Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jersey-dev] Fwd: Proxy Basic Authentication Tips
Hi Jan, thanks for your reply.

I think that with a code example I can better explain our needs:

HttpAuthenticationFeature httpAuthenticationFeature =
HttpAuthenticationFeature.basic("myProxyUser", "myProxyPassword");

ClientConfig clientConfig = new ClientConfig();
clientConfig.connectorProvider(new ApacheConnectorProvider());
Client client = ClientBuilder.newClient(clientConfig);
client.register(httpAuthenticationFeature);

WebTarget target = client.target("https://external.host");
Response response = target.path("/path/to/generate/access/token").request().get();
//This response is ok. The response was a proxy block before HttpAuthenticationFeature
AccessToken accessToken = response.readEntity(AccessToken.class);

//This one give us the proxy block again.
target.path("/path/to/get/info").request()
.header(HttpHeaders.AUTHORIZATION, "Bearer " + accessToken.getValue())
.get();

We are trying to use a CredentialsProvider as well, but without success until now.

Thanks in advance.

Em qua., 16 de ago. de 2023 às 12:47, Jan Supol <jan.supol@xxxxxxxxxx> escreveu:
Hi,
I am not sure I understand the issue.

  • We saw that the HttpAuthenticationFilter adds an Authorization header with the basic authentication, and that's why there's a condition to not execute the authentication process if this header exists on the original request.
Do I understand correctly that you want to repeat the authentication again to another endpoint? If so, can you create another filter with higher priority than HttpAuthenticationFilter, remove the REQUEST_PROPERTY_FILTER_REUSED property, and set the new URI in ClientRequestContext?

Or you want to make a completely new request from a filter with a lower priority with the new token you received and repeat a similar logic from repeatRequest method?

-- Jan




















From: jersey-dev <jersey-dev-bounces@xxxxxxxxxxx> on behalf of Thiago Cardoso Silva via jersey-dev <jersey-dev@xxxxxxxxxxx>

Sent: Wednesday, August 16, 2023 1:01 AM

To: jersey-dev@xxxxxxxxxxx <jersey-dev@xxxxxxxxxxx>

Cc: Thiago Cardoso Silva <t.cardoso@xxxxxxxxxxxxxx>

Subject: [External] : [jersey-dev] Proxy Basic Authentication Tips

 






Hi!







I'm facing a problem at work and can't find any alternatives. 


We need to call an external API and for that, we have to pass by the proxy with authentication. For the first request, to get an access token, we are using the feature that adds the HttpAuthenticationFilter.







So, for that, with my user and password, everything is ok. But now, I need to call another endpoint passing the token from the previous request as an Authorization header.







We saw that the HttpAuthenticationFilter adds an Authorization header with the basic authentication, and that's why there's a condition to not execute the authentication process if this header exists on the original request.







We got the working using OkHttp, but I know they use another process for the authentication. There's something we can do to provide something similar?







Thanks in advance.


























  Back to the top