骆驼组件端点的密码选项已更改，如何防止这种情况? [英] Camel component endpoints options for password is altered, how to prevent this?

问题描述

在Camel中，我正在使用http4组件在远程服务器上发出REST请求.

In Camel I am using the http4 component to make REST request on a remote server.

文档组件指出，应将凭据放在这样的终结点上的选项中:

The component documentation states that the credentials should be put in the options on the endpoint like this:

https4://myremote.server.com/?authUsername=xxx&authPassword=yyy

这很好，直到有人在另一个环境中输入带有'+'字符的密码为止. 我们注意到，"+"字符在服务器中作为空格发送，这会产生错误. 通过在Camel文档中进行更深入的搜索，我们发现一页进行了解释是这样使用的"RAW"功能:

This was working well until someone put a password with a '+' character on another environment. We notice that the '+' character is transmitted as a space in the server which generates an error. By searching deeper in the Camel documentation we found a page explaining there is a "RAW" function to use like this:

https4://myremote.server.com/?authUsername=xxx&authPassword=RAW(yyy)

保持密码不变.

不幸的是，此功能仅在Camel 2.11版本中引入，目前我们不打算升级到ServiceMix 5.1.x.

Unfortunately this function has only been introduced in the Camel 2.11 version and for the moment we are not planning to upgrade to ServiceMix 5.1.x.

我们当前正在使用serviceMix 4.5.x，骆驼版本是2.10.7.

We are currently on serviceMix 4.5.x and the camel version is 2.10.7.

我在路线中一一尝试过这些:

I tried these in the route (one by one):

• .setProperty("Authorization", "Basic {base64Hash}")
• .setHeader("Authorization", "Basic {base64Hash}")
• .setProperty(HttpHeaders.AUTHORIZATION, "Basic {base64Hash}")
• .setHeader(HttpHeaders.AUTHORIZATION, "Basic {base64Hash}")

• .setProperty("Authorization", "Basic {base64Hash}")
• .setHeader("Authorization", "Basic {base64Hash}")
• .setProperty(HttpHeaders.AUTHORIZATION, "Basic {base64Hash}")
• .setHeader(HttpHeaders.AUTHORIZATION, "Basic {base64Hash}")

但是远程服务器向我发送了401(未经授权)

but the remote server sends me a 401 (Unauthorized).

问题是:除了在端点上使用该选项之外，还有其他替代方法可以为http4组件发送凭据吗?

The question is: is there any other alternative to send credentials for http4 component than using the option on the endpoint?

推荐答案

我终于找到了一种方法，而我遇到的问题是服务器需要一个额外的参数:X-Forwarded-Proto， 那么以下方法非常有效，而不是在端点选项中传递凭据:

I finally found a way and the problem I had was the server that need an extra parameter called : X-Forwarded-Proto, then the following way works very well instead passing the credentials in the endpoint option:

from(in.getEndpointUri())
    .setHeader(Exchange.HTTP_METHOD, constant("GET"))
    .setHeader(Exchange.HTTP_PATH, simple("/path/to/my/resource/1234"))
    .setHeader(Exchange.HTTP_QUERY, constant("type=accessories&view=blue"))
    .setHeader("X-Forwarded-Proto", constant("https"))
    .setHeader("Authorization", constant("Basic bXl1c2VybmFtZTpwYXNzd29yZDEyMzQ="))

    .to("https4://myremote.server.com/myrestservices")
    .convertBodyTo(String.class)
    ;

之后，使用bean或处理器生成Base64哈希将很容易.

After, using a bean or processor to generate the Base64 hash would be easy.

这篇关于骆驼组件端点的密码选项已更改，如何防止这种情况?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！