Search in sources :

Example 6 with AuthenticationException

use of org.apache.http.auth.AuthenticationException in project XobotOS by xamarin.

the class RequestProxyAuthentication method process.

public void process(final HttpRequest request, final HttpContext context) throws HttpException, IOException {
    if (request == null) {
        throw new IllegalArgumentException("HTTP request may not be null");
    }
    if (context == null) {
        throw new IllegalArgumentException("HTTP context may not be null");
    }
    if (request.containsHeader(AUTH.PROXY_AUTH_RESP)) {
        return;
    }
    // Obtain authentication state
    AuthState authState = (AuthState) context.getAttribute(ClientContext.PROXY_AUTH_STATE);
    if (authState == null) {
        return;
    }
    AuthScheme authScheme = authState.getAuthScheme();
    if (authScheme == null) {
        return;
    }
    Credentials creds = authState.getCredentials();
    if (creds == null) {
        this.log.debug("User credentials not available");
        return;
    }
    if (authState.getAuthScope() != null || !authScheme.isConnectionBased()) {
        try {
            request.addHeader(authScheme.authenticate(creds, request));
        } catch (AuthenticationException ex) {
            if (this.log.isErrorEnabled()) {
                this.log.error("Proxy authentication error: " + ex.getMessage());
            }
        }
    }
}
Also used : AuthState(org.apache.http.auth.AuthState) AuthenticationException(org.apache.http.auth.AuthenticationException) Credentials(org.apache.http.auth.Credentials) AuthScheme(org.apache.http.auth.AuthScheme)

Example 7 with AuthenticationException

use of org.apache.http.auth.AuthenticationException in project XobotOS by xamarin.

the class NTLMScheme method authenticate.

public Header authenticate(final Credentials credentials, final HttpRequest request) throws AuthenticationException {
    NTCredentials ntcredentials = null;
    try {
        ntcredentials = (NTCredentials) credentials;
    } catch (ClassCastException e) {
        throw new InvalidCredentialsException("Credentials cannot be used for NTLM authentication: " + credentials.getClass().getName());
    }
    String response = null;
    if (this.state == State.CHALLENGE_RECEIVED || this.state == State.FAILED) {
        response = this.engine.generateType1Msg(ntcredentials.getDomain(), ntcredentials.getWorkstation());
        this.state = State.MSG_TYPE1_GENERATED;
    } else if (this.state == State.MSG_TYPE2_RECEVIED) {
        response = this.engine.generateType3Msg(ntcredentials.getUserName(), ntcredentials.getPassword(), ntcredentials.getDomain(), ntcredentials.getWorkstation(), this.challenge);
        this.state = State.MSG_TYPE3_GENERATED;
    } else {
        throw new AuthenticationException("Unexpected state: " + this.state);
    }
    CharArrayBuffer buffer = new CharArrayBuffer(32);
    if (isProxy()) {
        buffer.append(AUTH.PROXY_AUTH_RESP);
    } else {
        buffer.append(AUTH.WWW_AUTH_RESP);
    }
    buffer.append(": NTLM ");
    buffer.append(response);
    return new BufferedHeader(buffer);
}
Also used : InvalidCredentialsException(org.apache.http.auth.InvalidCredentialsException) AuthenticationException(org.apache.http.auth.AuthenticationException) BufferedHeader(org.apache.http.message.BufferedHeader) CharArrayBuffer(org.apache.http.util.CharArrayBuffer) NTCredentials(org.apache.http.auth.NTCredentials)

Example 8 with AuthenticationException

use of org.apache.http.auth.AuthenticationException in project XobotOS by xamarin.

the class AbstractAuthenticationHandler method selectScheme.

public AuthScheme selectScheme(final Map<String, Header> challenges, final HttpResponse response, final HttpContext context) throws AuthenticationException {
    AuthSchemeRegistry registry = (AuthSchemeRegistry) context.getAttribute(ClientContext.AUTHSCHEME_REGISTRY);
    if (registry == null) {
        throw new IllegalStateException("AuthScheme registry not set in HTTP context");
    }
    List<?> authPrefs = (List<?>) context.getAttribute(ClientContext.AUTH_SCHEME_PREF);
    if (authPrefs == null) {
        authPrefs = getAuthPreferences();
    }
    if (this.log.isDebugEnabled()) {
        this.log.debug("Authentication schemes in the order of preference: " + authPrefs);
    }
    AuthScheme authScheme = null;
    for (int i = 0; i < authPrefs.size(); i++) {
        String id = (String) authPrefs.get(i);
        Header challenge = challenges.get(id.toLowerCase(Locale.ENGLISH));
        if (challenge != null) {
            if (this.log.isDebugEnabled()) {
                this.log.debug(id + " authentication scheme selected");
            }
            try {
                authScheme = registry.getAuthScheme(id, response.getParams());
                break;
            } catch (IllegalStateException e) {
                if (this.log.isWarnEnabled()) {
                    this.log.warn("Authentication scheme " + id + " not supported");
                // Try again
                }
            }
        } else {
            if (this.log.isDebugEnabled()) {
                this.log.debug("Challenge for " + id + " authentication scheme not available");
            // Try again
            }
        }
    }
    if (authScheme == null) {
        // If none selected, something is wrong
        throw new AuthenticationException("Unable to respond to any of these challenges: " + challenges);
    }
    return authScheme;
}
Also used : Header(org.apache.http.Header) FormattedHeader(org.apache.http.FormattedHeader) AuthenticationException(org.apache.http.auth.AuthenticationException) AuthSchemeRegistry(org.apache.http.auth.AuthSchemeRegistry) List(java.util.List) AuthScheme(org.apache.http.auth.AuthScheme)

