How can I had soap AUTH BASIC auth to a WSDL, so who ever reads the WSDL knows I require that operation for a specific method ?
Using the example bellow I have managed to pass the SOAP basic autentication to the php webservice on the other end.
The PHP.net/Soapclient has a simple working example, but in csharp I found this link to be a solution to my problem.
link
Michaelis.MockService is the Webservice library extracted you may see an example on how to do this in:
link Mono project website.
Michaelis.MockService service = new Michaelis.MockService();
// Create the network credentials and assign
// them to the service credentials
NetworkCredential netCredential = new NetworkCredential(“Inigo.Montoya”, “Ykmfptd”);
Uri uri = new Uri(service.Url);
ICredentials credentials = netCredential.GetCredential(uri, “Basic”);
service.Credentials = credentials;
// Be sure to set PreAuthenticate to true or else
// authentication will not be sent.
service.PreAuthenticate = true;
// Make the web service call.
service.Method();
There is no way to specify this, as far as I know.
Related
I am very new to shiro and keycloak, I don't know how to add JWT configuration into shiro.ini for authenticating user using keycloak as authorization server.
What you are trying to archive with your resource and authorisation server looks like the rfc6749 Implicit Grant. Shiro brings no filter implementation for anything like this out of the box. You might have to write your own custom Filter, Realm, Token, Info, Matcher and Principal for this.
Alternatively there is a oAuth2 Server and Client example on GitHub using Shiro and implementing the mentioned classes. Its outdated but still gives the basic idea what you need to do.
If you don't like to follow the rfc6749 specification you can simply implement an AccessControlFilter and redirect your user to the authorisation server if no bearer is present in the Authorization header of the request. There is already an tutorial on how to achieve this here. In particular you should look at the onAccessDenied code from the examples JWTVerifyingFilter since this is the method where your redirect should take place.
I suggest you follow the buji-pac4j-demo and take a look at the shiro.ini file there. it has a implementations for different web service authentication protocols (including JWT).
I believe this is the relevant snippet:
signingConfig = org.pac4j.jwt.config.signature.SecretSignatureConfiguration
signingConfig.secret = 12345678901234567890123456789012
encryptionConfig = org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration
encryptionConfig.secret = 12345678901234567890123456789012
jwtAuthenticator = org.pac4j.jwt.credentials.authenticator.JwtAuthenticator
jwtAuthenticator.signatureConfiguration = $signingConfig
jwtAuthenticator.encryptionConfiguration = $encryptionConfig
parameterClient = org.pac4j.http.client.direct.ParameterClient
parameterClient.parameterName = token
parameterClient.authenticator = $jwtAuthenticator
parameterClient.supportGetRequest = true
parameterClient.supportPostRequest = false
I tried to send a HttpRest Call using NTLM Autentication in Java. I tried using the org.apache.http library. it was not a big problem to use the HttpClient to send a Post Request with anonymos authentication.
But i have some troubles with WindowsAuthentication. I even tried to use CredentialProvider with my own Windows credentials (as a compromise, i dont like that either) but i didn’t succeed.
Is there an easy way using NTLM Authentication sending post requests from Java code?
Is there another lib which fits better form my needs?
I still have no idea why the doku from https://hc.apache.org/httpcomponents-client-ga/tutorial/html/authentication.html about NTLM Authentication didn’t have worked for me.
I finally solved my problem doing it similar to the documentation for basic authentication as described on http://www.baeldung.com/httpclient-post-http-request
it now looks like this:
...
CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(AuthScope.ANY,
new NTCredentials("username", "passwd", hostname, "domain.at"));
HttpClient client = HttpClientBuilder.create().setDefaultCredentialsProvider(credsProvider).build();
HttpPost post = new HttpPost("http://www.example.com"));
StringEntity input = new StringEntity(bodyAsString, HTTP.UTF_8);
input.setContentType("application/json");
input.setContentEncoding("UTF-8");
post.setEntity(input);
post.setHeader("Accept", "application/json");
post.setHeader("Content-type", "application/json");
HttpResponse response = client.execute(post);
...
I am trying to create a few restful webservices that will add a bit functionality to the company cisco phones. The basic idea is simple, the users get a small client on which they need to enter login and password. When they have done so, their phone/phones are 'registered' to my restful service and they get added functions on their phone. When they log out, they get unregistered. To provide the extra functions (like adjusted caller information etc etc) I need the Cisco AXL API. This is a SOAP based API. I have generated the java classes using the wsdl already. When I make a testclient using the generated classes, all works fine.
But here comes the problem: When I try to run a soap request while my application is deployed on my Tomcat 7 container, it doesn't work anymore.
The problem seems to be the AXLAPIService, which hangs when executing the following piece of code:
#WebEndpoint(name = "AXLPort")
public AXLPort getAXLPort() {
return super.getPort(new QName("http://www.cisco.com/AXLAPIService/", "AXLPort"), AXLPort.class);
}
In other words, i am not getting a port for the soap request and it makes the tomcat crash i f you wait long enough.
I went googling. Somebody on some forum once had a problem because of an out of date stax version. I adjusted the stax version in my POM and tried again, to no help.
I also read somewhere that the underlaying javax.xml.ws.Service actually has an enumeration of ports, and when you do getPort(), you will get the most appropiate port. I then looked up the default port for SOAP and that would be 80, just like the port used for RESTful services. Could it be that the soap service would be wanting port 80, but that it can't have it because it is already in use?
So, to summarize my question:
can it be that my restful services consume the same port that my soap
request would want to use?
if not, what could be the problem then and how should I fix it?
As additional information, this is how the axl wsdl defines the service:
<service name="AXLAPIService">
<port binding="s0:AXLAPIBinding" name="AXLPort">
<soap:address location="https://CCMSERVERNAME:8443/axl/"/>
</port>
I was thinking about changing the soap port myself. Some googling tells me I should do that in the wsdl but I wouldn't really know how. There is post already here but I fail to see how binding another portname could help me out....
As with so many things involving Cisco Telephony and their Administrative XmL (AXL), I found a workaround instead of an actual answer. Since a problem never really leaves my mind, I spent the rest of yesterday trying to find a solution for getting information out of that AXL thing.
Any actual answers to the above questions are still welcome though.
The workaround I found is this: Since SOAP can be seen as a special http POST request, it should be possible to do a SOAP call using a REST framework such as Jersey. You just need some extra code to make it work. I used the 'SoapProvider' from the link and for those who are also wrestling with this, I'll add my code:
public void doSoapRequest() throws SOAPException, JAXBException{
ClientConfig config = new DefaultClientConfig();
config.getClasses().add(SoapProvider.class);
Client c = Client.create(config);
c.addFilter(new LoggingFilter());
c.addFilter(new HTTPBasicAuthFilter("user", "password"));
MessageFactory messageFactory = MessageFactory.newInstance();
SOAPMessage message = messageFactory.createMessage();
SOAPPart soapPart = message.getSOAPPart();
SOAPEnvelope envelope = soapPart.getEnvelope();
SOAPBody body = envelope.getBody();
SOAPElement bodyElement = body.addChildElement(envelope.createName("getCCMVersion", "", "http://www.cisco.com/AXL/API/8.5"));
message.saveChanges();
WebResource service = c.resource("https://youraxlmachine:8443/axl/");
// POST the request
ClientResponse cr = service.type(MediaType.TEXT_XML).header("SOAPAction", "\"https://youraxlmachine:8443/axl/getCCMVersion\"").post(ClientResponse.class, message);
message = cr.getEntity(SOAPMessage.class);
JAXBContext ctx = JAXBContext.newInstance(GetCCMVersionRes.class);
Unmarshaller um = ctx.createUnmarshaller();
GetCCMVersionRes response = (um.unmarshal(message.getSOAPPart().getEnvelope().getBody().extractContentAsDocument(), GetCCMVersionRes.class)).getValue();
System.out.println("HERE COMES THE VERSION!");
System.out.println(response.getReturn().getComponentVersion().getVersion());
}
I have left as many things unchanged as I could, except for the company specific details. This code works for getting the CCM version.
WARNING: Depending on how you perform the request, you might get a different result for the same request. I'll explain:
I have implemented other AXL methods as well, such as getUser. Before I even coding the Jersey soap service, I tried everything with SOAPUI. So I setup the SOAPUI so I could do RESTful requests to the AXL server. Using my restful setup in SOAPUI, I get the same results as I when would do the standard SOAP calls using both SOAPUI and my first implementation of a soapclient in java.
But when I use the jersey client to do the same getUser request, some important fields are missing from the result. I have no clue what could have caused this. For the request getPhone, I dont even get a valid response. So be warned.
I am trying to hit the alfresco rest api using my standalone rest code. i get the login ticket when i use the below url -
"http://host:port/alfresco/service/api/login?u=admin&pw=admin"
and i got the ticket but how do i use this ticket for further communication with alfresco without facing this authentication problem.
below is the code i am using for communicating with the alfresco rest client.
HttpGet getReq = new HttpGet(url);
getReq.addHeader("accept", "application/json");
StringEntity input = new StringEntity(args);
HttpResponse response = client.execute(getReq);
Kind Regards
Garvit Jain
Append the alf_ticket argument to your URL and pass in the ticket you retrieved from the /api/login call. See http://wiki.alfresco.com/wiki/Web_Scripts#Authenticating
I am trying to access a REST web service using HTTP GET request.
For a example following URI provides Rest web service that return all the available parts for the given category.
http://localhost:8080/mycompany/parts/category
I want to authenticate/authorize users who are accessing above REST request in each time and I want to pass User authentication details (User Name and Token) with the HTTP Get Request.
Is there a possibility to cater to the above requirement in REST HTTP GET request (using HTTP header or query parameters)?
or
Is it better to use HTTP POST instead of HTTP GET?
Since you are getting information, you should use "Get". Here's the code that I use (it is Restlet based) for adding the oauth_token to the request...
import org.restlet.data.Reference;
import org.restlet.ext.oauth.OAuthUser;
import org.restlet.representation.Representation;
import org.restlet.resource.ClientResource;
Reference commitsRef = new Reference(Consts.RESOURCE_BASE + "commitments/");
OAuthUser u = (OAuthUser) request.getClientInfo().getUser();
String token = u.getAccessToken();
ref.addQueryParameter("oauth_token", token);
ClientResource commitsResource = new ClientResource(getContext(), commitsRef);
Representation commitsRep = commitsResource.get();
As mentioned, this is Restlet based, but there is probably something similar in the framework you are using. (And if you are not using a framework, Restlet can make this easier).
if you are using restlet than good because restlet have rich api for rest framework
but without this if you want to authenticate than
you can do same thing with GET or POST
but send your credential data trough cookie
and read same cookie using #CookieParam from server side
in this way you can easily authenticate user.