0 Replies Latest reply on Jun 14, 2012 6:08 AM by rimarvladimir

    pre-emptive authentication using HttpRouter in ESB

    rimarvladimir
    rimarvladimir Jun 14, 2012 6:08 AM

      Hello all,

       

      I would like to ask, if it's possible to implement pre-emptive authentication in HttpRouter. I'm currenlty sending a request to HTTPS webservice with the following https.properties configuration:

       

      # Configurators

      configurators=HttpProtocol,AuthBASIC

       

      # HttpProtocol config...

      protocol-socket-factory=org.apache.commons.httpclient.contrib.ssl.EasySSLProtocolSocketFactory

      keystore=/opt/netcool/NetcoolEventPublisher/itsm/jboss/jboss-4.2.3.GA/server/nep/conf/nep/ssl/cacerts

      keystore-passw=tibco1

       

      # AuthBASIC config...

      auth-username=NETCOOL

      auth-password=netcoolsys2

       

      Everything works, but it seems that the first request is sent without authentication. After first request, the "401 Authentication" is received and details are filled in based on above configuration. Here the log file:

       

      2012-05-16 04:06:32,345 DEBUG [httpclient.wire.header] >> "POST /eai/aas/netcool/troubleTicket HTTP/1.1[\r][\n]"

      2012-05-16 04:06:32,345 DEBUG [httpclient.wire.header] >> "SOAPAction: updateTroubleTicket[\r][\n]"

      2012-05-16 04:06:32,345 DEBUG [httpclient.wire.header] >> "Content-Type: text/xml;charset=UTF-8[\r][\n]"

      2012-05-16 04:06:32,345 DEBUG [httpclient.wire.header] >> "User-Agent: Jakarta Commons-HttpClient/3.0.1[\r][\n]"

      2012-05-16 04:06:32,345 DEBUG [httpclient.wire.header] >> "Host: speaiolb:8043[\r][\n]"

      2012-05-16 04:06:32,346 DEBUG [httpclient.wire.header] >> "Content-Length: 446[\r][\n]"

      2012-05-16 04:06:32,346 DEBUG [httpclient.wire.header] >> "[\r][\n]"

      2012-05-16 04:06:32,346 DEBUG [httpclient.wire.content] >> "<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:mes="http://www.swisscom.ch/eai/aas/netcool/troubleticket/messageparts">[\n]"

      2012-05-16 04:06:32,346 DEBUG [httpclient.wire.content] >> "<soapenv:Header/>[\n]"

      2012-05-16 04:06:32,346 DEBUG [httpclient.wire.content] >> "<soapenv:Body>[\n]"

      2012-05-16 04:06:32,346 DEBUG [httpclient.wire.content] >> "<mes:updateTroubleTicketRequest>[\n]"

      2012-05-16 04:06:32,346 DEBUG [httpclient.wire.content] >> "<mes:troubleTicketId>INC000000639610</mes:troubleTicketId>[\n]"

      2012-05-16 04:06:32,346 DEBUG [httpclient.wire.content] >> "<mes:sourceId>CAMMOBILE:33812317</mes:sourceId>[\n]"

      2012-05-16 04:06:32,346 DEBUG [httpclient.wire.content] >> "<mes:sourceSeverity>normal</mes:sourceSeverity>[\n]"

      2012-05-16 04:06:32,346 DEBUG [httpclient.wire.content] >> "</mes:updateTroubleTicketRequest>[\n]"

      2012-05-16 04:06:32,346 DEBUG [httpclient.wire.content] >> "</soapenv:Body>[\n]"

      2012-05-16 04:06:32,346 DEBUG [httpclient.wire.content] >> "</soapenv:Envelope>[\n]"

      2012-05-16 04:06:32,368 DEBUG [httpclient.wire.header] << "HTTP/1.1 401 Authorization Required[\r][\n]"

      2012-05-16 04:06:32,368 DEBUG [httpclient.wire.header] << "Date: Wed, 16 May 2012 02:06:32 GMT[\r][\n]"

      2012-05-16 04:06:32,369 DEBUG [httpclient.wire.header] << "WWW-Authenticate: Basic realm="Restricted Files"[\r][\n]"

      2012-05-16 04:06:32,369 DEBUG [httpclient.wire.header] << "Content-Length: 401[\r][\n]"

      2012-05-16 04:06:32,369 DEBUG [httpclient.wire.header] << "Content-Type: text/html; charset=iso-8859-1[\r][\n]"

