How to dynamically set Basic Authentication username and password for CXF SOAP client

Mon, 08 Jun 2015 14:30:30 -0700 

Hi

I created a web service with an interceptor for Basic Authentication:

public class BasicAuthorizationInterceptor extends SoapHeaderInterceptor {
    protected static final Logger logger =
LoggerFactory.getLogger(BasicAuthorizationInterceptor.class);

    private WhitePagesBf whitePagesBf;

    @Override
    public void handleMessage(Message message) throws Fault {
        AuthorizationPolicy policy = message.get(AuthorizationPolicy.class);

        if (policy == null) {
            sendErrorResponse(message, HttpURLConnection.HTTP_UNAUTHORIZED);
            return;
        }

        if (!authenticate(policy.getUserName(), policy.getPassword())) {
            logger.warn("Invalid username or password for user: " +
policy.getUserName());
            sendErrorResponse(message, HttpURLConnection.HTTP_FORBIDDEN);
        }
    }

    private boolean authenticate(String userName, String password) {
      ...
    }

    private void sendErrorResponse(Message message, int responseCode) {
        Message outMessage = getOutMessage(message);
        outMessage.put(Message.RESPONSE_CODE, responseCode);

        Map responseHeaders = (Map) message.get(Message.PROTOCOL_HEADERS);
        if (responseHeaders != null) {
            responseHeaders.put("WWW-Authenticate", Arrays.asList(new
String[]{"Basic realm=realm"}));
            responseHeaders.put("Content-length", Arrays.asList(new
String[]{"0"}));
        }
        message.getInterceptorChain().abort();
        try {
            getConduit(message).prepare(outMessage);
            close(outMessage);
        } catch (IOException e) {
            logger.warn(e.getMessage(), e);
        }
    }

    private Message getOutMessage(Message inMessage) {
        Exchange exchange = inMessage.getExchange();
        Message outMessage = exchange.getOutMessage();
        if (outMessage == null) {
            Endpoint endpoint = exchange.get(Endpoint.class);
            outMessage = endpoint.getBinding().createMessage();
            exchange.setOutMessage(outMessage);
        }
        outMessage.putAll(inMessage);
        return outMessage;
    }

    private Conduit getConduit(Message inMessage) throws IOException {
        Exchange exchange = inMessage.getExchange();
        EndpointReferenceType target =
exchange.get(EndpointReferenceType.class);
        Conduit conduit =
exchange.getDestination().getBackChannel(inMessage, null, target);
        exchange.setConduit(conduit);
        return conduit;
    }

    private void close(Message outMessage) throws IOException {
        OutputStream os = outMessage.getContent(OutputStream.class);
        os.flush();
        os.close();
    }

    public void setWhitePagesBf(WhitePagesBf whitePagesBf) {
        this.whitePagesBf = whitePagesBf;
    }

    public WhitePagesBf getWhitePagesBf() {
        return whitePagesBf;
    }
}

I'm trying to invoke this web service setting the username and password
like this:

            ((BindingProvider)
client).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
username);
            ((BindingProvider)
client).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
password);

But when I invoke in the Interceptor the policy Object is null.

Any ideas?

Regards,

Néstor

Reply via email to