Hi,
I'm using JaxWsProxyFactoryBean to create clients to connect to a web service
secured with Spring Security. The authentication mechanism used is Basic access
of HTTP. Here's my client code:
// Initialize JAXWS proxy factories
JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
factory.setServiceClass(MyServiceInterface.class);
factory.setAddress("http://localhost:8080/MyWebApp/MyService";);
HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
httpClientPolicy.setAllowChunking(false);
httpClientPolicy.setAutoRedirect(true);
MyServiceInterface proxy = (MyServiceInterface) factory.create();
AuthorizationPolicy authPolicy = new AuthorizationPolicy();
authPolicy.setAuthorizationType("Basic");
authPolicy.setUserName(username);
authPolicy.setPassword(password);
Client myClient = ClientProxy.getClient(proxy);
HTTPConduit httpConduit = (HTTPConduit) myClient.getConduit();
httpConduit.setClient(httpClientPolicy);
httpConduit.setAuthorization(authPolicy);
((BindingProvider) proxy).getRequestContext().put(
BindingProvider.SESSION_MAINTAIN_PROPERTY, true);
// Load truststore
KeyStore truststore = KeyStore.getInstance("JKS");
char[] trustPassword = new char[] { 'c', 'h', 'a', 'n', 'g', 'e', 'i', 't' };
InputStream in = null;
try {
in = this.getClass().getClassLoader()
.getResourceAsStream("trust.jks");
truststore.load(in, tsPassword);
} finally {
if (in != null)
in.close();
}
TrustManagerFactory trustManagerFactory = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(truststore);
TLSClientParameters tlsClientParams = new TLSClientParameters();
tlsClientParams.setTrustManagers(trustManagerFactory.getTrustManagers());
httpConduit.setTlsClientParameters(tlsClientParams);
Then, I call one service method...let's say:
proxy.ping();
On the server side, I see that the request is done to the HTTP URL and then a
redirect is sent back to the client. Then, the server receives the second
request this time to the HTTPS URL as expected and the process continues. The
principal is successfully authenticated, a new session is created and saved and
the request is processed. Also, a cookie named JSESSIONID is sent back to the
client. But, if call the same method another time, all this process is
repeated. The request is sent to the HTTP URL and the redirect has to happen
another time, etc... I expect the redirect to occur for the first request only.
Should I do factory.setAddress("https://localhost:8443/MyWebApp/MyService";) ?
or maybe I'm missing something in the configuration?
Thanks
