I'am adding the CXF interceptor for the interceptor chain of the every client like this
Client client = ClientProxy.getClient(port);
Endpoint endpoint = client.getEndpoint();
endpoint.getOutInterceptors().add(new MyInterceptor(Phase.SEND));
Here the port is the port of the service the client uses.
Is it possible to add the MyInterceptor interceptor for the interceptor chain of the all clients in the server with the one command?
Related
currently, for a server to server communication, we have our own authentication method which will expect a random key in the HTTP request header.is there a way I can extend the camle HTTP to add the header for all the HTTP request call. Note we have 4 camel context XML and each camel context have 10 routes which make the HTTP request
You could also use Camel interceptors in order to add your custom header to (all or some) "http:*"-like endpoints.
Have a look at:
http://camel.apache.org/intercept.html
I am running an angular (1.5+) application on node with express and ui-router, and I would like to connect this application to a REST API that is running on the same server but on a port that is not public facing (9000).
How can I configure my angular application and express server to consume the REST API on port 9000 using server side logic?
An example route and parameter that I would like to hit my REST API on port 9000 would be https://example.com/item/123
Normally i use Express Http Proxy to solve this problem. It is very configurable.
Example code would be:
var proxy = require('express-http-proxy');
// app is your express based Web application in port 443
var app = require('express')();
app.use('/item', proxy('localhost:9000', {
forwardPath: function(req, res) {
return require('url').parse(req.url).path;
}
}));
Using this middleware you can provide custom handling of the request before and after the request to the private API has been performed. Read the documentation for more examples.
I have a bit of an issue that I can't seem to wrap my head around. The app/site is secured complete with a SSL Certificate, but we need to send an $http request with angular to a non-secured api end-point. The service does not offer a https solution and everytime we try sending the request, our server blocks it because it is not secured. Is there anyway to get around this? A way to "whitelist" the domain name or something?
Information: Server is running Nginx and the request is being made via $http angularjs.
I am having the following problem. I will describe 3 use cases - two which work and the other one which doesn't.
I have an AngularJS client using SockJS with STOMP. In the backend I have a Spring application. Client is in domain domainA.com, backend is in domainB.com.
var socket = new SockJS(("http://domainB.com/myApp/messages"));
stompClient = Stomp.over(socket);
stompClient.connect('guest', 'guest', function(frame) {
...
}
In the backend there are Cors filters and the Cross-origin calls are possible. All works fine.
Use Case 1. Client domainA, Server domainB
My application is unsecured on the backend side. I subscribe like below:
stompClient.subscribe('/topic/listen', function(message) {
showMessage(JSON.parse(message.body).content);
});
All works fine.
Use Case 2. Client domainB, Server domainB
My application is secured on the backend side with Spring security. Authentication is done through a form - username and password. Nothing uncommon.
In this case the client is on domainB.com, same as the backend. All works fine, the difference is that I use a different subscription method:
stompClient.subscribe('/user/queue/listen', function(message) {
showMessage(JSON.parse(message.body).content);
});
in order to benefit from getting the principal from the security session. All works well. No issues.
The JSESSIONID cookie is added to the connection request in new SockJS(("http://domainB.com/myApp/messages"));.
Use Case 3. Client domainA, Server domainB
The application is secured the same as in UC2. However, the client is now on a different domain.
The JSESSIONID is NOT added to the connection request. The connection to websocket in Spring is unauthenticated and redirected back to login page. This repeats and makes it impossible to connect.
Why is the JSESSIONID cookie not populated with the websocket requests in this case?
Cheers
Adam
As part of SockJS protocol, a http GET is sent to websocket server for negotiating the supported protocols. It's done using XmlHttpRequest which won't add any cookies stored for a different domain than its own domain the web application and scripts are served due to same-origin policy implemented in every modern web browser.
You should resort to a way of circumventing the same-origin policy.
I think you'll find the answers you are looking for here : http://spring.io/blog/2014/09/16/preview-spring-security-websocket-support-sessions
the trick to implement a HandshakeInterceptor
I need to send a response unsolicitedly from my server side to client side using cxf.I am very much comfortable in making synchronous JAX-WS calls from client to server(I used SOPAUI to invoke my server which is a webservice_..I am following JAX-WS wsdl first approach.I am using cxf 'wsdltojava' to convert wsdl to java classes.
To make it simple,my question is 'how to send a response(without a request from client) from server to client in CXF,JAX-WS wsdl first approach?