CODEWITHSUNDEEP
javaspringspring-securityhessianspring-remoting
Vedran
Vedran

Reputation: 11059

Client side basic HTTP authentication with Hessian remoting in Spring

On the client side i have the following spring bean:

<bean id="partneriLogicImpl" class="org.springframework.remoting.caucho.HessianProxyFactoryBean">
    <property name="serviceUrl" value="http://localhost:8080/hr.spi.service/hessian/lcspi/lczaj/partneri" />
    <property name="serviceInterface" value="hr.spi.logic.lcspi.lczaj.PartneriLogic" />
</bean>

And I'm calling the Hessian web service with:

ApplicationContext context = new ClassPathXmlApplicationContext("applicationContextHessian.xml");
PartneriLogic partneriLogic = (PartneriLogic) context.getBean("partneriLogicImpl");
List<?> partnerList = partneriLogic.dohvatiSveZaExport();

This works just fine until I turn on Spring Security on the server side, after which I get the expected error - "Server returned HTTP response code: 403".

So, how do I configure the username and password on the client side?

Upvotes: 0

Views: 2832

Answers (2)

user7152981
user7152981

Reputation:

I tried to set username and password for authentication, but it didn't work.

At last, I found a solution - maybe this is a bad solution.

That is disabling Spring Security on Hessian service URL.

I don't think this is a good solution, but it works...

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/hessianServiceUrl");
    }
    ...
}

Upvotes: 0

yorkw
yorkw

Reputation: 41126

According to the API Doc, org.springframework.remoting.caucho.HessianProxyFactoryBean provides two setter method for HTTP basic authentication by default:

  • setUsername

    Set the username that this factory should use to access the remote service. Default is none.

    The username will be sent by Hessian via HTTP Basic Authentication.

  • setPassword

    Set the password that this factory should use to access the remote service. Default is none.

    The password will be sent by Hessian via HTTP Basic Authentication.

how do I configure the username and password on the client side?

In your applicationContext.xml, define your HessianProxyFactoryBean like so:

<bean id="partneriLogicImpl" class="org.springframework.remoting.caucho.HessianProxyFactoryBean">
  <property name="serviceUrl" value="http://localhost:8080/hr.spi.service/hessian/lcspi/lczaj/partneri" />
  <property name="serviceInterface" value="hr.spi.logic.lcspi.lczaj.PartneriLogic" />
  <property name="username" value="${username}" />
  <property name="password" value="${password}" />
</bean>

Upvotes: 2

Related Questions