Authentication Header Missing from CXF Endpoint

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Authentication Header Missing from CXF Endpoint

Aravind Rajasekharan Pillai
Hi All,

Any help is appreciated as i am trying to solve this for 2 days now.

Trying to unit test a CXF end point secured with Spring Authentication. I
tried passing in as below the Authentication header however when it reaches
my CXF Endpoint and down to route. The header is missing.

I tried a lot of combinations and i did read some where that it doesn't
pass it via CXF endpoint. Is this a bug?, that was a post from 2012 though.
any workarounds?.

How should i test my whole integration flow?.


Exchange responseExchange = producerTemplate.request("cxfrs://
http://localhost:9001/", new Processor() {


    @Override
    public void process(Exchange exchange) throws Exception {


        exchange.setPattern(ExchangePattern.InOut);
        Message inMessage = exchange.getIn();
        inMessage.setHeader("CamelCxfRsUsingHttpAPI", Boolean.TRUE);
        inMessage.setHeader("CamelHttpMethod", "POST");
        inMessage.setHeader("operationName", "getAccounts");
        inMessage.setHeader(Exchange.CONTENT_TYPE,"application/json");
        inMessage.setHeader("CamelAuthentication",subject);
        inMessage.setHeader("CamelHttpPath", "/v1/core/getAccounts");
        inMessage.setBody( new ObjectMapper().writeValueAsString(bo));


*exchange.getIn().setHeader(Exchange.AUTHENTICATION,subject);*
    }
});

Regards,
Aravind
Reply | Threaded
Open this post in threaded view
|

Re: Authentication Header Missing from CXF Endpoint

Brad Johnson
Are you  sending a Processor across?  I've really no idea if that would
work or not.  It's an object so I suppose if you cast the object on the
other side you'd end up with the Processor back(?)


Have you tried on of the methods like
producerTemplate.request(endpointURI,body, Map<String,String>) where the
map contains the headers?

On Mon, Oct 24, 2016 at 9:45 AM, aravind r <[hidden email]>
wrote:

> Hi All,
>
> Any help is appreciated as i am trying to solve this for 2 days now.
>
> Trying to unit test a CXF end point secured with Spring Authentication. I
> tried passing in as below the Authentication header however when it reaches
> my CXF Endpoint and down to route. The header is missing.
>
> I tried a lot of combinations and i did read some where that it doesn't
> pass it via CXF endpoint. Is this a bug?, that was a post from 2012 though.
> any workarounds?.
>
> How should i test my whole integration flow?.
>
>
> Exchange responseExchange = producerTemplate.request("cxfrs://
> http://localhost:9001/", new Processor() {
>
>
>     @Override
>     public void process(Exchange exchange) throws Exception {
>
>
>         exchange.setPattern(ExchangePattern.InOut);
>         Message inMessage = exchange.getIn();
>         inMessage.setHeader("CamelCxfRsUsingHttpAPI", Boolean.TRUE);
>         inMessage.setHeader("CamelHttpMethod", "POST");
>         inMessage.setHeader("operationName", "getAccounts");
>         inMessage.setHeader(Exchange.CONTENT_TYPE,"application/json");
>         inMessage.setHeader("CamelAuthentication",subject);
>         inMessage.setHeader("CamelHttpPath", "/v1/core/getAccounts");
>         inMessage.setBody( new ObjectMapper().writeValueAsString(bo));
>
>
> *exchange.getIn().setHeader(Exchange.AUTHENTICATION,subject);*
>     }
> });
>
> Regards,
> Aravind
>
Reply | Threaded
Open this post in threaded view
|

Re: Authentication Header Missing from CXF Endpoint

Brad Johnson
In addition to trying the requestBodyHeader (or whatever the request name
is) have you tried looking the results of the Exchange you get back by
calling getException?

