[
https://issues.jboss.org/browse/JBWS-2932?page=com.atlassian.jira.plugin....
]
Jim Ma commented on JBWS-2932:
------------------------------
With jbossws-cxf, enable the HTTP Digest needs the set authentication type or the
AuthSupplier in the cxf's Condiut :
HTTPConduit cond = (HTTPConduit)ClientProxy.getClient(requestInvoker).getConduit();
cond.setAuthSupplier(new DigestAuthSupplier());
Support for HTTP Digest authentication, when acting as a client to an
external web service
------------------------------------------------------------------------------------------
Key: JBWS-2932
URL:
https://issues.jboss.org/browse/JBWS-2932
Project: JBoss Web Services
Issue Type: Feature Request
Security Level: Public(Everyone can see)
Components: jbossws-cxf
Affects Versions: jbossws-cxf-3.2.1, jbossws-native-3.2.1, jbossws-metro-3.2.1
Reporter: Ian Ian
Assignee: Jim Ma
Fix For: jbossws-cxf-4.1
Please implement HTTP Digest Authentication when acting as a client to an external web
service. I don't mean using WS-Security, just using HTTP authentication in a similar
that Basic Authentication is used - using JAX-WS code similar to this:
String url = configuration.getString(CONFIG_URL);
BindingProvider provider = (BindingProvider)requestInvoker;
provider.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, username);
provider.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, password);
This code works if run as a standalone java client (probably because Metro supports it).
However it doesn't work with JBossWS:
* Native implementation simply doesn't work at all
* Metro implementation has classloading issues when web service calls are made (to do
with WS-Addressing I think, I've seen other posts about it).
* CXF has the same issues as Metro
Given from my reading that the WS-Security work supports Digest authentication, it
doesn't seem a difficult task. I'd suggest one of two ways to fix it:
1. Implement it in JBossWS native, OR
2. Fix the classloading issues in Metro and/or CXF so those stacks can be used (given
they already support it).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see:
http://www.atlassian.com/software/jira