Versions Compared

Old Version 72

changes.mady.by.user Colm O hEigeartaigh

Saved on

compared with

New Version 73

changes.mady.by.user Colm O hEigeartaigh

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

...

Make sure the Authorization element contains the same name as the Section in the login.conf (here: CXFClient).

Code Block
xmlxml
titleHTTP conduit configuration for spnego with single sign on
xml
 ...
 <conduit name="{http://example.com/}HelloWorldServicePort.http-conduit"
   xmlns="http://cxf.apache.org/transports/http/configuration">
   <authorization>
      <AuthorizationType>Negotiate</AuthorizationType>
      <Authorization>CXFClient</Authorization>
   </authorization>
 </conduit>
 ...

...

On windows you will also have to make sure you allow the TGT to be used in Java. See: http://www.javaactivedirectory.com/?page_id=93

Code Block
xmlxml
titleSwitching to Kerberos OID instead of Spnego
xml
 ...
 <jaxws:client>
  <jaxws:properties>
   <entry key="auth.spnego.useKerberosOid" value="true"/>
  </jaxws:properties> 
 </jaxws:client>
 ...

...

Note in the case of reusing the existing credential, the policy configuration does not need to reference a login module name:

Code Block
xmlxml
titleHTTP conduit configuration for spnego with single sign on
xml
 ...
 <conduit name="{http://example.com/}HelloWorldServicePort.http-conduit"
   xmlns="http://cxf.apache.org/transports/http/configuration">
   <authorization>
      <AuthorizationType>Negotiate</AuthorizationType>
   </authorization>
 </conduit>
 ...

...

On Java 5, you need a library that will augment the HttpURLConnection to do it. See: http://jcifs.samba.org/src/docs/httpclient.htmlImage Removed Note: jcifs is LGPL licensed, not Apache licensed.

...

If your service endpoint uses an SSL WSDL location (i.e., "https://xxx?wsdl"), you can configure the http conduit to pick up the SSL configuration by using a hardcoded http conduit name of "{http://cxf.apache.org/Image Removed}TransportURIResolver.http-conduit". The specific HTTP conduit name or a reg-ex expression can still be used.

...

The elements used to configure an HTTP client are defined in the namespace http://cxf.apache.org/transports/http/configuration. It is commonly referred to using the prefix http-conf. In order to use the HTTP configuration elements you will need to add the lines shown below to the beans element of your endpoint's configuration file. In addition, you will need to add the configuration elements' namespace to the xsi:schemaLocation attribute.

xml
Code Block
xml
titleHTTP Consumer Configuration Namespace
xml
<beans ...
       xmlns:http-conf="http://cxf.apache.org/transports/http/configuration
       ...
       xsi:schemaLocation="...
           http://cxf.apache.org/transports/http/configuration
           http://cxf.apache.org/schemas/configuration/http-conf.xsd
       ...">

...

You configure an HTTP client using the http-conf:conduit element and its children. The http-conf:conduit element takes a single attribute, name, that specifies the WSDL port element that corresponds to the endpoint. The value for the name attribute takes the form portQName.http-conduit. For example, the code below shows the http-conf:conduit element that would be used to add configuration for an endpoint that was specified by the WSDL fragment <port binding="widgetSOAPBinding" name="widgetSOAPPort> if the endpoint's target namespace was http://widgets.widgetvendor.net. Alternatively, the name attribute can be a regular expression to match a URL. This allows configuration of conduits that are not used for purposes of WSDL based endpoints such as JAX-RS and for WSDL retrieval.

Code Block
xmlxml
titlehttp-conf:conduit Element
xml
...
  <http-conf:conduit name="{http://widgets/widgetvendor.net}widgetSOAPPort.http-conduit">
    ...
  </http-conf:conduit>

  <http-conf:conduit name="*.http-conduit">
  <!-- you can also using the wild card to specify 
       the http-conduit that you want to configure -->
    ...
  </http-conf:conduit>

  <http-conf:conduit name="http://localhost:8080/.*">
  <!-- you can also using the reg-ex URL matching for 
       the http-conduit that you want to configure -->
    ...
  </http-conf:conduit>
...

...

The example below shows a the configuration for an HTTP client that wants to keep its connection to the server open between requests, will only retransmit requests once per invocation, and cannot use chunking streams.

Code Block
xmlxml
titleHTTP Consumer Endpoint Configuration
xml
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:http-conf="http://cxf.apache.org/transports/http/configuration"
       xsi:schemaLocation="http://cxf.apache.org/transports/http/configuration
           http://cxf.apache.org/schemas/configuration/http-conf.xsd
           http://www.springframework.org/schema/beans
           http://www.springframework.org/schema/beans/spring-beans.xsd">

  <http-conf:conduit name="{http://apache.org/hello_world_soap_http}SoapPort.http-conduit">
    <http-conf:client Connection="Keep-Alive"
                      MaxRetransmits="1"
                      AllowChunking="false" />
  </http-conf:conduit>
</beans>

...

The WSDL extension elements used to configure an HTTP client are defined in the namespace http://cxf.apache.org/transports/http/configuration. It is commonly referred to using the prefix http-conf. In order to use the HTTP configuration elements you will need to add the line shown below to the definitions element of your endpoint's WSDL document.

Code Block
xmlxml
titleHTTP Consumer WSDL Element's Namespace
xml
<definitions ...
   xmlns:http-conf="http://cxf.apache.org/transports/http/configuration

...

The example below shows a WSDL fragment that configures an HTTP client to specify that it will not interact with caches.

xml
Code Block
xml
titleWSDL to Configure an HTTP Consumer Endpoint
xml
<service ...>
  <port ...>
    <soap:address ... />
    <http-conf:client CacheControl="no-cache" />
  </port>
</service>

...