Hello All,
I've been developing a RESTful web service by extending
CXFNonSpringJaxrsServlet and running in Tomcat 7. Configured in web.xml
is a jaxrs.inInterceptors init-param for an authorization class set to
run in the RECEIVE phase. All development so far has been within eclipse
using WebClient for testing and going well. Getting the
AuthorizationPolicy from the Message passed in to handleMessage(...)
in my AuthorizationInterceptor (based on code at
http://chrisdail.com/download/BasicAuthAuthorizationInterceptor.java)
was working perfectly in my local development environment. Then I
started testing from a browser thru a web server configured to route
https requests to my WS. The request always arrives with the
Authorization header missing making the AuthorizationPolicy null. A 401
is returned by my interceptor and immediately followed by a request
with the Authorization header and everything works fine.
I've seen several entries inquiring about the same or similar situation,
but have not seen or found a solution. Does anyone have a clue as to why
this is happening and/or how to deal with it? ...Thanks, Gary