      2012-05-16 04:06:32,369 DEBUG [httpclient.wire.content] << "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">[\n]"

      2012-05-16 04:06:32,369 DEBUG [httpclient.wire.content] << "<html><head>[\n]"

      2012-05-16 04:06:32,369 DEBUG [httpclient.wire.content] << "<title>401 Authorization Required</title>[\n]"

      2012-05-16 04:06:32,369 DEBUG [httpclient.wire.content] << "</head><body>[\n]"

      2012-05-16 04:06:32,369 DEBUG [httpclient.wire.content] << "<h1>Authorization Required</h1>[\n]"

      2012-05-16 04:06:32,369 DEBUG [httpclient.wire.content] << "<p>This server could not verify that you[\n]"

      2012-05-16 04:06:32,369 DEBUG [httpclient.wire.content] << "are authorized to access the document[\n]"

      2012-05-16 04:06:32,369 DEBUG [httpclient.wire.content] << "requested.  Either you supplied the wrong[\n]"

      2012-05-16 04:06:32,369 DEBUG [httpclient.wire.content] << "credentials (e.g., bad password), or your[\n]"

      2012-05-16 04:06:32,369 DEBUG [httpclient.wire.content] << "browser doesn't understand how to supply[\n]"

      2012-05-16 04:06:32,369 DEBUG [httpclient.wire.content] << "the credentials required.</p>[\n]"

      2012-05-16 04:06:32,369 DEBUG [httpclient.wire.content] << "</body></html>[\n]"

      2012-05-16 04:06:32,380 DEBUG [httpclient.wire.header] >> "POST /eai/aas/netcool/troubleTicket HTTP/1.1[\r][\n]"

      2012-05-16 04:06:32,380 DEBUG [httpclient.wire.header] >> "SOAPAction: updateTroubleTicket[\r][\n]"

      2012-05-16 04:06:32,380 DEBUG [httpclient.wire.header] >> "Content-Type: text/xml;charset=UTF-8[\r][\n]"

      2012-05-16 04:06:32,380 DEBUG [httpclient.wire.header] >> "User-Agent: Jakarta Commons-HttpClient/3.0.1[\r][\n]"

      2012-05-16 04:06:32,380 DEBUG [httpclient.wire.header] >> "Content-Length: 446[\r][\n]"

      2012-05-16 04:06:32,380 DEBUG [httpclient.wire.header] >> "Authorization: Basic TkVUQ09PTDp0NmxYeTRCajVTdGxPdg==[\r][\n]"

      2012-05-16 04:06:32,381 DEBUG [httpclient.wire.header] >> "Host: speaiolb:8043[\r][\n]"

      2012-05-16 04:06:32,381 DEBUG [httpclient.wire.header] >> "[\r][\n]"

      2012-05-16 04:06:32,381 DEBUG [httpclient.wire.content] >> "<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:mes="http://www.swisscom.ch/eai/aas/netcool/troubleticket/messageparts">[\n]"

      2012-05-16 04:06:32,381 DEBUG [httpclient.wire.content] >> "<soapenv:Header/>[\n]"

      2012-05-16 04:06:32,381 DEBUG [httpclient.wire.content] >> "<soapenv:Body>[\n]"

      2012-05-16 04:06:32,381 DEBUG [httpclient.wire.content] >> "<mes:updateTroubleTicketRequest>[\n]"

      2012-05-16 04:06:32,381 DEBUG [httpclient.wire.content] >> "<mes:troubleTicketId>INC000000639610</mes:troubleTicketId>[\n]"

      2012-05-16 04:06:32,381 DEBUG [httpclient.wire.content] >> "<mes:sourceId>CAMMOBILE:33812317</mes:sourceId>[\n]"

      2012-05-16 04:06:32,381 DEBUG [httpclient.wire.content] >> "<mes:sourceSeverity>normal</mes:sourceSeverity>[\n]"

      2012-05-16 04:06:32,381 DEBUG [httpclient.wire.content] >> "</mes:updateTroubleTicketRequest>[\n]"

      2012-05-16 04:06:32,381 DEBUG [httpclient.wire.content] >> "</soapenv:Body>[\n]"

      2012-05-16 04:06:32,381 DEBUG [httpclient.wire.content] >> "</soapenv:Envelope>[\n]"


      Is it possible to skipp the first un-authenticated request and send authentication details in the first request? I was not able to find some samples of pre-emptive authentication, which would apply for HttpRouter.

       

      Thanks for all the help.

       

      Vladimir