...
Please also see Asynchronous HTTP Conduit for more information on NTLM.
Proxy Authentication
Proxy authentication can be configured as follows.
Code Block |
---|
<conduit name="{http://example.com/}HelloWorldServicePort.http-conduit"
xmlns:sec="http://cxf.apache.org/configuration/security"
xmlns="http://cxf.apache.org/transports/http/configuration">
<proxyAuthorization>
<sec:UserName>myuser</sec:UserName>
<sec:Password>mypasswd</sec:Password>
</proxyAuthorization>
<client AllowChunking="false" ProxyServer="localhost" ProxyServerPort="8080" />
</conduit> |
This works over HTTPS and HTTPS, but note for the latter it is necessary to set the following system property (see here for more information "Disable Basic authentication for HTTPS tunneling"):
Code Block |
---|
-Djdk.http.auth.tunneling.disabledSchemes= |
Configuring SSL Support
When using an "https" URL, CXF will, by default, use the certs and keystores that are part of the JDK. For many HTTPs applications, that is enough and no configuration is necessary. However, when using custom client certificates or self signed server certificates or similar, you may need to specifically configure in the keystores and trust managers and such to establish the SSL connection.
...
The http-conf:conduit
element has a number of child elements that specify configuration information. They are described below. See also Sun's JSSE Guide for more information on configuring SSL.
Element | Description |
---|---|
| Specifies the HTTP connection properties such as timeouts, keep-alive requests, content types, etc. |
| Specifies the the parameters for configuring the basic authentication method that the endpoint uses preemptively. |
| Specifies the parameters for configuring basic authentication against outgoing HTTP proxy servers. |
| Specifies the parameters used to configure SSL/TLS. |
| Specifies the bean reference or class name of the object that supplies the authentication information used by the endpoint both preemptively or in response to a 401 HTTP challenge. |
| Specifies the bean reference or class name of the object that checks the HTTP(S) URLConnection object in order to establish trust for a connection with an HTTPS service provider before any information is transmitted. |
The client
element
The http-conf:client
element is used to configure the non-security properties of a client's HTTP connection. Its attributes, described below, specify the connection's properties.
Attribute | Description |
---|---|
| Specifies the amount of time, in milliseconds, that the client will attempt to establish a connection before it times out. The default is 30000 (30 seconds). |
| Specifies the amount of time, in milliseconds, that the client will wait for a response before it times out. The default is 60000. |
| Specifies if the client will automatically follow a server issued redirection. The default is false. |
| Specifies the maximum number of times a client will retransmit a request to satisfy a redirect. The default is -1 which specifies that unlimited retransmissions are allowed. |
| Specifies whether the client will send requests using chunking. The default is true which specifies that the client will use chunking when sending requests.
|
| Specifies the threshold at which CXF will switch from non-chunking to chunking. By default, messages less than 4K are buffered and sent non-chunked. Once this threshold is reached, the message is chunked. |
| Specifies what media types the client is prepared to handle. The value is used as the value of the HTTP |
| Specifies what language (for example, American English) the client prefers for the purposes of receiving a response. The value is used as the value of the HTTP AcceptLanguage property. |
| Specifies what content encodings the client is prepared to handle. Content encoding labels are regulated by the Internet Assigned Numbers Authority (IANA). The value is used as the value of the HTTP |
| Specifies the media type of the data being sent in the body of a message. Media types are specified using multipurpose internet mail extensions (MIME) types. The value is used as the value of the HTTP |
| Specifies the Internet host and port number of the resource on which the request is being invoked. The value is used as the value of the HTTP |
| Specifies whether a particular connection is to be kept open or closed after each request/response dialog. There are two valid values:
|
| Specifies directives about the behavior that must be adhered to by caches involved in the chain comprising a request from a client to a server. |
| Specifies a static cookie to be sent with all requests. |
| Specifies information about the browser from which the request originates. In the HTTP specification from the World Wide Web consortium (W3C) this is also known as the user-agent. Some servers optimize based upon the client that is sending the request. |
| Specifies the URL of the resource that directed the consumer to make requests on a particular service. The value is used as the value of the HTTP Referer property. |
| Specifies the URL of a decoupled endpoint for the receipt of responses over a separate server->client connection. |
| Specifies the URL of the proxy server through which requests are routed. |
| Specifies the port number of the proxy server through which requests are routed. |
NonProxyHosts | Specifies a list of hosts that should be directly routed. This value is a list of patterns separated by '|', where each pattern may start or end with a '*' for wildcard matching. |
| Specifies the type of proxy server used to route requests. Valid values are:
|
Example using the Client
Element
...
The following table lists the cache control directives supported by an HTTP client.
Directive | Behavior |
---|---|
no-cache | Caches cannot use a particular response to satisfy subsequent requests without first revalidating that response with the server. If specific response header fields are specified with this value, the restriction applies only to those header fields within the response. If no response header fields are specified, the restriction applies to the entire response. |
no-store | Caches must not store any part of a response or any part of the request that invoked it. |
max-age | The consumer can accept a response whose age is no greater than the specified time in seconds. |
max-stale | The consumer can accept a response that has exceeded its expiration time. If a value is assigned to max-stale, it represents the number of seconds beyond the expiration time of a response up to which the consumer can still accept that response. If no value is assigned, it means the consumer can accept a stale response of any age. |
min-fresh | The consumer wants a response that will be still be fresh for at least the specified number of seconds indicated. |
no-transform | Caches must not modify media type or location of the content in a response between a provider and a consumer. |
only-if-cached | Caches should return only responses that are currently stored in the cache, and not responses that need to be reloaded or revalidated. |
cache-extension | Specifies additional extensions to the other cache directives. Extensions might be informational or behavioral. An extended directive is specified in the context of a standard directive, so that applications not understanding the extended directive can at least adhere to the behavior mandated by the standard directive. |
A Note About Chunking
There are two ways of putting a body into an HTTP stream:
...