Hi, If it's a https server, you should specify the https url for the address. ------------- Freeman(Yue) Fang
Red Hat, Inc. FuseSource is now part of Red Hat Web: http://fusesource.com | http://www.redhat.com/ Twitter: freemanfang Blog: http://freemanfang.blogspot.com http://blog.sina.com.cn/u/1473905042 weibo: @Freeman小屋 On 2013-1-8, at 下午11:10, Mickael Marrache wrote: > Hi, > > I'm using JaxWsProxyFactoryBean to create clients to connect to a web service > secured with Spring Security. The authentication mechanism used is Basic > access of HTTP. Here's my client code: > > // Initialize JAXWS proxy factories > JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean(); > factory.setServiceClass(MyServiceInterface.class); > factory.setAddress("http://localhost:8080/MyWebApp/MyService";); > > HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy(); > httpClientPolicy.setAllowChunking(false); > httpClientPolicy.setAutoRedirect(true); > > MyServiceInterface proxy = (MyServiceInterface) factory.create(); > > AuthorizationPolicy authPolicy = new AuthorizationPolicy(); > authPolicy.setAuthorizationType("Basic"); > authPolicy.setUserName(username); > authPolicy.setPassword(password); > > Client myClient = ClientProxy.getClient(proxy); > > HTTPConduit httpConduit = (HTTPConduit) myClient.getConduit(); > httpConduit.setClient(httpClientPolicy); > httpConduit.setAuthorization(authPolicy); > ((BindingProvider) proxy).getRequestContext().put( > BindingProvider.SESSION_MAINTAIN_PROPERTY, true); > > // Load truststore > KeyStore truststore = KeyStore.getInstance("JKS"); > char[] trustPassword = new char[] { 'c', 'h', 'a', 'n', 'g', 'e', 'i', 't' }; > InputStream in = null; > try { > in = this.getClass().getClassLoader() > .getResourceAsStream("trust.jks"); > truststore.load(in, tsPassword); > } finally { > if (in != null) > in.close(); > } > > TrustManagerFactory trustManagerFactory = TrustManagerFactory > .getInstance(TrustManagerFactory.getDefaultAlgorithm()); > trustManagerFactory.init(truststore); > > TLSClientParameters tlsClientParams = new TLSClientParameters(); > tlsClientParams.setTrustManagers(trustManagerFactory.getTrustManagers()); > httpConduit.setTlsClientParameters(tlsClientParams); > > Then, I call one service method...let's say: > > proxy.ping(); > > On the server side, I see that the request is done to the HTTP URL and then a > redirect is sent back to the client. Then, the server receives the second > request this time to the HTTPS URL as expected and the process continues. The > principal is successfully authenticated, a new session is created and saved > and the request is processed. Also, a cookie named JSESSIONID is sent back to > the client. But, if call the same method another time, all this process is > repeated. The request is sent to the HTTP URL and the redirect has to happen > another time, etc... I expect the redirect to occur for the first request > only. > > Should I do factory.setAddress("https://localhost:8443/MyWebApp/MyService";) > ? or maybe I'm missing something in the configuration? > > Thanks > >