On Mon, Oct 24, 2016 at 3:25 PM, Brad Johnson <[hidden email]>
wrote:

> Are you  sending a Processor across?  I've really no idea if that would
> work or not.  It's an object so I suppose if you cast the object on the
> other side you'd end up with the Processor back(?)
>
>
> Have you tried on of the methods like producerTemplate.request(endpointURI,body,
> Map<String,String>) where the map contains the headers?
>
> On Mon, Oct 24, 2016 at 9:45 AM, aravind r <[hidden email]>
> wrote:
>
>> Hi All,
>>
>> Any help is appreciated as i am trying to solve this for 2 days now.
>>
>> Trying to unit test a CXF end point secured with Spring Authentication. I
>> tried passing in as below the Authentication header however when it
>> reaches
>> my CXF Endpoint and down to route. The header is missing.
>>
>> I tried a lot of combinations and i did read some where that it doesn't
>> pass it via CXF endpoint. Is this a bug?, that was a post from 2012
>> though.
>> any workarounds?.
>>
>> How should i test my whole integration flow?.
>>
>>
>> Exchange responseExchange = producerTemplate.request("cxfrs://
>> http://localhost:9001/", new Processor() {
>>
>>
>>     @Override
>>     public void process(Exchange exchange) throws Exception {
>>
>>
>>         exchange.setPattern(ExchangePattern.InOut);
>>         Message inMessage = exchange.getIn();
>>         inMessage.setHeader("CamelCxfRsUsingHttpAPI", Boolean.TRUE);
>>         inMessage.setHeader("CamelHttpMethod", "POST");
>>         inMessage.setHeader("operationName", "getAccounts");
>>         inMessage.setHeader(Exchange.CONTENT_TYPE,"application/json");
>>         inMessage.setHeader("CamelAuthentication",subject);
>>         inMessage.setHeader("CamelHttpPath", "/v1/core/getAccounts");
>>         inMessage.setBody( new ObjectMapper().writeValueAsString(bo));
>>
>>
>> *exchange.getIn().setHeader(Exchange.AUTHENTICATION,subject);*
>>     }
>> });
>>
>> Regards,
>> Aravind
>>
>
>
Reply | Threaded
Open this post in threaded view
|

Re: Authentication Header Missing from CXF Endpoint

Aravind Rajasekharan Pillai
Hi

@Brad -
I don't think it is the Processor that is sent to the Endpoint but it is
the Exchange itself. I tried the other approach you suggested and below is
the code that am using

  String uuid = UUID.randomUUID().toString().replace("-", "");
  System.out.println("uuid = " + uuid);
  GenerateTestHeaders headerGenerator = new GenerateTestHeaders();
  Map outboundHeaderMap = headerGenerator.getOutboundHeaderMap();
  outboundHeaderMap.put(Exchange.AUTHENTICATION, subject);
  outboundHeaderMap.put("CamelCxfRsUsingHttpAPI", Boolean.TRUE);
  outboundHeaderMap.put("CamelHttpMethod", "POST");
  outboundHeaderMap.put("operationName", "login");
  outboundHeaderMap.put(Exchange.CONTENT_TYPE,"application/json");
  outboundHeaderMap.put("CamelAcceptContentType", "application/json");


  SecurityContextHolder.getContext().setAuthentication(authenticated);

  final CamelContext camelContext = producerTemplate.getCamelContext();
  final Endpoint coreEndPoint =
camelContext.getEndpoint("http4://localhost:9001/core/login");
  producerTemplate.setDefaultEndpoint(coreEndPoint);
  final String s = new ObjectMapper().writeValueAsString(bo);
  producerTemplate.sendBodyAndHeaders(coreEndPoint, s,outboundHeaderMap);


When i receive the exchange in my processor am getting both my
Exchange.AUTHENTICATION header and SecurityContext Null.

I am not able to retrieve and test the Security role because of which
everything else fails down the stream.

IS there anything else am missing?.


Regards,

Aravind



On Mon, Oct 24, 2016 at 4:32 PM, Brad Johnson <[hidden email]>
wrote:

> In addition to trying the requestBodyHeader (or whatever the request name
> is) have you tried looking the results of the Exchange you get back by
> calling getException?
>
> On Mon, Oct 24, 2016 at 3:25 PM, Brad Johnson <
> [hidden email]>
> wrote:
>
> > Are you  sending a Processor across?  I've really no idea if that would
> > work or not.  It's an object so I suppose if you cast the object on the
> > other side you'd end up with the Processor back(?)
> >
> >
> > Have you tried on of the methods like producerTemplate.request(
> endpointURI,body,
> > Map<String,String>) where the map contains the headers?
> >
> > On Mon, Oct 24, 2016 at 9:45 AM, aravind r <
> [hidden email]>
> > wrote:
> >
> >> Hi All,
> >>
> >> Any help is appreciated as i am trying to solve this for 2 days now.
> >>
> >> Trying to unit test a CXF end point secured with Spring Authentication.
> I
> >> tried passing in as below the Authentication header however when it
> >> reaches
> >> my CXF Endpoint and down to route. The header is missing.
> >>
> >> I tried a lot of combinations and i did read some where that it doesn't
> >> pass it via CXF endpoint. Is this a bug?, that was a post from 2012
> >> though.
> >> any workarounds?.
> >>
> >> How should i test my whole integration flow?.
> >>
> >>
> >> Exchange responseExchange = producerTemplate.request("cxfrs://
> >> http://localhost:9001/", new Processor() {
> >>
> >>
> >>     @Override
> >>     public void process(Exchange exchange) throws Exception {
> >>
> >>
> >>         exchange.setPattern(ExchangePattern.InOut);
> >>         Message inMessage = exchange.getIn();
> >>         inMessage.setHeader("CamelCxfRsUsingHttpAPI", Boolean.TRUE);
> >>         inMessage.setHeader("CamelHttpMethod", "POST");
> >>         inMessage.setHeader("operationName", "getAccounts");
> >>         inMessage.setHeader(Exchange.CONTENT_TYPE,"application/json");
> >>         inMessage.setHeader("CamelAuthentication",subject);
> >>         inMessage.setHeader("CamelHttpPath", "/v1/core/getAccounts");
> >>         inMessage.setBody( new ObjectMapper().writeValueAsString(bo));
> >>
> >>
> >> *exchange.getIn().setHeader(Exchange.AUTHENTICATION,subject);*
> >>     }
> >> });
> >>
> >> Regards,
> >> Aravind
> >>
> >
> >
>
Reply | Threaded
Open this post in threaded view
|

Re: Authentication Header Missing from CXF Endpoint

Brad Johnson
You are right about the Processor sent to the producer template. Just
hadn't used it that way before.

I'll have to look at this a bit further but see one place you can simplify
your testing a bit.

Instead of:

  final CamelContext camelContext = producerTemplate.getCamelContext();
  final Endpoint coreEndPoint =
camelContext.getEndpoint("http4://localhost:9001/core/login");
  producerTemplate.setDefaultEndpoint(coreEndPoint);


Just use the following (The uri is what your original was using so I'm not
sure if you want that or the http4 login version).

producerTemplate.sendBodyAndHeaders("cxfrs://http://localhost:9001/"", s,
outboundHeaderMap);

You may also want to check out the cxf:bean component but it has been
awhile since I used it.

If this were CXF SOAP I'd wonder if the mode wasn't set to Message as that
would strip headers out but I'm not sure that's applicable to RS.

Are you testing this against a running instance or are you bootstrapping it
during testing.

I use the JAXRSClientFactoryBean quite often for testing and set up the
items I need. One of the reasons I do that is I want to get as close to
calling it as an external Rest client might independent of Camel itself.
I'm not sure that would fix your problems but if you've been stuck for a
few days at least it would give you another way to test that might give a
little more illumination on what's happening.



