Unable to do HTTP basic authentication for SOAP requests when JAXB is used for tranformation
bhaskarsk Jan 8, 2015 5:13 AMI am using JAXB binding to convert xml string to Java Objects, I followed the similar approach as mentioned in the quickstart ( switchyard-quickstart-demo-policy-security-basic),
service name is ISampleServicesPortType, for the transformer i am using jaxb.
<transform:transform.jaxb from="java:com.alu.ipprd.aor.core.tm.sample.objs.Response" to="{urn:com.alu.ipprd.aor.core.tm.svcs:tm-services:0.0.0}callResponse"/>
<transform:transform.jaxb from="{urn:com.alu.ipprd.aor.core.tm.svcs:tm-services:0.0.0}call" to="java:com.alu.ipprd.aor.core.tm.sample.objs.Request"/>
Soap request in not authenticated in this case and is processed successfully. Switchyard.xml as below.
<?xml version="1.0" encoding="UTF-8"?> <switchyard xmlns="urn:switchyard-config:switchyard:1.0" xmlns:bean="urn:switchyard-component-bean:config:1.0" xmlns:jms="urn:switchyard-component-camel-jms:config:1.0" xmlns:sca="http://docs.oasis-open.org/ns/opencsa/sca/200912" xmlns:soap="urn:switchyard-component-soap:config:1.0" xmlns:transform="urn:switchyard-config:transform:1.0"> <sca:composite name="aor-ipprd-plf-core-tm-binding" targetNamespace="urn:com.alu.ipprd.aor.core.tm.svcs:tm-services:0.0.0"> <sca:component name="Component"> <bean:implementation.bean requires="authorization" class="com.alu.ipprd.aor.core.tm.sample.svcs.SampleServices"/> <sca:service name="ISampleServices" requires="clientAuthentication confidentiality"> <sca:interface.java interface="com.alu.ipprd.aor.core.tm.sample.svcs.ISampleServices"/> </sca:service> </sca:component> <sca:service name="ISampleServicesPortType" promote="Component/ISampleServices"> <sca:interface.wsdl interface="META-INF/ISampleServices.wsdl#wsdl.porttype(ISampleServicesPortType)"/> <soap:binding.soap name="soap1"> <soap:messageComposer unwrapped="true"/> <soap:wsdl>META-INF/ISampleServices.wsdl</soap:wsdl> <soap:contextPath>aor-ipprd-plf-core-tm-binding</soap:contextPath> </soap:binding.soap> </sca:service> <sca:component name="Component1"> <bean:implementation.bean requires="authorization" class="org.switchyard.quickstarts.demo.policy.security.basic.WorkServiceBean"/> <sca:service name="WorkService" requires="clientAuthentication confidentiality"> <sca:interface.java interface="org.switchyard.quickstarts.demo.policy.security.basic.WorkService"/> </sca:service> </sca:component> <sca:service name="WorkService" promote="Component1/WorkService"> <sca:interface.wsdl interface="WorkService.wsdl#wsdl.porttype(WorkService)"/> <soap:binding.soap name="soap1"> <soap:messageComposer unwrapped="true"/> <soap:wsdl>WorkService.wsdl</soap:wsdl> <soap:contextPath>aor-ipprd-plf-core-tm-binding1</soap:contextPath> </soap:binding.soap> </sca:service> </sca:composite> <transforms> <transform:transform.jaxb from="java:com.alu.ipprd.aor.core.tm.sample.objs.Response" to="{urn:com.alu.ipprd.aor.core.tm.svcs:tm-services:0.0.0}callResponse"/> <transform:transform.jaxb from="{urn:com.alu.ipprd.aor.core.tm.svcs:tm-services:0.0.0}call" to="java:com.alu.ipprd.aor.core.tm.sample.objs.Request"/> <transform:transform.java from="java:org.switchyard.quickstarts.demo.policy.security.basic.WorkAck" to="java:org.switchyard.quickstarts.demo.policy.security.basic.Work" class="org.switchyard.quickstarts.demo.policy.security.basic.Transformers"/> <transform:transform.java from="java:org.switchyard.quickstarts.demo.policy.security.basic.WorkAck" to="{urn:switchyard-quickstart-demo:policy-security-basic:0.1.0}doWorkResponse" class="org.switchyard.quickstarts.demo.policy.security.basic.Transformers"/> <transform:transform.java from="{urn:switchyard-quickstart-demo:policy-security-basic:0.1.0}doWork" to="java:org.switchyard.quickstarts.demo.policy.security.basic.Work" class="org.switchyard.quickstarts.demo.policy.security.basic.Transformers"/> </transforms> <domain> <properties> <property name="org.switchyard.handlers.messageTrace.enabled" value="true"/> </properties> <securities> <security callbackHandler="org.switchyard.security.callback.handler.NamePasswordCallbackHandler" name="defined" rolesAllowed="friend"/> </securities> </domain> </switchyard>
And in the bean service as below
@Requires(security = {CONFIDENTIALITY, CLIENT_AUTHENTICATION, AUTHORIZATION}) @Service(ISampleServices.class) public class SampleServices implements ISampleServices { public Response call(Request request) { Response response = new Response(); response.setName("test"); return response; }
Does the JAXB tranformation removes the authentication part???