Example 9 with AuthenticationException

use of org.apache.http.auth.AuthenticationException in project ats-framework by Axway.

the class HttpClient method addRequestHeaders.

private void addRequestHeaders(HttpRequestBase httpMethod) throws FileTransferException {
    // pass user credentials with the very first headers
    if (preemptiveBasicAuthentication) {
        if (this.username == null) {
            throw new FileTransferException("We cannot set user credentials as the user name is not set");
        }
        try {
            BasicScheme schema = new BasicScheme(Charset.forName("US-ASCII"));
            Header authenticationHeader = schema.authenticate(// here we make 'empty' http request, just so we could authenticate the credentials
            new UsernamePasswordCredentials(this.username, this.userpass), new HttpGet(), httpContext);
            httpMethod.addHeader(authenticationHeader);
        } catch (AuthenticationException ae) {
            throw new FileTransferException("Unable to add Basic Authentication header", ae);
        }
    }
    // Add the rest of the request headers
    for (Header header : requestHeaders) {
        httpMethod.setHeader(header);
    }
}
Also used : FileTransferException(com.axway.ats.common.filetransfer.FileTransferException) BasicScheme(org.apache.http.impl.auth.BasicScheme) Header(org.apache.http.Header) BasicHeader(org.apache.http.message.BasicHeader) AuthenticationException(org.apache.http.auth.AuthenticationException) HttpGet(org.apache.http.client.methods.HttpGet) UsernamePasswordCredentials(org.apache.http.auth.UsernamePasswordCredentials)

Example 10 with AuthenticationException

use of org.apache.http.auth.AuthenticationException in project ats-framework by Axway.

the class GGSSchemeBase method authenticate.

@Override
public Header authenticate(final Credentials credentials, final HttpRequest request, final HttpContext context) throws AuthenticationException {
    if (request == null) {
        throw new IllegalArgumentException("HTTP request may not be null");
    }
    switch(state) {
        case UNINITIATED:
            throw new AuthenticationException(getSchemeName() + " authentication has not been initiated");
        case FAILED:
            throw new AuthenticationException(getSchemeName() + " authentication has failed");
        case CHALLENGE_RECEIVED:
            try {
                token = generateToken(token);
                state = State.TOKEN_GENERATED;
            } catch (GSSException gsse) {
                state = State.FAILED;
                if (gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED)
                    throw new InvalidCredentialsException(gsse.getMessage(), gsse);
                if (gsse.getMajor() == GSSException.NO_CRED)
                    throw new InvalidCredentialsException(gsse.getMessage(), gsse);
                if (gsse.getMajor() == GSSException.DEFECTIVE_TOKEN || gsse.getMajor() == GSSException.DUPLICATE_TOKEN || gsse.getMajor() == GSSException.OLD_TOKEN)
                    throw new AuthenticationException(gsse.getMessage(), gsse);
                // other error
                throw new AuthenticationException(gsse.getMessage());
            }
        // continue to next case block
        case TOKEN_GENERATED:
            String tokenstr = new String(base64codec.encode(token));
            if (log.isDebugEnabled()) {
                log.debug("Sending response '" + tokenstr + "' back to the auth server");
            }
            return new BasicHeader("Authorization", "Negotiate " + tokenstr);
        default:
            throw new IllegalStateException("Illegal state: " + state);
    }
}
Also used : GSSException(org.ietf.jgss.GSSException) AuthenticationException(org.apache.http.auth.AuthenticationException) InvalidCredentialsException(org.apache.http.auth.InvalidCredentialsException) BasicHeader(org.apache.http.message.BasicHeader)

Aggregations

AuthenticationException (org.apache.http.auth.AuthenticationException)31 AuthScheme (org.apache.http.auth.AuthScheme)17 Header (org.apache.http.Header)16 HttpHost (org.apache.http.HttpHost)9 Credentials (org.apache.http.auth.Credentials)9 HttpRequest (org.apache.http.HttpRequest)8 CredentialsProvider (org.apache.http.client.CredentialsProvider)8 AbortableHttpRequest (org.apache.http.client.methods.AbortableHttpRequest)8 BasicHttpRequest (org.apache.http.message.BasicHttpRequest)8 AuthState (org.apache.http.auth.AuthState)6 InvalidCredentialsException (org.apache.http.auth.InvalidCredentialsException)6 BufferedHeader (org.apache.http.message.BufferedHeader)5 CharArrayBuffer (org.apache.http.util.CharArrayBuffer)5 URI (java.net.URI)4 HttpEntity (org.apache.http.HttpEntity)4 HttpException (org.apache.http.HttpException)4 HttpResponse (org.apache.http.HttpResponse)4 NTCredentials (org.apache.http.auth.NTCredentials)4 RedirectException (org.apache.http.client.RedirectException)4 HttpGet (org.apache.http.client.methods.HttpGet)4