4月 7th, 2008at 12:17

Tags:

Axis2 1.1.1でWebサービスにBasic認証が設定されている場合

WebサービスにBasic認証が設定されている場合に、ユーザ名、パスワードをクライアント側から送る方法。

参考として「http://axis2.exblog.jp/2966029/」を元にやってみたんだけど、バージョンが違うのか定数が見つからない!ので、Basic,Digest and NTLM Authenticationも参考にやってみた。

Basic認証に対応しないSOAPを投げたときのエラー

 2007/04/02 11:56:43 org.apache.commons.httpclient.auth.AuthChallengeProcessor selectAuthScheme 情報: basic authentication scheme selected 2007/04/02 11:56:43 org.apache.commons.httpclient.HttpMethodDirector processWWWAuthChallenge 情報: Failure authenticating with BASIC 'Axis2 Application'@localhost:9999 Exception in thread "main" org.apache.axis2.AxisFault: HTTP Transport error : '401' - 'Unauthorized'; nested exception is:      org.apache.axis2.AxisFault: HTTP Transport error : '401' - 'Unauthorized'; nested exception is:      org.apache.axis2.AxisFault: HTTP Transport error : '401' - 'Unauthorized'; nested exception is:      org.apache.axis2.AxisFault: HTTP Transport error : '401' - 'Unauthorized'     at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:227)     at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:674)     at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:237)     at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:202)     at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:579)     at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:508)     at com.daipresents.soap.SendSoapMessage.main(SendSoapMessage.java:53) Caused by: org.apache.axis2.AxisFault: HTTP Transport error : '401' - 'Unauthorized'; nested exception is:      org.apache.axis2.AxisFault: HTTP Transport error : '401' - 'Unauthorized'     at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:344)     at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:204)     ... 6 more Caused by: org.apache.axis2.AxisFault: HTTP Transport error : '401' - 'Unauthorized'     at org.apache.axis2.transport.http.SOAPOverHTTPSender.send(SOAPOverHTTPSender.java:144)     at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:335)     ... 7 more

クライアント(SOAPを投げる側)ソース

public class SendSoapMessage {

   private static final String ENDPOINT = "http://localhost:9999/axis2/services/Version";   private static final String USERNAME = "admin";   private static final String PASSWORD = "";   private static final String OPERATION = "getVersion";

   public static void main(String[] args) throws Exception {

       Options options = new Options();

       options.setTo(new EndpointReference(ENDPOINT));

       ArrayList<String> authSchemes = new ArrayList<String>();       authSchemes.add(HttpTransportProperties.Authenticator.BASIC);

       HttpTransportProperties.Authenticator       auth = new HttpTransportProperties.Authenticator();       auth.setUsername(USERNAME);       auth.setPassword(PASSWORD);       auth.setPreemptiveAuthentication(true);       auth.setAuthSchemes(authSchemes);

       options.setProperty(org.apache.axis2.transport.http.HTTPConstants.AUTHENTICATE, auth);

       ServiceClient serviceClient = new ServiceClient();       serviceClient.setOptions(options);

       // Get factory       OMFactory fac = OMAbstractFactory.getOMFactory();       OMNamespace omNs = fac.createOMNamespace("http://axisversion.sample/xsd", "ns");       // Create request message       OMElement req = fac.createOMElement(OPERATION, omNs);       req.setText("hello, how are you ?");

       // call service       OMElement res = serviceClient.sendReceive(req);       System.out.println(res.toString());   }
}

TomcatでBasic認証を設定 

TOMCAT_HOME/webapps/axis2/WEB-INF/web.xmlに以下の分を追加。ユーザ名「admin」、パスワード「なし」としている。

 <!-- Security is active on entire directory --> <security-constraint>   <display-name>Axis2 Security Constraint</display-name>   <web-resource-collection>     <web-resource-name>Protected Area</web-resource-name>     <!-- Define the context-relative URL(s) to be protected -->     <url-pattern>/rest/*</url-pattern>     <url-pattern>/servlet/AxisServlet</url-pattern>     <url-pattern>*.jws</url-pattern>     <url-pattern>/services/*</url-pattern>   </web-resource-collection>   <auth-constraint>     <!-- Anyone with one of the listed roles may access this area -->     <role-name>admin</role-name>   </auth-constraint> </security-constraint>

 <!-- Define the Login Configuration for this Application --> <login-config>   <auth-method>BASIC</auth-method>   <realm-name>Axis2 Application</realm-name> </login-config>

 <!-- Security roles referenced by this web application --> <security-role>   <description>     The role that is required to log in to the Administration Application   </description>   <role-name>admin</role-name> </security-role>

クライアント実行 

実行すると以下のメッセージが出たので成功だと思う。

<ns:getVersionResponse xmlns:ns="http://axisversion.sample/xsd">  <ns:return>Hello I am Axis2 version service , My version is 1.1.1</ns:return></ns:getVersionResponse>2007/04/02 11:49:00 org.apache.commons.httpclient.auth.AuthChallengeProcessor selectAuthScheme情報: basic authentication scheme selected