Pages

27 February 2013

Applying Basic HTTP Authentication on Axis2 Web Services in Tomcat


Basic authentication is sort of authentication mechanism for restricting access of resources on tomcat. This is a simple way to limiting accesses but it uses easy to sniff plain http messages with base64 encoded username and password pair inside http header. 
In order to apply basic http authentication on axis2 web services, please follow the steps, below:
  1. Add this config xml to tomcat-users.xml under conf directory.
  2. 
     
     
     
    

  3. Go to \webapps\axis2\WEB-INF, add the following lines to web.xml. tag defines the url where to bind security constraints. Also, you can specifically define this security config for a specific service on axis2.
  4. 
    
       
          secured services
          /axis2/services
       
    
       
          wsclient
       
    
    
    
       BASIC
       wsclient
    
    
  5. Start tomcat and test default web service(Version) on Axis2. There is little button “aut” written on its label, in soapUI test window. I fill the username and password as I set in tomcat-users-xml and select authorization type “preemptive”. Send the request and everything will work fine. If credentials are not supplied, ClientProtocolException will occur and logged in “soapui logs.”
  6. ERROR:Exception in request: org.apache.http.client.ClientProtocolException 
    ERROR:An error occured [org.apache.http.client.ClientProtocolException], see error log for details 
    
Thats all, you have to do for applying http basic auth... Thanks for reading...

No comments:

Post a Comment

Thx for reading! Comments are appreciated...