stackoom
  简体   繁体   中英

Camel CXF - Security (Authentication)

 原文  2015-12-22 08:47:58       java/ web-services/ http-headers/ apache-camel/ cxf

Question

I created a webservice with apache camel using CXF component as bellow :

blueprint.xml: 

  <bean class="ngtrend.ws.Testws"/>
  <!-- Defined the server endpoint to create the cxf-rs consumer -->
  <cxf:rsServer id="rsServer" address="http://localhost:9050/route"
    serviceClass="ngtrend.ws.Testws"     />
  <camelContext xmlns="http://camel.apache.org/schema/blueprint">
    <route id="timerToLog">
      <from uri="cxfrs://bean://rsServer"/>
      <to uri="bean:ngtrend.ws.HelloBean?method=test(Exchange)"/>
      <log message="${body}"/>
    </route>
  </camelContext>

Testws.java: 

public class Testws {
    @GET
    @Path("/test/{id}")
    @Produces("application/xml")
    //@Consumes("text/xml")
    public Integer getAssets(@PathParam("id") int id){
        return null;
    }
}

and I would like to secure it forcing the customer to send ( or enter on a dialog box if using a browser) login and password (BASIC Http authentication). How can i make this configuration ?

2 answers

solution1
 0  2015-12-22 18:45:16

In CXF framework, restful services authentication can be done by using the following approach: 

<cxf:rsServer id="rsServer" 
              address="http://localhost:9050/route">

    <jaxrs:serviceBeans>
                 <ref bean="serviceBean"/>
        </jaxrs:serviceBeans>

        <jaxrs:providers>
            <ref bean="authenticationHandler"/>
        </jaxrs:providers>  

</cxf:server>


<bean id="serviceBean" class="ngtrend.ws.Testws"/>

<bean id="authenticationHandler" class="yourpackage.Class" />

Create your own handler for authenticationHandler that will implement import org.apache.cxf.jaxrs.ext.RequestHandler . Use the authentication strategy needed in this class , for example authenticate against database etc.. This should allow for basic authentication.

solution2
 0  2016-12-04 15:08:00

You can write a class which implements ContainerRequestFilter. And then set it in the cxf:providers as below: 

<bean id="authenticationHandler" class="a class which implements ContainerRequestFilter" />
<cxf:rsServer id="xxxRsServer"
    address="/xxxservice" serviceClass="xxx.XXXService"
    loggingFeatureEnabled="true" loggingSizeLimit="20">
    <cxf:providers>
        <ref component-id="authenticationHandler"/>
    </cxf:providers>
</cxf:rsServer>

In this way, you could override below method 

public void filter(ContainerRequestContext requestContext)

For example, you could make a simple authentication based on requestContext.getHeaderString("UserPassInfo"). If succeed, do nothing, otherwise call requestContext.abortWith(Response.status(401).header("WWW-Authenticate", "Basic").build());

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Apache CXF authentication + spring security How to configure Camel CXF with Basic authentication Apache Camel v2.12 | CXF Component | Basic Authentication Apache Camel - basic authentication with Spring Security for camel routes StackOverflowError coming when cxf security authentication webservice deployed in jboss 5.0 Spring Security/CXF throws AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext custom interceptor for cxf service to allow spring security authentication camel cxf on wildfly camel cxf request/response Camel With Cxf and Routing
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM