5 Replies Latest reply on Sep 14, 2012 6:52 PM by Jay SenSharma

    POJO web services basic auth failing

    thinksteep thinksteep Novice

      Hi Community,  I am having strange issue in accessing WSDL protected by basic authentication through java web service client.

       

      I am able to access the WSDL through browser. It is prompting for user/password. With the userID/pwd, authentication succeds and able to see WSDL.

       

      When I try to do same using Java client it is failing with 401 response code.  Any input would be really appreciated.

       

      JBoss application-roles.properties has guest role assigned to userID.

       

      Client

       

              URL url = new URL(WS_URL);

              QName qname = new QName("http://namespace/", "MyService");

              Service service = Service.create(url, qname);

       

              Connections port = service.getPort(MyService.class);

       

       

              BindingProvider bp = (BindingProvider) port;

              bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "userID");

              bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "pwd");

       

       

       

      Exception:

      Exception in thread "main" javax.xml.ws.WebServiceException: Failed to access the WSDL at: http://mymachine:8080/myapp/MyService?wsdl. It failed with:

          Server returned HTTP response code: 401 for URL: http://mymachine:8080/myapp/MyService?wsdl.

          at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(RuntimeWSDLParser.java:151)

          at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:133)

          at com.sun.xml.internal.ws.client.WSServiceDelegate.parseWSDL(WSServiceDelegate.java:254)

          at com.sun.xml.internal.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:217)

          at com.sun.xml.internal.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:165)

          at com.sun.xml.internal.ws.spi.ProviderImpl.createServiceDelegate(ProviderImpl.java:93)

          at javax.xml.ws.Service.<init>(Service.java:57)

          at javax.xml.ws.Service.create(Service.java:687)

          at apiservicetest.ServicePerformanceTester.main(ServicePerformanceTester.java:29)

      Caused by: java.io.IOException: Server returned HTTP response code: 401 for URL: http://mymachine:8080/myapp/MyService?wsdl

          at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1313)

          at java.net.URL.openStream(URL.java:1010)

          at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.createReader(RuntimeWSDLParser.java:793)

          at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.resolveWSDL(RuntimeWSDLParser.java:251)

          at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:118)

          ... 7 more

      Java Result: 1

       

       

      I have POJO Service

       

      @WebService(serviceName = "MyService")

      public class MyService{

      //Webmethods.

      }

       

      web.xml

       

        <security-constraint>

              <web-resource-collection>

                  <web-resource-name>All resources</web-resource-name>

                  <url-pattern>/*</url-pattern>

              </web-resource-collection>

              <auth-constraint>

                  <role-name>guest</role-name>

              </auth-constraint>

          </security-constraint>

       

          <security-role>

              <description>desc</description>

              <role-name>guest</role-name>

          </security-role>

       

          <login-config>

              <auth-method>BASIC</auth-method>

              <realm-name>realm</realm-name>

          </login-config>

       

      jboss-web.xml

       

      <?xml version="1.0" encoding="UTF-8"?>

      <jboss-web>

          <security-domain>other</security-domain>

      </jboss-web>

       

      Standalone-full.xml

       

      <security-domains>

                      <security-domain name="other" cache-type="default">

                          <authentication>

                              <login-module code="Remoting" flag="optional">

                                  <module-option name="password-stacking" value="useFirstPass"/>

                              </login-module>

                              <login-module code="RealmUsersRoles" flag="required">

                                  <module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/>

                                  <module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/>

                                  <module-option name="realm" value="ApplicationRealm"/>

                                  <module-option name="password-stacking" value="useFirstPass"/>

                              </login-module>

                          </authentication>

                      </security-domain>

        • 1. Re: POJO web services basic auth failing
          Jay SenSharma Master

          Hi,

           

          A constructor of the service object requires access to the WSDL. And again it does not support basic authentication out of the box. You have an option to download the wsdl file and use it locally. Another option is to use the default authenticator:

           

           

          Authenticator.setDefault(new Authenticator() {

              @Override

              protected PasswordAuthentication getPasswordAuthentication() {

                  return new PasswordAuthentication(

                      USER_NAME,

                      PASSWORD.toCharArray());

              }

          });

           

           

          reference: http://etfdevlab.blogspot.in/2009/12/http-basic-authentication-with-jax-ws.html

          • 2. Re: POJO web services basic auth failing
            thinksteep thinksteep Novice

            Hi Jay Kumar senSharma,  Thanks for quick reply!  Following links not using any default authenticators.

            My issue is not related to getting WSDL, it is more related to how to invoke service.

            https://community.jboss.org/thread/197054

            https://docs.jboss.org/author/display/AS71/Authentication 

            Correct me if I am in wrong path.

              Thank you,

            • 3. Re: POJO web services basic auth failing
              Jay SenSharma Master

              Hi,

               

                 While generating the Client side artifact you can use the wsconsume.sh like following:

               

                      <target name="client">

                           <delete dir="${client.dir}" />

                           <wsconsume

                                    fork="true"

                                    keep="true"

                                    destdir="${client.dir}"

                                    sourcedestdir="${client.dir}"

                                    package="client"

                                    wsdlLocation="http://userone:passwordone@localhost:8080/Pojo_CXF_Service_BasicAuthDemo/PojoCXFService?wsdl"

                                >

                          </wsconsume>

                          <jar jarfile="${client.dir}/${client.jar.name}" basedir="${client.dir}" compress="true" /> 

                     </target>

               

               

              NOTICE:   wsdlLocation="http://userone:passwordone@localhost:8080/Pojo_CXF_Service_BasicAuthDemo/PojoCXFService?wsdl"

               

              If you will specify the URL including the basic authentication credential then the generated service class in the client side artifact will be like following:

               

               

              @WebServiceClient(name = "PojoCXFServiceService",

                                wsdlLocation = "http://userone:passwordone@localhost:8080/Pojo_CXF_Service_BasicAuthDemo/PojoCXFService?wsdl",

                                targetNamespace = "http://ws/")

              public class PojoCXFServiceService extends Service {

               

               

                  public final static URL WSDL_LOCATION;

               

               

              So which will not cause  "401" when you will try to create the Service object on the client side as the WSDL as the basic auth credential is passed along with the URL itself

              • 4. Re: POJO web services basic auth failing
                thinksteep thinksteep Novice

                Hi Jay Kumar,  Thanks for the steps.  I tried what you suggested, still no luck. Getting same 401 exception. Am I missing any configurations are something?  Thanks for your time.

                • 5. Re: POJO web services basic auth failing
                  Jay SenSharma Master

                  Hi,

                   

                     Just for testing can u try the attached TestCase  it worked for me with basic Auth and then you can compre it with your testcase.

                   

                     Steps are mentioned in the README.txt file.

                   

                                  <security-domain name="cxfservice-security-domain" cache-type="default">
                                      <authentication>
                                          <login-module code="UsersRoles" flag="required">
                                              <module-option name="usersProperties" value="${jboss.server.config.dir}/cxfservice-users.properties"/>
                                              <module-option name="rolesProperties" value="${jboss.server.config.dir}/cxfservice-roles.properties"/>
                                              <module-option name="unauthenticatedIdentity" value="nobody"/>
                                          </login-module>
                                      </authentication>
                                  </security-domain>
                  

                   

                   

                   

                  Building the WebService

                   

                  [jsenshar@localhost Pojo_CXF_Service_BasicAuth]$ ant
                  Buildfile: build.xml
                  
                  
                  init:
                     [delete] Deleting directory /NotBackedUp/Downloads/Pojo_CXF_Service_BasicAuth/build
                      [mkdir] Created dir: /NotBackedUp/Downloads/Pojo_CXF_Service_BasicAuth/build
                      [mkdir] Created dir: /NotBackedUp/Downloads/Pojo_CXF_Service_BasicAuth/build/Pojo_CXF_Service_BasicAuthDemo.war
                      [mkdir] Created dir: /NotBackedUp/Downloads/Pojo_CXF_Service_BasicAuth/build/Pojo_CXF_Service_BasicAuthDemo.war/WEB-INF/wsdl
                      [mkdir] Created dir: /NotBackedUp/Downloads/Pojo_CXF_Service_BasicAuth/build/Pojo_CXF_Service_BasicAuthDemo.war/WEB-INF/classes
                     [delete] Deleting directory /NotBackedUp/Downloads/Pojo_CXF_Service_BasicAuth/clientStuff
                      [mkdir] Created dir: /NotBackedUp/Downloads/Pojo_CXF_Service_BasicAuth/clientStuff
                  
                  
                  build:
                      [javac] Compiling 1 source file to /NotBackedUp/Downloads/Pojo_CXF_Service_BasicAuth/build/Pojo_CXF_Service_BasicAuthDemo.war/WEB-INF/classes
                       [copy] Copying 1 file to /NotBackedUp/Downloads/Pojo_CXF_Service_BasicAuth/build/Pojo_CXF_Service_BasicAuthDemo.war/WEB-INF
                       [copy] Copying 1 file to /NotBackedUp/Downloads/Pojo_CXF_Service_BasicAuth/build/Pojo_CXF_Service_BasicAuthDemo.war/WEB-INF
                  [wsprovide] Generating from endpoint: ws.PojoCXFService
                  [wsprovide] log4j:WARN No appenders could be found for logger (org.apache.cxf.common.logging.LogUtils).
                  [wsprovide] log4j:WARN Please initialize the log4j system properly.
                  [wsprovide] log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
                  [wsprovide] java2ws -s /NotBackedUp/Downloads/Pojo_CXF_Service_BasicAuth/build/Pojo_CXF_Service_BasicAuthDemo.war/WEB-INF/classes -classdir /NotBackedUp/Downloads/Pojo_CXF_Service_BasicAuth/build/Pojo_CXF_Service_BasicAuthDemo.war/WEB-INF/classes -d /NotBackedUp/Downloads/Pojo_CXF_Service_BasicAuth/build/Pojo_CXF_Service_BasicAuthDemo.war/META-INF/wsdl -verbose -wsdl -cp ::::::: -wrapperbean -createxsdimports ws.PojoCXFService
                  [wsprovide] java2ws - Apache CXF 2.4.6-redhat-1
                  [wsprovide] 
                  
                  
                  deploy:
                       [echo] *******************  Deploying   *********************
                       [echo] ********** Pojo_CXF_Service_BasicAuthDemo.war to /NotBackedUp/JBoss_All/jboss-eap-7.1.2//standalone/deployments **********
                       [copy] Copying 9 files to /NotBackedUp/JBoss_All/jboss-eap-7.1.2/standalone/deployments
                       [echo] The EMPTY 'Pojo_CXF_Service_BasicAuthDemo.war.dodeploy' tells JBoss AS7 to deploy the application
                       [echo] This file is needed if we want to deploy an exploded application in JBossAS7
                       [copy] Copying 1 file to /NotBackedUp/JBoss_All/jboss-eap-7.1.2/standalone/deployments
                       [echo] *******************  Deployed Successfully   *********************
                  
                  
                  post-deploy:
                       [echo] *******************  NOTE  *********************
                       [echo] ***** You should be able to access your WSDL using Browser now *****
                       [echo]             
                       [echo]             
                       [echo] http://localhost:8080/Pojo_CXF_Service_BasicAuthDemo/PojoCXFService?wsdl
                       [echo]             
                       [echo]             
                       [echo] *******************  NOTE  *********************
                       [echo] ***** You should be able to access your WSDL using Browser now *****
                       [echo] http://userone:passwordone@localhost:8080/Pojo_CXF_Service_BasicAuthDemo/PojoCXFService?wsdl
                       [echo]             
                       [echo]             
                       [echo] RMEMBER *** Syntax: 
                       [echo] http://BasicUsername:BasicPassword@localhost:8080/Pojo_CXF_Service_BasicAuthDemo/PojoCXFService?wsdl
                       [echo] and then save it in your file system with following name:
                       [echo] src/META-INF/wsdl/PojoCXFService.wsdl 
                       [echo] And then run the ' ant client' To generate client artifacts
                       [echo] ************************************************
                  
                  
                  BUILD SUCCESSFUL
                  Total time: 13 seconds
                  [jsenshar@localhost Pojo_CXF_Service_BasicAuth]$ 
                  

                   

                   

                  Generating Client Artifacts & Running the Client

                   

                  [jsenshar@localhost Pojo_CXF_Service_BasicAuth]$ ant run
                  Buildfile: build.xml
                  
                  
                  client:
                     [delete] Deleting directory /NotBackedUp/Downloads/Pojo_CXF_Service_BasicAuth/clientStuff
                  [wsconsume] Consuming wsdl: src/META-INF/wsdl/PojoCXFService.wsdl
                  [wsconsume] log4j:WARN No appenders could be found for logger (org.apache.cxf.common.logging.LogUtils).
                  [wsconsume] log4j:WARN Please initialize the log4j system properly.
                  [wsconsume] log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
                        [jar] Building jar: /NotBackedUp/Downloads/Pojo_CXF_Service_BasicAuth/clientStuff/Pojo_CXF_Service_BasicAuth_Client.jar
                  
                  
                  run:
                      [javac] Compiling 1 source file to /NotBackedUp/Downloads/Pojo_CXF_Service_BasicAuth/clientStuff
                       [java] log4j:WARN No appenders could be found for logger (org.apache.cxf.common.logging.LogUtils).
                       [java] log4j:WARN Please initialize the log4j system properly.
                       [java] log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
                       [java] Got the Service: org.apache.cxf.jaxws.JaxWsClientProxy@677af46e
                  
                  
                  
                       [java] Hello, Mr. MiddlewareMagic
                  
                  
                  BUILD SUCCESSFUL
                  Total time: 10 seconds