Basic Authentication sample:
<conduit name="{http://example.com/}HelloWorldServicePort.http-conduit"
xmlns:sec="http://cxf.apache.org/configuration/security"
xmlns="http://cxf.apache.org/transports/http/configuration">
<authorization>
<sec:UserName>myuser</sec:UserName>
<sec:Password>mypasswd</sec:Password>
<sec:AuthorizationType>Basic</sec:AuthorizationType>
</authorization>
</conduit>
For Digest Authentication, use the same as above but with AuthorizationType value of
Digest
. (Note the AuthorizationType element can be omitted if you're using
Basic authentication, as above.)
Authorization can also be supplied dynamically, by implementing the
org.apache.cxf.transport.http.auth.HttpAuthSupplier
interface or another
interface which extends it. The main method this interface provides is:
public String getAuthorization(AuthorizationPolicy authPolicy,
URL currentURL, Message message, String fullHeader);
With this method you'll need to supply the HttpAuthPolicy, the service URL, the CXF
message and the full Authorization header (what the server sent in its last response).
With the latter value multi-phase authentications can be implemented. For a simple
implementation check the
org.apache.cxf.transport.http.auth.DefaultBasicAuthSupplier
class. On the
conduit above, declare your implementation class in an AuthSupplier
element
for CXF to use it.