SecurityContext being populated then may be we have a case where the container removes this header during the SecurityContext creation. if it is the latter then may be you can debug somehow and see if this header still available as HttpServletRequest parameter or property, etc... thanks, Sergey On Wed, Dec 29, 2010 at 8:39 AM, Ivan Vitoria Sanchez <[email protected] > wrote: > Having: > > @Context HttpHeaders headers; > > This field is available but it has only the following request headers: > host/user-agent/accept-encoding/Content-Type (the list which is returned by > headers.getRequestHeader(headers.AUTHORIZATION) is empty) > > Regards, > > Ivan > > > -----Mensaje original----- > De: Ivan Vitoria Sanchez [mailto:[email protected]] > Enviado el: miƩrcoles, 29 de diciembre de 2010 8:56 > Para: '[email protected]' > Asunto: RE: Authorization header in REST Server > > Hi, > > Authorization is still empty in this scenario: > > <operation name="getUserByLogin" verb="GET" path="/login"> > <param name="securityContext" type="CONTEXT" /> > <param name="authorization" type="HEADER" /> > </operation> > > public ElementWrapper<MobilityUser> getUserByLogin(@Context > SecurityContext securityContext, String authorization) > { > // securityContext.getUserPrincipal().getName() works!; > .. > } > > > As you can see I've found another way to get the user (SecurityContext), > but > maybe is not the best approach... > > Regards, > > Ivan > > > > -----Mensaje original----- > De: Sergey Beryozkin [mailto:[email protected]] > Enviado el: martes, 28 de diciembre de 2010 19:39 > Para: [email protected] > Asunto: Re: Authorization header in REST Server > > Hi > > I've added a test verifying it works > > http://svn.apache.org/viewvc?view=revision&revision=1053402 (see the > Modified links) > > Here's the relevant parts : > > @Test > public void testGetBook123UserModelAuthorize() throws Exception { > JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean(); > bean.setAddress("http://localhost:"; + PORT + > "/usermodel/bookstore/books"); > bean.setUsername("Barry"); > bean.setPassword("password"); > > > bean.setModelRef("classpath:org/apache/cxf/systest/jaxrs/resources/resources > .xml"); > WebClient proxy = bean.createWebClient(); > proxy.path("{id}/authorize", 123); > > Book book = proxy.get(Book.class); > assertEquals(123L, book.getId()); > } > > Model : > > <operation name="getBookWithAuthorization" verb="GET" > path="/books/{id}/authorize"> > <param name="id" type="PATH"/> > <param name="authorization" type="HEADER"/> > </operation> > > Note that you really do not need to use JAX-RS annotations such as > HeaderParam if you chose to go with the user model approach. > > Can you please confirm this header is actually available on the wire ? > Additionally - please have > > @Context HttpHeaders headers; > > in a field and confirm the header is available by querying it inside the > method body. > > hope it helps, Sergey > > On Tue, Dec 28, 2010 at 12:42 PM, Ivan Vitoria Sanchez < > [email protected]> wrote: > > > Hi guys, > > > > > > > > I can't get the Authorization header param in a JAX-RS server. Is > > @HeaderParam the way? > > > > > > > > I've configured CXF 2.3.1 with Spring 3. My applicationContext.xml has > the > > following jax-rs server bean: > > > > > > > > <jaxrs:server id="userServer" > > modelRef="classpath:/WEB-INF/model/UserModel.xml" address="/users"> > > > > ... (logging feature, service bean...) > > > > </jaxrs:server> > > > > > > > > UserModel.xml config: > > > > > > > > <model xmlns="http://cxf.apache.org/jaxrs";> > > > > <resource name=" UserRestService" path="/" > > consumesType="application/xml" producesType="application/xml"> > > > > <operation name="getUserByLogin" verb="GET" path="/login"> > > > > <param name="authorization" type="HEADER" /> > > > > </operation> > > > > </resource> > > > > </model> > > > > > > > > Finally, the service implementation: > > > > > > > > public class UserRestService implements IRestService > > > > { > > > > public ElementWrapper<MobilityUser> > > getUserByLogin(@HeaderParam(HttpHeaders.AUTHORIZATION) String > > authorization) > > > > { > > > > // authorization is empty at this point... > > > > } > > > > } > > > > > > > > > > > > I'm sure the Authorization header is sent because i'm also using Spring > > Security, which allows the request via Basic Authentication. It doesn't > > work > > if i disable Spring Security. > > > > > > > > Thanks in advance, > > > > > > > > Ivan > > > > > > > > >
