Implementing an authentication supplier

最新推荐文章于 2025-05-13 15:23:49 发布

转载最新推荐文章于 2025-05-13 15:23:49 发布 · 635 阅读

本文介绍如何通过扩展HTTPAuthSupplier类来实现HTTP基本认证供应商，包括处理预验证和响应401挑战的方法，并提供了一个具体的实现示例。

Implementing an authentication supplier

Authentication suppliers are used by clients to supply username and passwords to servers for HTTP Basic authentication. They are user-supplied custom objects that can pre-emptively supply authentication credentials and also handle HTTP 401 challenges (see Handling HTTP basic authentication challenges).

Authentication suppliers are implemented by extending the org.apache.cxf.transport.http.HTTPAuthSupplier class. HTTPAuthSupplier is an abstract class with two operations that need to be overridden:

public abstract String getAuthorizationForRealm(HTTPConduit conduit, URL currentURL, Message message, String realm, String fullHeader);
getAuthorizationForRealm() is called when an HTTP server issues a 401 authentication challenge. The realm information is taken from the WWW-Authenticate: ???? realm=????? header. The method determines if there is a valid authentication for the URL, realm, message combination. If there are valid authentication credentials it should return the authentication credentials. If not, it should return null.

If getAuthorizationForRealm() returns a value other than null, the request is retransmitted. If it returns null the call that initiated the original message fails.
public abstract String getPreemptiveAuthorization(HTTPConduit conduit, URL currentURL, Message message);
getPreemptiveAuthorization() is called before an HTTP request is made. If there is a valid set of credentials for the URL, the method should return it. If not, it should return null.

If getPreemptiveAuthorization() returns null, the request is transmitted without authentication credentials.

The following is an example of an authentication supplier:

package com.somecompany;
import org.apache.cxf.transport.http.HttpAuthSupplier;
import org.apache.cxf.transport.http.HTTPConduit;
import org.apache.cxf.message.Message;

public class MyBasicAuthSupplier extends HttpAuthSupplier
{
  MyBasicAuthSupplier()
  {
  }
        
  @Override
  public String getPreemptiveAuthorization(HTTPConduit conduit, 
                                           URL currentURL,
                                           Message message)
  {
    String preemptiveUsername = "examplePreemptiveUsername";
    String preemptiveUsername = "examplePreemptivePassword";
    return createUserPass(preemptiveUsername, preemptivePreemptivePassword);
  }

  @Override
  public String getAuthorizationForRealm(HTTPConduit conduit,
                                         URL currentURL,
                                         Message message,
                                         String reqestedRealm,
                                         String fullHeader)
  {
    String onDemandUsername = "exampleUsername";
    String onDemandUsername = "examplePassword";
    return createUserPass(onDemandUsername, onDemandPassword);
  }

  /* This is a helper method to build the security header */
  private String createUserPass(String usr, String pwd)
  {
    String userpass = usr + ":" + pwd;
    String token = Base64Utility.encode(userpass.getBytes());
    return "Basic " + token;
  }
}

url： http://communities.progress.com/infocenter/index.jsp?topic=/com.sonicsw.tools.sonicconnect.doc/auth_supplier_impl.html