New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Webservice Basic Auth not working #423

Closed
chokdee opened this Issue Jun 28, 2018 · 3 comments

Comments

Projects
None yet
3 participants
@chokdee

chokdee commented Jun 28, 2018

I have tried to setup the basic authentification for the webservice client. But it doesn't seems to work

<bean id="basicAuthClient" class="org.springframework.ws.transport.http.HttpComponentsMessageSender">
      <property name="authScope">
         <bean class="org.apache.http.auth.AuthScope">
            <constructor-arg value="localhost"/>
            <constructor-arg value="6666"/>
            <constructor-arg value=""/>
            <constructor-arg value="basic"/>
         </bean>
      </property>
      <property name="credentials">
         <bean class="org.apache.http.auth.UsernamePasswordCredentials">
            <constructor-arg value="username"/>
            <constructor-arg value="password"/>
         </bean>
      </property>
   </bean>

   <citrus-ws:client id="webServiceClient"
                     timeout="1000"
                     message-sender="basicAuthClient"
                     request-url="http://localhost:6666/endpoint"/>

Gives me a 401.
The request log on the server do not show the username so it isn't send.

If I try it like this:

<send>
...
<header><element name="citrus_http_Authorization" value="citrus:concat('Basic ', citrus:encodeBase64('username:password'))"/></header>

it's working

@christophd christophd added this to the v2.7.7 milestone Jul 10, 2018

@svettwer svettwer self-assigned this Jul 10, 2018

@svettwer

This comment has been minimized.

Show comment
Hide comment
@svettwer

svettwer Jul 11, 2018

Member

Hi @chokdee !
I traced down the issue to the line where the request is sent.
The WebServiceMessageSender is configured in the WebServiceTemplate as it should.

I also checked the documentation of spring ws just to be sure that the API is used correctly.

It seems that the issue is related to the AuthScope bean.
What you've in place (and what the documentation states) is:

<bean class="org.apache.http.auth.AuthScope">
  <constructor-arg value="localhost"/>
  <constructor-arg value="6666"/>
  <constructor-arg value=""/>
  <constructor-arg value="basic"/>
</bean>

This leads to a configuration, where the realm is set to "" instead of being applied to any realm. If you want to authenticate against any realm, you should use the following config.

<bean class="org.apache.http.auth.AuthScope">
  <constructor-arg value="localhost"/>
  <constructor-arg value="6666"/>
  <constructor-arg><null /></constructor-arg>
  <constructor-arg value="basic"/>
</bean>

This bean injects a null value for the realm property into the AuthScope constructor and enables the authentication against any realm.

If you don't need a scope at all, you could just drop the whole AuthScope bean. This will enable the authentication against any endpoint.

Nevertheless, one should alter the documentation so that it does not lead to this issue.

BR,
Sven

Member

svettwer commented Jul 11, 2018

Hi @chokdee !
I traced down the issue to the line where the request is sent.
The WebServiceMessageSender is configured in the WebServiceTemplate as it should.

I also checked the documentation of spring ws just to be sure that the API is used correctly.

It seems that the issue is related to the AuthScope bean.
What you've in place (and what the documentation states) is:

<bean class="org.apache.http.auth.AuthScope">
  <constructor-arg value="localhost"/>
  <constructor-arg value="6666"/>
  <constructor-arg value=""/>
  <constructor-arg value="basic"/>
</bean>

This leads to a configuration, where the realm is set to "" instead of being applied to any realm. If you want to authenticate against any realm, you should use the following config.

<bean class="org.apache.http.auth.AuthScope">
  <constructor-arg value="localhost"/>
  <constructor-arg value="6666"/>
  <constructor-arg><null /></constructor-arg>
  <constructor-arg value="basic"/>
</bean>

This bean injects a null value for the realm property into the AuthScope constructor and enables the authentication against any realm.

If you don't need a scope at all, you could just drop the whole AuthScope bean. This will enable the authentication against any endpoint.

Nevertheless, one should alter the documentation so that it does not lead to this issue.

BR,
Sven

svettwer added a commit that referenced this issue Jul 11, 2018

svettwer added a commit that referenced this issue Jul 11, 2018

@svettwer svettwer added TO REVIEW and removed Type: Bug labels Jul 12, 2018

@svettwer svettwer referenced this issue Jul 12, 2018

Merged

Bugfix/423 #433

@svettwer svettwer removed the READY label Jul 12, 2018

@chokdee

This comment has been minimized.

Show comment
Hide comment
@chokdee

chokdee Jul 13, 2018

Thank you

chokdee commented Jul 13, 2018

Thank you

@svettwer

This comment has been minimized.

Show comment
Hide comment
@svettwer

svettwer Jul 30, 2018

Member

Merged #433 with updated documentation.

Member

svettwer commented Jul 30, 2018

Merged #433 with updated documentation.

@svettwer svettwer closed this Jul 30, 2018

@svettwer svettwer removed the TO REVIEW label Jul 30, 2018

svettwer added a commit that referenced this issue Jul 30, 2018

(#423) Fixed documentation
(cherry picked from commit 8357848)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment