[jbossws-issues] [JBoss JIRA] (JBWS-2932) Support for HTTP Digest authentication, when acting as a client to an external web service

Support for HTTP Digest authentication, when acting as a client to an external web service ------------------------------------------------------------------------------------------ Key: JBWS-2932 URL: https://issues.jboss.org/browse/JBWS-2932 Project: JBoss Web Services Issue Type: Feature Request Security Level: Public(Everyone can see) Components: jbossws-cxf Affects Versions: jbossws-cxf-3.2.1, jbossws-native-3.2.1, jbossws-metro-3.2.1 Reporter: Ian Ian Assignee: Jim Ma Fix For: jbossws-cxf-4.1 Please implement HTTP Digest Authentication when acting as a client to an external web service. I don't mean using WS-Security, just using HTTP authentication in a similar that Basic Authentication is used - using JAX-WS code similar to this: String url = configuration.getString(CONFIG_URL); BindingProvider provider = (BindingProvider)requestInvoker; provider.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, username); provider.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, password); This code works if run as a standalone java client (probably because Metro supports it). However it doesn't work with JBossWS: * Native implementation simply doesn't work at all * Metro implementation has classloading issues when web service calls are made (to do with WS-Addressing I think, I've seen other posts about it). * CXF has the same issues as Metro Given from my reading that the WS-Security work supports Digest authentication, it doesn't seem a difficult task. I'd suggest one of two ways to fix it: 1. Implement it in JBossWS native, OR 2. Fix the classloading issues in Metro and/or CXF so those stacks can be used (given they already support it).