I'm trying to consume a restful webservice in java using the Apache Wink framework through my school web proxy requiring authentification
ClientConfig clientConfig = new ClientConfig();
clientConfig.proxyHost("proxy.school.com");
clientConfig.proxyPort(3128);
//nothing to set username and password :(
RestClient client = new RestClient(clientConfig);
Resource resource = client.resource("http://vimeo.com/api/v2/artist/videos.xml");
String response = resource.accept("text/plain").get(String.class);
I've also tried to use the BasicAuthSecurityHandler but it seems to be used to authenticate directly to a web server, not the web proxy
BasicAuthSecurityHandler basicAuthHandler = new BasicAuthSecurityHandler();
basicAuthHandler.setUserName("username");
basicAuthHandler.setPassword("password");
config.handlers(basicAuthHandler);
It still fail with a HTTP 407 error code : Proxy Authentication Required.
I've googled the best I could, nothing came up better to consume a webservice from a Java client through a web proxy, if someone has another idea, feel free to respond
Ok that was pretty hard but I found it ! I logged the HTTP requests that were being made from my browser with Fiddler and found out that the Proxy-Connection and Proxy-Authorization were what I was looking for after reading extensive documentation like RFC 2616 about HTTP/1.1
So I copy-pasted the values that were being sent into my java code :
resource.header("Proxy-Connection", "Keep-Alive");
resource.header("Proxy-Authorization", "Basic encodedString");
where encodedString is what is being sent by my browser : username:password base64 encoded
And it now works perfectly :)
This issue was raised as [1] and has since been resolved with the addition of a ProxyAuthSecurityHandler available to Apache Wink client developers.
[1]: https://issues.apache.org/jira/browse/WINK-292 Apache Wink JIRA issue WINK-292
Related
I am having trouble getting Apache HttpClient 4 to follow SiteMinder AD FS 2.0 authentication through a RADIUS server (securID). I've gotten it to work without the AD FS, but AD FS sends back an autopost with a SAML assertion. I try to pull the parameters myself and post again, but it sends back a message saying something is wrong. The error message is very generic.
The only thing I can see obviously different between how HttpClient works and a browser is the referer is not set during redirects by HttpClient. When watching a browser follow redirects (using Fiddler), the referer header parameter is always set as the previous location. With HttpClient, the referer is not.
Has anyone used Apache HttpClient 4 to authenticate to a SAML / AD FS 2.0 server? Sample code? thanks
I crawled google a lot to find some documentation on the subject but did not find anything.
I am trying to use a kerberos ticket to access a secured server but i get a 401 error.
What i do is add a header with the base64 encoded token before calling the web service
HessianConnection conn = ...
conn.addHeader("Authorization", "Negotiate " + token);
...
conn.sendRequest();
I know that hessian supports Basic auth (HessianProxyFactory => setUser/PWD/BasicAuth), but i m not sure about Spnego/Negotiate.
Note that we managed to setup spnego with cxf in another project (It has HttpAuthSupplierImpl), but this one uses hessian.
Question : is it possible or i am wasting my time ?
Thanks
Actually i checked HTTP traffic server side with wireshark, it seems that headers are correctly sent with this code. So this works and this question can be closed. The ticket is however not correctly recognized but this is another problem ...
I'd like to implement a Java/JSP solution to return a client response to a web server that responded a 401 error to me when I try a wget for a resource.
How do I setup my JSP file to respond to the server with a username and password?
Any help with a simple example would be appreciated.
There's no such thing as wget in java. do you mean the httpurlconnection class? if so, look at the authenticator class in the j2se javadoc.
Or consider apache httpclient which is much more pleasant.
I'm working on creating a simple method that send SOAP request to EWS and it seems everything is OK. But when I run it I get error:
java.net.ProtocolException: Server
redirected too many times (20)
Any ideas why I get this when I try to connect to https://my.exchange.server/ews/Services.wsdl ?
Note: my.exchange.server is just a cover for my real URL
Make sure to enable Basic Authentication on EWS, sorry that's on the server side :).
I am using EWS Java Api http://archive.msdn.microsoft.com/ewsjavaapi and it works fine even cross domains:
ExchangeService service = new ExchangeService();
ExchangeCredentials credentials = new WebCredentials("Administrator#yourdomain.com", "Password",
"yourdomain.com");
service.setCredentials(credentials);
service.setUrl(new URI("http://yourserver/EWS/Exchange.asmx"));
service.setPreAuthenticate(true);
BTW, I am also successfully reaching it with plain SOAP using SoapUI, but the key factor is enabled Basic Authentication, and URL is "http://yourserver/EWS/Exchange.asmx"
Good luck,
Boris
Herndon, VA
I want to create a small java application to copy some wiki content from one server to another. The API is based on the XML-RPC.
Basically I have three methods, login, getPage and putPage. I use Apache HttpClient 3.x and managed to use login to login successfully and getPage to get a page from the old wiki correctly.
Authentication is handled with cookies: I log into the new wiki and some cookies are set on the corresponding httpclient. The doku tells me that one of those cookies is used for authentification.
Then I execute putPage with another POST method on the same httpclient and the server responds with a authentication failure message.
The code sequence goes like this (very reduced):
HttpClient client = new HttpClient();
PostMethod postLogin = createNewPostMethod("login", "user", "pw");
client.executeMethod(postLogin);
// Now I'm logged in and the client definitly has stored the cookies
PostMethod postPutPage = createNewPostMethod("putPage", getPage());
client.executeMethod(postPutPage); // the server won't let me put the page
Should it work like that or do I have to add the cookies manually to the second post method and, if yes, how?
Edit / Solution
With the help of the answers to this question I was able to identify and solve the problem, which was outside of the usage of httpclient. At the end it was a configuration issue on the target wiki side. The answers here helped me to ask the right questions in another forum.
Cookies are handled by HTTPClient by default. You shouldn't have to do anything to have cookies work properly.
Source:
http://www.innovation.ch/java/HTTPClient/getting_started.html#cookies
Edit for Apache HTTP Client:
Apache HTTP Client behaves the same :-)
Here is the source:
http://hc.apache.org/httpclient-3.x/cookies.html
You can set manually cookies with HTTP Client but it will handle correctly cookies created during your connection.
HttpClient supports automatic management of cookies, including allowing the server to set cookies and automatically return them to the server when required. It is also possible to manually set cookies to be sent to the server.
Resources :
Apache HttpClient - cookies
I have historically used this when I wanted to accept cookies with HttpClient
postPutPage.getParams().setCookiePolicy(CookiePolicy.BROWSER_COMPATIBILITY);