将凭证从dotNet客户端传递到Java Web Service

Question

I have a dot net application that call a java web service. I am trying to implement authentication by passing credentials to the java service. Here is the dot net code setting the credentials. How can I get these credentials in my java application? They aren't set in the headers...

 System.Net.NetworkCredential serviceCredentials = new NetworkCredential("user", "pass");
 serviceInstance.Credentials = serviceCredentials;

serviceInstance is an instance of SoapHttpClientProtocol.

I've tried injecting the WebServiceContext like so

@Resource
WebServiceContext wsctx;

and pulling the crentials from the headers but they aren't there.

Answer 1

You are not passing the credentials to your service the correct way. In order to get the Authorize http request header do the following:

// Create the network credentials and assign
// them to the service credentials
NetworkCredential netCredential = new NetworkCredential("user", "pass");
Uri uri = new Uri(serviceInstance.Url);
ICredentials credentials = netCredential.GetCredential(uri, "Basic");
serviceInstance.Credentials = credentials;

// Be sure to set PreAuthenticate to true or else
// authentication will not be sent.
serviceInstance.PreAuthenticate = true;

Note: Be sure to set PreAuthenticate to true or else authentication will not be sent. see this article for more information.

I had to dig-up some old code for this one :)

Update: After inspecting the request/response headers using fiddler as suggested in the comments below a WWW-Authenticate header was missing at the Java Web Service side.

A more elegant way of implementing "JAX-WS Basic authentication" can be found in this article here using a SoapHeaderInterceptor (Apache CXF Interceptors)