Hi Andy
Can you please apply the following diff to JAXRS20HttpsBookTest
(3.2.0-SNAPSHOT), the server log will show:
Mar 01, 2017 11:30:17 AM
org.apache.cxf.ext.logging.slf4j.Slf4jEventSender send
INFO: REQ_IN
Address: https://localhost:9001/bookstore/securebooks/123
HttpMethod: GET
ExchangeId: 20e428e9-8502-4ef9-b8f5-aaa424f0998d
MessageId: 8cf85830-f855-4ca4-b177-7ea2f139dbfb
Headers: {Authorization=YTpi, Accept=application/xml,
Cache-Control=no-cache, User-Agent=Apache-CXF/3.2.0-SNAPSHOT,
connection=keep-alive, Host=localhost:9001, Pragma=no-cache,
Proxy-Authorization=YTpi, Content-Type=null}
if you are on 3.1.x then
instead of
+import org.apache.cxf.ext.logging.LoggingInInterceptor;
do
+import org.apache.cxf.interceptor.LoggingInInterceptor;
May be it is also an SSL setup issue ? Or does the user confirm no
Proxy-Authorization header is seen in the logs at the proxy server ?
Thanks, Sergey
diff --git
a/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookHttpsServer.java
b/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookHttpsServer.java
index 57a28ef..3bc1fb9 100644
---
a/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookHttpsServer.java
+++
b/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookHttpsServer.java
@@ -19,11 +19,17 @@
package org.apache.cxf.systest.jaxrs.security;
+import java.util.ArrayList;
+import java.util.List;
+
import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.ext.logging.LoggingInInterceptor;
+import org.apache.cxf.interceptor.Interceptor;
import org.apache.cxf.jaxrs.JAXRSServerFactoryBean;
import org.apache.cxf.jaxrs.lifecycle.SingletonResourceProvider;
+import org.apache.cxf.message.Message;
import org.apache.cxf.systest.jaxrs.BookStore;
import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
import org.apache.cxf.testutil.common.TestUtil;
@@ -39,6 +45,9 @@ public class BookHttpsServer extends
AbstractBusTestServerBase {
JAXRSServerFactoryBean sf = new JAXRSServerFactoryBean();
sf.setResourceClasses(BookStore.class);
//default lifecycle is per-request, change it to singleton
+ List<Interceptor<? extends Message>> inInts = new
ArrayList<Interceptor<? extends Message>>();
+ inInts.add(new LoggingInInterceptor());
+ sf.setInInterceptors(inInts);
sf.setResourceProvider(BookStore.class,
new SingletonResourceProvider(new
BookStore()));
sf.setAddress("https://localhost:"; + PORT + "/");
diff --git
a/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRS20HttpsBookTest.java
b/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRS20HttpsBookTest.java
index 68a721f..3ab05e0 100644
---
a/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRS20HttpsBookTest.java
+++
b/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRS20HttpsBookTest.java
@@ -27,10 +27,14 @@ import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
+import javax.ws.rs.client.Invocation;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.MultivaluedHashMap;
+import javax.ws.rs.core.MultivaluedMap;
import org.apache.cxf.common.classloader.ClassLoaderUtils;
+import org.apache.cxf.common.util.Base64Utility;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.ext.logging.LoggingFeature;
import org.apache.cxf.systest.jaxrs.Book;
@@ -70,7 +74,11 @@ public class JAXRS20HttpsBookTest extends
AbstractBusClientServerTestBase {
client.register(new LoggingFeature());
WebTarget target = client.target("https://localhost:"; + PORT +
"/bookstore/securebooks/123");
- Book b =
target.request().accept(MediaType.APPLICATION_XML_TYPE).get(Book.class);
+ MultivaluedMap<String, Object> headers = new
MultivaluedHashMap<String, Object>();
+ headers.add("Authorization",
Base64Utility.encode("a:b".getBytes("UTF-8")));
+ headers.add("Proxy-Authorization",
Base64Utility.encode("a:b".getBytes("UTF-8")));
+
+ Book b =
target.request().headers(headers).accept(MediaType.APPLICATION_XML_TYPE).get(Book.class);
assertEquals(123, b.getId());
}
On 28/02/17 23:29, Andy McCright wrote:
Hi All,
I have a user that is trying to use the JAX-RS Client APIs in WebSphere
Liberty (based on CXF 3.1.8) to make a secured HTTPS request to a remote
server via a secured proxy server using authentication.
Here is a snippet of their code:
MultivaluedMap<String, Object> headers = new
MultivaluedHashMap<String, Object>();
headers.add(AUTH_HEADER_NAME, getAuthorizationHeader());
if (_proxyKey != null) {
headers.add(PROXY_AUTH_HEADER_NAME,
getProxyAuthorizationHeader());
}
MessageResponse msgResponse = _client.target(_endPoint).path(_path)
.queryParam(VERSION, VERSION_DATE)
.request(MediaType.APPLICATION_JSON) // expected response mime type
.headers(headers)
.post(Entity.entity(msgRequest, MediaType.APPLICATION_JSON),
MessageResponse.class);
The request is rejected by the Apache proxy server with a 407 error. Note
that they can send the same request using curl and authentication succeeds,
and the request is successfully sent to the end server through the
proxy.
According to the user, the JAX-RS client does not add a valid
Proxy-Authorization header field to the request.
Is this scenario possible with CXF? Any hints for how to make it work?
Thanks in advance,
Andy
--
Sergey Beryozkin
Talend Community Coders
http://coders.talend.com/
