Support for HTTP Digest authentication, when acting as a client to an external web service ------------------------------------------------------------------------------------------ Key: JBWS-2932 URL: https://jira.jboss.org/jira/browse/JBWS-2932 Project: JBoss Web Services Issue Type: Feature Request Security Level: Public (Everyone can see) Components: jbossws-native Affects Versions: jbossws-metro-3.2.1, jbossws-native-3.2.1, jbossws-cxf-3.2.1 Reporter: Ian Please implement HTTP Digest Authentication when acting as a client to an external web service. I don't mean using WS-Security, just using HTTP authentication in a similar that Basic Authentication is used - using JAX-WS code similar to this: String url = configuration.getString(CONFIG_URL); BindingProvider provider = (BindingProvider)requestInvoker; provider.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, username); provider.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, password); This code works if run as a standalone java client (probably because Metro supports it). However it doesn't work with JBossWS: * Native implementation simply doesn't work at all * Metro implementation has classloading issues when web service calls are made (to do with WS-Addressing I think, I've seen other posts about it). * CXF has the same issues as Metro Given from my reading that the WS-Security work supports Digest authentication, it doesn't seem a difficult task. I'd suggest one of two ways to fix it: 1. Implement it in JBossWS native, OR 2. Fix the classloading issues in Metro and/or CXF so those stacks can be used (given they already support it). -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira