Search in sources :

Example 6 with AuthSchemeProvider

use of org.apache.http.auth.AuthSchemeProvider in project lucene-solr by apache.

the class Krb5HttpClientBuilder method getBuilder.

public SolrHttpClientBuilder getBuilder(SolrHttpClientBuilder builder) {
    if (System.getProperty(LOGIN_CONFIG_PROP) != null) {
        String configValue = System.getProperty(LOGIN_CONFIG_PROP);
        if (configValue != null) {
            logger.info("Setting up SPNego auth with config: " + configValue);
            final String useSubjectCredsProp = "javax.security.auth.useSubjectCredsOnly";
            String useSubjectCredsVal = System.getProperty(useSubjectCredsProp);
            // authentication mechanism can load the credentials from the JAAS configuration.
            if (useSubjectCredsVal == null) {
                System.setProperty(useSubjectCredsProp, "false");
            } else if (!useSubjectCredsVal.toLowerCase(Locale.ROOT).equals("false")) {
                // Don't overwrite the prop value if it's already been written to something else,
                // but log because it is likely the Credentials won't be loaded correctly.
                logger.warn("System Property: " + useSubjectCredsProp + " set to: " + useSubjectCredsVal + " not false.  SPNego authentication may not be successful.");
            }
            javax.security.auth.login.Configuration.setConfiguration(jaasConfig);
            //Enable only SPNEGO authentication scheme.
            builder.setAuthSchemeRegistryProvider(() -> {
                Lookup<AuthSchemeProvider> authProviders = RegistryBuilder.<AuthSchemeProvider>create().register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true, false)).build();
                return authProviders;
            });
            // Get the credentials from the JAAS configuration rather than here
            Credentials useJaasCreds = new Credentials() {

                public String getPassword() {
                    return null;
                }

                public Principal getUserPrincipal() {
                    return null;
                }
            };
            HttpClientUtil.setCookiePolicy(SolrPortAwareCookieSpecFactory.POLICY_NAME);
            builder.setCookieSpecRegistryProvider(() -> {
                SolrPortAwareCookieSpecFactory cookieFactory = new SolrPortAwareCookieSpecFactory();
                Lookup<CookieSpecProvider> cookieRegistry = RegistryBuilder.<CookieSpecProvider>create().register(SolrPortAwareCookieSpecFactory.POLICY_NAME, cookieFactory).build();
                return cookieRegistry;
            });
            builder.setDefaultCredentialsProvider(() -> {
                CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
                credentialsProvider.setCredentials(AuthScope.ANY, useJaasCreds);
                return credentialsProvider;
            });
            HttpClientUtil.addRequestInterceptor(bufferedEntityInterceptor);
        }
    } else {
        logger.warn("{} is configured without specifying system property '{}'", getClass().getName(), LOGIN_CONFIG_PROP);
    }
    return builder;
}
Also used : BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider) CookieSpecProvider(org.apache.http.cookie.CookieSpecProvider) AuthSchemeProvider(org.apache.http.auth.AuthSchemeProvider) SPNegoSchemeFactory(org.apache.http.impl.auth.SPNegoSchemeFactory) BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider) CredentialsProvider(org.apache.http.client.CredentialsProvider) Credentials(org.apache.http.auth.Credentials)

Aggregations

AuthSchemeProvider (org.apache.http.auth.AuthSchemeProvider)6 BasicCredentialsProvider (org.apache.http.impl.client.BasicCredentialsProvider)6 CredentialsProvider (org.apache.http.client.CredentialsProvider)5 AuthScope (org.apache.http.auth.AuthScope)4 MalformedURLException (java.net.MalformedURLException)3 CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)3 JBossNegotiateSchemeFactory (org.jboss.as.test.integration.security.common.negotiation.JBossNegotiateSchemeFactory)3 IOException (java.io.IOException)2 UnsupportedEncodingException (java.io.UnsupportedEncodingException)2 URISyntaxException (java.net.URISyntaxException)2 URL (java.net.URL)2 UnknownHostException (java.net.UnknownHostException)2 PrivilegedActionException (java.security.PrivilegedActionException)2 HashSet (java.util.HashSet)2 LoginContext (javax.security.auth.login.LoginContext)2 LoginException (javax.security.auth.login.LoginException)2 Header (org.apache.http.Header)2 HttpResponse (org.apache.http.HttpResponse)2 ProtocolException (org.apache.http.ProtocolException)2 UsernamePasswordCredentials (org.apache.http.auth.UsernamePasswordCredentials)2