在 Mule ESB 中使用 Windows 凭证的 CXF 端点

发布于 2024-12-21 07:06:17 字数 1943 浏览 5 评论 0原文

我有一个工作骡子到我使用的 C# 服务端点。

服务托管在 WCF/C# 上 - mule 使用 apache cxf (Wsdl2java) 生成的一组类打开该服务的客户端。然而，到目前为止，我使用的只是服务上的基本http绑定 - 这意味着没有安全/凭据验证。

现在——我想改变这一点。我想将 c# 服务的绑定设置为 WSHttpBinding。

有没有办法可以使用 NTLM 凭据使用 C# 服务？

当前端点定义为：

<cxf:jaxws-client serviceClass="com.TimeLineListener.IBusListeningService" 
            operation="getMessage" /> 
                <outbound-endpoint address="${TMSService.host}"
            exchange-pattern="one-way" />

来自 Apache CXF 的文档：

NTLM 身份验证

 //Set the jcifs properties
    jcifs.Config.setProperty("jcifs.smb.client.domain", "ben.com");
    jcifs.Config.setProperty("jcifs.netbios.wins", "xxx.xxx.xxx.xxx");
    jcifs.Config.setProperty("jcifs.smb.client.soTimeout", "300000"); //5
    minutes
    jcifs.Config.setProperty("jcifs.netbios.cachePolicy", "1200"); //20 minutes
    //jcifs.Config.setProperty("jcifs.smb.client.username", "myNTLogin");
    //jcifs.Config.setProperty("jcifs.smb.client.password", "secret");

    //Register the jcifs URL handler to enable NTLM
    jcifs.Config.registerSmbURLHandler();

Finally, you need to setup the CXF client to turn off chunking. The reason is that the NTLM authentication requires a 3 part handshake which breaks the streaming. 

//Turn off chunking so that NTLM can occur
Client client = ClientProxy.getClient(port);
HTTPConduit http = (HTTPConduit) client.getConduit();
HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
httpClientPolicy.setConnectionTimeout(36000);
httpClientPolicy.setAllowChunking(false);
http.setClient(httpClientPolicy);

那么，我如何在上面的 XML 中定义这些项目？？？我还没有看到任何这样的例子......

而且，即使我尝试在没有安全性的情况下建立连接（WSHttpBinding with Security =none） - 我仍然无法使其工作，因为内容类型不匹配（假设是应用程序/ xml 并且它是 text/xml 或类似的东西）

我真的很想要一些关于如何实现这一点的示例。

再次感谢）！

原文

i have a working mule to C# service endpoint that i use.

Service is hosted on WCF/C# - mule is openning a client to that service using a set of classes generated by apache cxf (Wsdl2java).
However, up until now all i used is a basichttpbinding on the service - meaning there is no security/credentials validation.

Now - i would like to change that. I want to set the binding of the c# service to WSHttpBinding.

Is there a way i can consume the c# service using NTLM Credentials??

Current endpoint is defined as:

<cxf:jaxws-client serviceClass="com.TimeLineListener.IBusListeningService" 
            operation="getMessage" /> 
                <outbound-endpoint address="${TMSService.host}"
            exchange-pattern="one-way" />

From Apache CXF'S DOcumentation:

NTLM Authentication

 //Set the jcifs properties
    jcifs.Config.setProperty("jcifs.smb.client.domain", "ben.com");
    jcifs.Config.setProperty("jcifs.netbios.wins", "xxx.xxx.xxx.xxx");
    jcifs.Config.setProperty("jcifs.smb.client.soTimeout", "300000"); //5
    minutes
    jcifs.Config.setProperty("jcifs.netbios.cachePolicy", "1200"); //20 minutes
    //jcifs.Config.setProperty("jcifs.smb.client.username", "myNTLogin");
    //jcifs.Config.setProperty("jcifs.smb.client.password", "secret");

    //Register the jcifs URL handler to enable NTLM
    jcifs.Config.registerSmbURLHandler();

Finally, you need to setup the CXF client to turn off chunking. The reason is that the NTLM authentication requires a 3 part handshake which breaks the streaming. 

//Turn off chunking so that NTLM can occur
Client client = ClientProxy.getClient(port);
HTTPConduit http = (HTTPConduit) client.getConduit();
HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
httpClientPolicy.setConnectionTimeout(36000);
httpClientPolicy.setAllowChunking(false);
http.setClient(httpClientPolicy);

So, how can i define these items in the XML's above??? i havent seen any such examples....

And addtionaly, even if i try to set up the connection without security (WSHttpBinding with Security =none) - i still cant make it work as the content types doesnt match (suppose to be application/xml and it is text/xml or something of the like)

I would really like some sort of example as to how to make this happen.

Thanks (Again) !

分享到QQ

分享到微博