[jbossws-issues] [JBoss JIRA] (JBWS-2932) Support for HTTP Digest authentication, when acting as a client to an external web service

Jim Ma (JIRA) jira-events at lists.jboss.org
Wed Aug 29 23:22:33 EDT 2012 

    [ https://issues.jboss.org/browse/JBWS-2932?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12714751#comment-12714751 ] 

Jim Ma commented on JBWS-2932:
------------------------------

Tests are added for basic and digest authentication : modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/http/HelloBasicSecTestCase.java and modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/cxf/http/HelloDigestTestCase.java
                
> Support for HTTP Digest authentication, when acting as a client to an external web service
> ------------------------------------------------------------------------------------------
>
>                 Key: JBWS-2932
>                 URL: https://issues.jboss.org/browse/JBWS-2932
>             Project: JBoss Web Services
>          Issue Type: Feature Request
>      Security Level: Public(Everyone can see) 
>          Components: jbossws-cxf
>    Affects Versions:  jbossws-cxf-3.2.1, jbossws-native-3.2.1,  jbossws-metro-3.2.1
>            Reporter: Ian Ian
>            Assignee: Jim Ma
>             Fix For: jbossws-cxf-4.1
>
>
> Please implement HTTP Digest Authentication when acting as a client to an external web service. I don't mean using WS-Security, just using HTTP authentication in a similar that Basic Authentication is used - using JAX-WS code similar to this:
> String url = configuration.getString(CONFIG_URL);
> BindingProvider provider = (BindingProvider)requestInvoker;
> provider.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, username);
> provider.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, password);
> This code works if run as a standalone java client (probably because Metro supports it). However it doesn't work with JBossWS:
> * Native implementation simply doesn't work at all
> * Metro implementation has classloading issues when web service calls are made (to do with WS-Addressing I think, I've seen other posts about it).
> * CXF has the same issues as Metro
> Given from my reading that the WS-Security work supports Digest authentication, it doesn't seem a difficult task. I'd suggest one of two ways to fix it:
> 1. Implement it in JBossWS native, OR
> 2. Fix the classloading issues in Metro and/or CXF so those stacks can be used (given they already support it).

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jbossws-issues mailing list