I am trying to replace existing Spring KerberosRestTemplate with WebClient APIs. So is there any support provided for Kerberos in new WebClient APIs?
any help will be appreciated even pointing to some tutorial/doc will be helpful.
Asked
Active
Viewed 1,042 times
1 Answers
0
You need to create an ExchangeFilterFunction implementation which checks for the WWW-Authenticate header and then re-sends the request with an Authorization header.
@Override
public Mono<ClientResponse> filter(final ClientRequest request, final ExchangeFunction next) {
return next.exchange(request)
.flatMap(response -> {
final Set<String> headerValues = Sets.newLinkedHashSet(response.headers().header(HttpHeaders.WWW_AUTHENTICATE));
if (headerValues.contains("Negotiate")) {
final String authHeader = doAs(new CreateAuthorizationHeaderAction(userPrincipal, "HTTP/" + request.url().getHost()));
final ClientRequest authenticatedRequest = ClientRequest.from(request)
.header(HttpHeaders.AUTHORIZATION, "Negotiate " + authHeader)
.build();
return next.exchange(authenticatedRequest);
}
return Mono.just(response);
});
}
You can lift the implementation for CreateAuthorizationHeaderAction here.
Jon Freedman
- 9,469
- 4
- 39
- 58