Hi, I don't find configuration regarding authorization cache in CXFAuthenticator and URLConnectionHTTPConduit, but would like to ask Dan to be 100% sure. Patch from you is also always welcome.
Regards, Andrei. From: wanglilai [mailto:[email protected]] Sent: Dienstag, 15. Januar 2013 17:41 To: Andrei Shakirin Subject: Re:RE: CXF client to support multi-user Hi Andrei, Thanks for looking into this. I just found the root cause, this is NTLM specific problem, since it's connection based, Authorization header is not used at all, instead HTTPUrlConnections delegates connection to sun.net.www.protocol.https.HttpsURLConnectionImpl which is getting serverAuthorization via java.net.Authenticator. requestPasswordAuthentication(), and then maintain authorization info in sun.net.www.protocol.http.AuthCacheValue.cache, however the cacheKey comprises of host/port/protocol/realm which is the same for two of my requests. My workaround is to disable the cache by overriding sun.net.www.protocol.http.AuthCacheValue.cache, if CXF can provide some configuration ability regarding the auth cache, it would be great. Thanks, -Roger At 2013-01-14 17:25:40,"Andrei Shakirin" <[email protected]<mailto:[email protected]>> wrote: >Hi, > >Cannot reproduce your problem under CXF 2.7.X. > >The code: > JaxWsProxyFactoryBean factory1 = new JaxWsProxyFactoryBean(); > factory1.getInInterceptors().add(new LoggingInInterceptor()); > factory1.getOutInterceptors().add(new LoggingOutInterceptor()); > factory1.setAddress("http://localhost:9001/helloWorld";); > HelloWorld hello1 = factory1.create(HelloWorld.class); > org.apache.cxf.endpoint.Client client1 = ClientProxy.getClient(hello1); > HTTPConduit conduit1 = (HTTPConduit)client1.getConduit(); > conduit1.getAuthorization().setAuthorizationType("NTLM"); > conduit1.getAuthorization().setUserName("XXXuser12"); > conduit1.getAuthorization().setPassword("XXXpwd12"); > > JaxWsProxyFactoryBean factory2 = new JaxWsProxyFactoryBean(); > factory2.getInInterceptors().add(new LoggingInInterceptor()); > factory2.getOutInterceptors().add(new LoggingOutInterceptor()); > factory2.setAddress("http://localhost:9001/helloWorld";); > HelloWorld hello2 = factory2.create(HelloWorld.class); > org.apache.cxf.endpoint.Client client2 = ClientProxy.getClient(hello2); > HTTPConduit conduit2 = (HTTPConduit)client2.getConduit(); > conduit2.getAuthorization().setAuthorizationType("NTLM"); > conduit2.getAuthorization().setUserName("YYYuser22"); > conduit2.getAuthorization().setPassword("YYYpwd22"); > > System.out.println(hello1.sayHi("World")); > System.out.println(hello2.sayHi("World")); > >Sends different Authorization header for each request and use different >conduits as well as HTTPUrlConnections. >Which CXF version do you use? > >Cheers, >Andrei. > >> -----Original Message----- >> From: wanglilai [mailto:[email protected]] >> Sent: Freitag, 11. Januar 2013 17:01 >> To: [email protected]<mailto:[email protected]> >> Subject: CXF client to support multi-user >> >> Hi, >> >> I am using CXF client to connect to Exchange WebService, and I need to >> support multiple users in the runtime. >> >> I did something like this: >> >> .... >> >> JaxWsProxyfactoryBean factory1 = new JaxWsProxyfactoryBean(); >> >> factory1.setServiceClass(exchangeServicePortType.class); >> >> factory1.setAddress(url); >> >> exchangeServicePortType exchangeService1 = >> (exchangeServicePortType) factory1 >> >> .create(); >> >> Client proxy = ClientProxy.getClient(exchangeService1); >> >> HTTPconduit conduit1 = (HTTPconduit) proxy.getconduit(); >> >> ...... >> >> conduit1.getAuthorization().setAuthorizationType("NTLM"); >> >> conduit1.getAuthorization().setUserName(userName1); >> >> conduit1.getAuthorization().setPassword(password1); >> >> exchangeService1.getItem(....); >> >> >> >> >> >> JaxWsProxyfactoryBean factory2 = new >> JaxWsProxyfactoryBean(); >> >> factory2.setServiceClass(exchangeServicePortType.class); >> >> factory2.setAddress(url); >> >> exchangeServicePortType exchangeService2 = >> (exchangeServicePortType) factory2 >> >> .create(); >> >> Client proxy = ClientProxy.getClient(exchangeService2); >> >> HTTPconduit conduit2 = (HTTPconduit) proxy.getconduit(); >> >> >> >> ...... >> >> conduit2.getAuthorization().setAuthorizationType("NTLM"); >> >> conduit2.getAuthorization().setUserName(userName2); >> >> conduit2.getAuthorization().setPassword(password2); >> >> exchangeService2.getItem(....); >> >> >> >> Basically I created 2 services with different username/password, I am >> expecting the CXF client to use different credentials for 2 requests, but I >> found out it's always using the same credential(userName1/password1), >> even on 2nd request. As I know NTLM is connection based, the CXF will >> create a new HttpURLConnection per request. However HttpURLConnection >> instances could share the underlying network connection. >> >> Much appreciated if there is any workaround to solve my multi-user case. >> >> >> >> Thanks, >> >> -Roger
