Example 6 with FakeHttpMethod
use of org.apache.commons.httpclient.FakeHttpMethod in project ecf by eclipse.
the class TestDigestAuth method testDigestAuthenticationMD5SessNoQop.
/**
* Test digest authentication using the MD5-sess algorithm.
*/
public void testDigestAuthenticationMD5SessNoQop() throws Exception {
// Example using Digest auth with MD5-sess
String realm = "realm";
String username = "username";
String password = "password";
String nonce = "e273f1776275974f1a120d8b92c5b3cb";
String challenge = "Digest realm=\"" + realm + "\", " + "nonce=\"" + nonce + "\", " + "opaque=\"SomeString\", " + "stale=false, " + "algorithm=MD5-sess";
UsernamePasswordCredentials cred = new UsernamePasswordCredentials(username, password);
FakeHttpMethod method = new FakeHttpMethod("/");
AuthScheme authscheme = new DigestScheme();
authscheme.processChallenge(challenge);
String response = authscheme.authenticate(cred, method);
Map table = AuthChallengeParser.extractParams(response);
assertEquals(username, table.get("username"));
assertEquals(realm, table.get("realm"));
assertEquals("MD5-sess", table.get("algorithm"));
assertEquals("/", table.get("uri"));
assertEquals(nonce, table.get("nonce"));
assertTrue(null == table.get("nc"));
assertEquals("SomeString", table.get("opaque"));
assertTrue(null == table.get("qop"));
// @TODO: add better check
assertTrue(null != table.get("response"));
}
Also used :
FakeHttpMethod(org.apache.commons.httpclient.FakeHttpMethod)
Map(java.util.Map)
UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials)
Example 7 with FakeHttpMethod
use of org.apache.commons.httpclient.FakeHttpMethod in project ecf by eclipse.
the class TestDigestAuth method testDigestAuthenticationWithStaleNonce.
public void testDigestAuthenticationWithStaleNonce() throws Exception {
// configure the server
// use arbitrary port
SimpleHttpServer server = new SimpleHttpServer();
server.setTestname(getName());
server.setHttpService(new StaleNonceService());
// configure the client
HttpClient client = new HttpClient();
client.getHostConfiguration().setHost(server.getLocalAddress(), server.getLocalPort(), Protocol.getProtocol("http"));
client.getState().setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("username", "password"));
FakeHttpMethod httpget = new FakeHttpMethod("/");
try {
client.executeMethod(httpget);
} finally {
httpget.releaseConnection();
}
assertNotNull(httpget.getStatusLine());
assertEquals(HttpStatus.SC_OK, httpget.getStatusLine().getStatusCode());
Map table = AuthChallengeParser.extractParams(httpget.getRequestHeader("Authorization").getValue());
assertEquals("username", table.get("username"));
assertEquals("realm1", table.get("realm"));
assertEquals("/", table.get("uri"));
assertEquals("321CBA", table.get("nonce"));
assertEquals("7f5948eefa115296e9279225041527b3", table.get("response"));
server.destroy();
}
Also used :
FakeHttpMethod(org.apache.commons.httpclient.FakeHttpMethod)
SimpleHttpServer(org.apache.commons.httpclient.server.SimpleHttpServer)
HttpClient(org.apache.commons.httpclient.HttpClient)
Map(java.util.Map)
UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials)
Example 8 with FakeHttpMethod
use of org.apache.commons.httpclient.FakeHttpMethod in project ecf by eclipse.
the class TestDigestAuth method testDigestAuthenticationWithQueryStringInDigestURI.
public void testDigestAuthenticationWithQueryStringInDigestURI() throws Exception {
String challenge = "Digest realm=\"realm1\", nonce=\"f2a3f18799759d4f1a1c068b92b573cb\"";
UsernamePasswordCredentials cred = new UsernamePasswordCredentials("username", "password");
FakeHttpMethod method = new FakeHttpMethod("/");
method.setQueryString("param=value");
AuthScheme authscheme = new DigestScheme();
authscheme.processChallenge(challenge);
String response = authscheme.authenticate(cred, method);
Map table = AuthChallengeParser.extractParams(response);
assertEquals("username", table.get("username"));
assertEquals("realm1", table.get("realm"));
assertEquals("/?param=value", table.get("uri"));
assertEquals("f2a3f18799759d4f1a1c068b92b573cb", table.get("nonce"));
assertEquals("a847f58f5fef0bc087bcb9c3eb30e042", table.get("response"));
}
Also used :
FakeHttpMethod(org.apache.commons.httpclient.FakeHttpMethod)
Map(java.util.Map)
UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials)
Example 9 with FakeHttpMethod
use of org.apache.commons.httpclient.FakeHttpMethod in project ecf by eclipse.
the class TestDigestAuth method testDigestAuthenticationMD5Sess.
/**
* Test digest authentication using the MD5-sess algorithm.
*/
public void testDigestAuthenticationMD5Sess() throws Exception {
// Example using Digest auth with MD5-sess
String realm = "realm";
String username = "username";
String password = "password";
String nonce = "e273f1776275974f1a120d8b92c5b3cb";
String challenge = "Digest realm=\"" + realm + "\", " + "nonce=\"" + nonce + "\", " + "opaque=\"SomeString\", " + "stale=false, " + "algorithm=MD5-sess, " + // we pass both but expect auth to be used
"qop=\"auth,auth-int\"";
UsernamePasswordCredentials cred = new UsernamePasswordCredentials(username, password);
FakeHttpMethod method = new FakeHttpMethod("/");
AuthScheme authscheme = new DigestScheme();
authscheme.processChallenge(challenge);
String response = authscheme.authenticate(cred, method);
// test for quotes
assertTrue(response.indexOf("nc=00000001") > 0);
// test for quotes
assertTrue(response.indexOf("qop=auth") > 0);
Map table = AuthChallengeParser.extractParams(response);
assertEquals(username, table.get("username"));
assertEquals(realm, table.get("realm"));
assertEquals("MD5-sess", table.get("algorithm"));
assertEquals("/", table.get("uri"));
assertEquals(nonce, table.get("nonce"));
assertEquals(1, Integer.parseInt((String) table.get("nc"), 16));
assertTrue(null != table.get("cnonce"));
assertEquals("SomeString", table.get("opaque"));
assertEquals("auth", table.get("qop"));
// @TODO: add better check
assertTrue(null != table.get("response"));
}
Also used :
FakeHttpMethod(org.apache.commons.httpclient.FakeHttpMethod)
Map(java.util.Map)
UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials)
Example 10 with FakeHttpMethod
use of org.apache.commons.httpclient.FakeHttpMethod in project ecf by eclipse.
the class TestNTLMAuth method testNTLMAuthenticationResponse2.
public void testNTLMAuthenticationResponse2() throws Exception {
String challenge = "NTLM TlRMTVNTUAACAAAACgAKADAAAAAGgoEAPc4kP4LtCV8AAAAAAAAAAJ4AngA" + "6AAAASU5UUkFFUEhPWAIAFABJAE4AVABSAEEARQBQAEgATwBYAAEAEgBCAE8AQQB" + "SAEQAUgBPAE8ATQAEACgAaQBuAHQAcgBhAGUAcABoAG8AeAAuAGUAcABoAG8AeAA" + "uAGMAbwBtAAMAPABCAG8AYQByAGQAcgBvAG8AbQAuAGkAbgB0AHIAYQBlAHAAaAB" + "vAHgALgBlAHAAaABvAHgALgBjAG8AbQAAAAAA";
String expected = "NTLM TlRMTVNTUAADAAAAGAAYAFIAAAAAAAAAagAAAAYABgB" + "AAAAACAAIAEYAAAAEAAQATgAAAAAAAABqAAAABlIAAERPTUFJTlVTRVJOQU1FSE" + "9TVAaC+vLxUEHnUtpItj9Dp4kzwQfd61Lztg==";
NTCredentials cred = new NTCredentials("username", "password", "host", "domain");
FakeHttpMethod method = new FakeHttpMethod();
AuthScheme authscheme = new NTLMScheme(challenge);
authscheme.processChallenge(challenge);
String response = authscheme.authenticate(cred, method);
assertEquals(expected, response);
assertTrue(authscheme.isComplete());
}
Also used :
FakeHttpMethod(org.apache.commons.httpclient.FakeHttpMethod)
NTCredentials(org.apache.commons.httpclient.NTCredentials)
Aggregations
FakeHttpMethod (org.apache.commons.httpclient.FakeHttpMethod)10
Map (java.util.Map)7
UsernamePasswordCredentials (org.apache.commons.httpclient.UsernamePasswordCredentials)7
NTCredentials (org.apache.commons.httpclient.NTCredentials)3
HttpClient (org.apache.commons.httpclient.HttpClient)1
SimpleHttpServer (org.apache.commons.httpclient.server.SimpleHttpServer)1
