It has been a long time since I talked about GroovyWS ... Groovy has been out for a week now and I have been working a bit on GroovyWS as well so I decided to push a new version. The changes brought by this new version are minor in term of workload but they should (hopefully) made GroovyWS more usuable in a production environment.
The first change deals with https support. Now you cab use the WSClient with a serving using secure http. This has been tested using Amazon S3 web services:
You can now create buckets :-)
The other major change is the support for servers using basic authentication. So if your server requests to have an "Authorization: Basic bG9naW46cGFzc3dk" header in the request, you are able to set the correct properties using:
Do not forget that the token transmitted is just a base64 encoding of "login:passwd", so basically your are transmitting your credentials in clear text :-). You don't trust me ? Try this:
or
Only use this over https !
The last minor change is to publish the SOAPAction property in the WSDL generated by the server. This makes odd commercial products work with WSServer !
What are the next steps ? I would like to add WS-Security support. This is something I already have partially, I am missing a public server to test it and would like to know how you would envisage its usage using groovy. So if you have any idea, do not hesitate to contact me ...
The first change deals with https support. Now you cab use the WSClient with a serving using secure http. This has been tested using Amazon S3 web services:
def proxy =
new WSClient("https://s3.amazonaws.com/doc/2006-03-01/AmazonS3.wsdl",..)
You can now create buckets :-)
The other major change is the support for servers using basic authentication. So if your server requests to have an "Authorization: Basic bG9naW46cGFzc3dk" header in the request, you are able to set the correct properties using:
System.props["http.user"] = "login"
System.props["http.password"] = "passwd"
Do not forget that the token transmitted is just a base64 encoding of "login:passwd", so basically your are transmitting your credentials in clear text :-). You don't trust me ? Try this:
echo -n 'login:passwd' | openssl enc -a -e
or
echo 'bG9naW46cGFzc3dk' | openssl enc -a -d
Only use this over https !
The last minor change is to publish the SOAPAction property in the WSDL generated by the server. This makes odd commercial products work with WSServer !
What are the next steps ? I would like to add WS-Security support. This is something I already have partially, I am missing a public server to test it and would like to know how you would envisage its usage using groovy. So if you have any idea, do not hesitate to contact me ...
1 comment:
Hi,
About login/pwd for basic auth...
I don't like system properties, I prefer a connection based preference (with wrapper maybe) by no system change...
It's what i use with httpclient, maybe , we can't do that with CXF.
Post a Comment