0 Replies Latest reply on Mar 15, 2018 5:29 AM by cixsir82

    How to invoke a service using both basic auth credentials and SSL (https exposed)? Switchyard Jboss FSW 6.0.0

    cixsir82

      Hi all,

       

      I've a problem invoking a service exposed using both SSL and basic authentication credentials (service SOAP/XML via WSDL).

      The same service has another instance callable via HTTP, requiring only basic authentication credentials.

       

      Using the same application (same jar and same basic auth configs) with same configurations, I try to:

       

      1) Invoke the service pointing to http endpoint (without SSL) and using user and pwd for basic auth.

      TEST SUCCESSFULLY executed.

      Credentials configuration has been made in SOAP binding options/Authentication Detalis in switchyard.xml:

      Below the log trace of request sent:

       

      ID: 2

      Address: http://ServiceWithBASIC_AUTH_NO_SSL:8080/action

      Encoding: UTF-8

      Content-Type: text/xml

      Headers: {Accept=[*/*], Authorization=[Basic SKDJDUEDJDJJDJDS==], SOAPAction=["http://somesoapaction"]}

      Payload: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Header xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"/><soap:Body>Message replaced with the following row</soap:Body></soap:Envelope>

       

      2) Invoke the service pointing to https endpoint (SSL) and using user and pwd for basic auth (same used above).

      TEST FAILED. --> the error returned is:

      Caused by: org.apache.cxf.transport.http.HTTPException: HTTP response '401: Unauthorized' when communicating with https://ServiceWithBASIC_AUTH_WITH_SSL:8080/action

      Credentials configuration are the same configured in test at step 1, but checking logs seems to be not configured the authentication (below in red, missing Authorization detail).

      Certificate is imported in cacerts keystore used by jboss instance (it is successfully charged because without importing it I received a KO of handshake for missing certificate chain).

       

      Below the log trace of request sent:

       

      16:47:54,926 INFO  [org.apache.cxf.services.XXX] (http-/IP:8080-7) Outbound Message

      ---------------------------

      ID: 25

      Address: https://ServiceWithBASIC_AUTH_WITH_SSL:8080/action

      Encoding: UTF-8

      Content-Type: text/xml

      Headers: {Accept=[*/*], SOAPAction=["http://somesoapaction"]}

      Payload: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Header xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"/><soap:Body>Message replaced with the following row</soap:Body></soap:Envelope>

       

      I executed an additional test, invoking the service in HTTPS and using basic auth credentials via SOAPUI tool, and all seems to work correctly (just to confirm that the host is correctly managing identical basic auth credentials on both scenarios).

       

      Someone can help me?

       

      Thank you.