On Tue, Oct 25, 2016 at 8:16 AM, aravind r <[hidden email]>
wrote:

> Hi
>
> @Brad -
> I don't think it is the Processor that is sent to the Endpoint but it is
> the Exchange itself. I tried the other approach you suggested and below is
> the code that am using
>
>   String uuid = UUID.randomUUID().toString().replace("-", "");
>   System.out.println("uuid = " + uuid);
>   GenerateTestHeaders headerGenerator = new GenerateTestHeaders();
>   Map outboundHeaderMap = headerGenerator.getOutboundHeaderMap();
>   outboundHeaderMap.put(Exchange.AUTHENTICATION, subject);
>   outboundHeaderMap.put("CamelCxfRsUsingHttpAPI", Boolean.TRUE);
>   outboundHeaderMap.put("CamelHttpMethod", "POST");
>   outboundHeaderMap.put("operationName", "login");
>   outboundHeaderMap.put(Exchange.CONTENT_TYPE,"application/json");
>   outboundHeaderMap.put("CamelAcceptContentType", "application/json");
>
>
>   SecurityContextHolder.getContext().setAuthentication(authenticated);
>
>   final CamelContext camelContext = producerTemplate.getCamelContext();
>   final Endpoint coreEndPoint =
> camelContext.getEndpoint("http4://localhost:9001/core/login");
>   producerTemplate.setDefaultEndpoint(coreEndPoint);
>   final String s = new ObjectMapper().writeValueAsString(bo);
>   producerTemplate.sendBodyAndHeaders(coreEndPoint, s,outboundHeaderMap);
>
>
> When i receive the exchange in my processor am getting both my
> Exchange.AUTHENTICATION header and SecurityContext Null.
>
> I am not able to retrieve and test the Security role because of which
> everything else fails down the stream.
>
> IS there anything else am missing?.
>
>
> Regards,
>
> Aravind
>
>
>
> On Mon, Oct 24, 2016 at 4:32 PM, Brad Johnson <
> [hidden email]>
> wrote:
>
> > In addition to trying the requestBodyHeader (or whatever the request name
> > is) have you tried looking the results of the Exchange you get back by
> > calling getException?
> >
> > On Mon, Oct 24, 2016 at 3:25 PM, Brad Johnson <
> > [hidden email]>
> > wrote:
> >
> > > Are you  sending a Processor across?  I've really no idea if that would
> > > work or not.  It's an object so I suppose if you cast the object on the
> > > other side you'd end up with the Processor back(?)
> > >
> > >
> > > Have you tried on of the methods like producerTemplate.request(
> > endpointURI,body,
> > > Map<String,String>) where the map contains the headers?
> > >
> > > On Mon, Oct 24, 2016 at 9:45 AM, aravind r <
> > [hidden email]>
> > > wrote:
> > >
> > >> Hi All,
> > >>
> > >> Any help is appreciated as i am trying to solve this for 2 days now.
> > >>
> > >> Trying to unit test a CXF end point secured with Spring
> Authentication.
> > I
> > >> tried passing in as below the Authentication header however when it
> > >> reaches
> > >> my CXF Endpoint and down to route. The header is missing.
> > >>
> > >> I tried a lot of combinations and i did read some where that it
> doesn't
> > >> pass it via CXF endpoint. Is this a bug?, that was a post from 2012
> > >> though.
> > >> any workarounds?.
> > >>
> > >> How should i test my whole integration flow?.
> > >>
> > >>
> > >> Exchange responseExchange = producerTemplate.request("cxfrs://
> > >> http://localhost:9001/", new Processor() {
> > >>
> > >>
> > >>     @Override
> > >>     public void process(Exchange exchange) throws Exception {
> > >>
> > >>
> > >>         exchange.setPattern(ExchangePattern.InOut);
> > >>         Message inMessage = exchange.getIn();
> > >>         inMessage.setHeader("CamelCxfRsUsingHttpAPI", Boolean.TRUE);
> > >>         inMessage.setHeader("CamelHttpMethod", "POST");
> > >>         inMessage.setHeader("operationName", "getAccounts");
> > >>         inMessage.setHeader(Exchange.CONTENT_TYPE,"application/
> json");
> > >>         inMessage.setHeader("CamelAuthentication",subject);
> > >>         inMessage.setHeader("CamelHttpPath", "/v1/core/getAccounts");
> > >>         inMessage.setBody( new ObjectMapper().
> writeValueAsString(bo));
> > >>
> > >>
> > >> *exchange.getIn().setHeader(Exchange.AUTHENTICATION,subject);*
> > >>     }
> > >> });
> > >>
> > >> Regards,
> > >> Aravind
> > >>
> > >
> > >
> >
>