[esb-issues] [JBoss JIRA] Commented: (JBESB-3022) It is not possible to use different credentials on the input of the service and on the SOAPProxy that invokes the proxied service

Keith Babo (JIRA) jira-events at lists.jboss.org
Fri Oct 29 13:51:54 EDT 2010 

    [ https://jira.jboss.org/browse/JBESB-3022?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12560351#action_12560351 ] 

Keith Babo commented on JBESB-3022:
-----------------------------------

Running with Kevin's suggestion here.  I have updated your project to include a RemoveAuthHeader action in the action chain that demonstrates how existing HTTP auth information can be removed.  I tested this with your scenario where source and target have same auth configuration but the HttpClient configuration specifies incorrect credentials as an override.  This fails as expected with the RemoveAuthHeader action in the chain.  I then tested a scenario where the source and target have different auth configuration and used the HttpClient configuration to specify the different user/pass for the target web service.  This passed as expected with the RemoveAuthHeader action in the chain.

See attachment (wsp_diffauth2.zip).

> It is not possible to use different credentials on the input of the service and on the SOAPProxy that invokes the proxied service
> ---------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: JBESB-3022
>                 URL: https://jira.jboss.org/browse/JBESB-3022
>             Project: JBoss ESB
>          Issue Type: Feature Request
>      Security Level: Public(Everyone can see) 
>          Components: Web Services
>    Affects Versions: 4.7
>            Reporter: Jiri Pechanec
>         Attachments: soapproxy-diffauth.zip
>
>
> There is a use case - I have a secured ESB service using HTTPS/BASIC auth invoking invoking secured HTTPS/BASIC auth web service via SOAPProxy. If the credentials are passed from the client then everything works correctly. But if I have different credentials required for ESB client and different credentials are required by proxied Web Service then I use property <property name="clientCredentialsRequired" value="false" /> to set static credentials for proxied web service.
> This property works correctly if the ESB service is unsecured. Unfortunately if it is secured then probably the credentials stored in HTTP header stored in ESB message overwrites the static credentials set by the SOAPProxy action.
> The attached example is modified webservice_proxy_secure QS and has static credentials set to wrong values - so proxied web service should not be invoked. But if ant runtest is executed then the wrong credentials are not used.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the esb-issues mailing list