Search in sources :

Example 21 with Credentials

use of org.apache.http.auth.Credentials in project robovm by robovm.

the class DefaultRequestDirector method createTunnelToTarget.

// establishConnection
/**
     * Creates a tunnel to the target server.
     * The connection must be established to the (last) proxy.
     * A CONNECT request for tunnelling through the proxy will
     * be created and sent, the response received and checked.
     * This method does <i>not</i> update the connection with
     * information about the tunnel, that is left to the caller.
     *
     * @param route     the route to establish
     * @param context   the context for request execution
     *
     * @return  <code>true</code> if the tunnelled route is secure,
     *          <code>false</code> otherwise.
     *          The implementation here always returns <code>false</code>,
     *          but derived classes may override.
     *
     * @throws HttpException    in case of a problem
     * @throws IOException      in case of an IO problem
     */
protected boolean createTunnelToTarget(HttpRoute route, HttpContext context) throws HttpException, IOException {
    HttpHost proxy = route.getProxyHost();
    HttpHost target = route.getTargetHost();
    HttpResponse response = null;
    boolean done = false;
    while (!done) {
        done = true;
        if (!this.managedConn.isOpen()) {
            this.managedConn.open(route, context, this.params);
        }
        HttpRequest connect = createConnectRequest(route, context);
        String agent = HttpProtocolParams.getUserAgent(params);
        if (agent != null) {
            connect.addHeader(HTTP.USER_AGENT, agent);
        }
        connect.addHeader(HTTP.TARGET_HOST, target.toHostString());
        AuthScheme authScheme = this.proxyAuthState.getAuthScheme();
        AuthScope authScope = this.proxyAuthState.getAuthScope();
        Credentials creds = this.proxyAuthState.getCredentials();
        if (creds != null) {
            if (authScope != null || !authScheme.isConnectionBased()) {
                try {
                    connect.addHeader(authScheme.authenticate(creds, connect));
                } catch (AuthenticationException ex) {
                    if (this.log.isErrorEnabled()) {
                        this.log.error("Proxy authentication error: " + ex.getMessage());
                    }
                }
            }
        }
        response = requestExec.execute(connect, this.managedConn, context);
        int status = response.getStatusLine().getStatusCode();
        if (status < 200) {
            throw new HttpException("Unexpected response to CONNECT request: " + response.getStatusLine());
        }
        CredentialsProvider credsProvider = (CredentialsProvider) context.getAttribute(ClientContext.CREDS_PROVIDER);
        if (credsProvider != null && HttpClientParams.isAuthenticating(params)) {
            if (this.proxyAuthHandler.isAuthenticationRequested(response, context)) {
                this.log.debug("Proxy requested authentication");
                Map<String, Header> challenges = this.proxyAuthHandler.getChallenges(response, context);
                try {
                    processChallenges(challenges, this.proxyAuthState, this.proxyAuthHandler, response, context);
                } catch (AuthenticationException ex) {
                    if (this.log.isWarnEnabled()) {
                        this.log.warn("Authentication error: " + ex.getMessage());
                        break;
                    }
                }
                updateAuthState(this.proxyAuthState, proxy, credsProvider);
                if (this.proxyAuthState.getCredentials() != null) {
                    done = false;
                    // Retry request
                    if (this.reuseStrategy.keepAlive(response, context)) {
                        this.log.debug("Connection kept alive");
                        // Consume response content
                        HttpEntity entity = response.getEntity();
                        if (entity != null) {
                            entity.consumeContent();
                        }
                    } else {
                        this.managedConn.close();
                    }
                }
            } else {
                // Reset proxy auth scope
                this.proxyAuthState.setAuthScope(null);
            }
        }
    }
    int status = response.getStatusLine().getStatusCode();
    if (status > 299) {
        // Buffer response content
        HttpEntity entity = response.getEntity();
        if (entity != null) {
            response.setEntity(new BufferedHttpEntity(entity));
        }
        this.managedConn.close();
        throw new TunnelRefusedException("CONNECT refused by proxy: " + response.getStatusLine(), response);
    }
    this.managedConn.markReusable();
    // Leave it to derived classes, consider insecure by default here.
    return false;
}
Also used : HttpRequest(org.apache.http.HttpRequest) BasicHttpRequest(org.apache.http.message.BasicHttpRequest) AbortableHttpRequest(org.apache.http.client.methods.AbortableHttpRequest) HttpEntity(org.apache.http.HttpEntity) BufferedHttpEntity(org.apache.http.entity.BufferedHttpEntity) AuthenticationException(org.apache.http.auth.AuthenticationException) HttpResponse(org.apache.http.HttpResponse) CredentialsProvider(org.apache.http.client.CredentialsProvider) AuthScheme(org.apache.http.auth.AuthScheme) Header(org.apache.http.Header) BufferedHttpEntity(org.apache.http.entity.BufferedHttpEntity) HttpHost(org.apache.http.HttpHost) AuthScope(org.apache.http.auth.AuthScope) HttpException(org.apache.http.HttpException) Credentials(org.apache.http.auth.Credentials)

Example 22 with Credentials

use of org.apache.http.auth.Credentials in project robovm by robovm.

the class DefaultRequestDirector method updateAuthState.

private void updateAuthState(final AuthState authState, final HttpHost host, final CredentialsProvider credsProvider) {
    if (!authState.isValid()) {
        return;
    }
    String hostname = host.getHostName();
    int port = host.getPort();
    if (port < 0) {
        Scheme scheme = connManager.getSchemeRegistry().getScheme(host);
        port = scheme.getDefaultPort();
    }
    AuthScheme authScheme = authState.getAuthScheme();
    AuthScope authScope = new AuthScope(hostname, port, authScheme.getRealm(), authScheme.getSchemeName());
    if (this.log.isDebugEnabled()) {
        this.log.debug("Authentication scope: " + authScope);
    }
    Credentials creds = authState.getCredentials();
    if (creds == null) {
        creds = credsProvider.getCredentials(authScope);
        if (this.log.isDebugEnabled()) {
            if (creds != null) {
                this.log.debug("Found credentials");
            } else {
                this.log.debug("Credentials not found");
            }
        }
    } else {
        if (authScheme.isComplete()) {
            this.log.debug("Authentication failed");
            creds = null;
        }
    }
    authState.setAuthScope(authScope);
    authState.setCredentials(creds);
}
Also used : Scheme(org.apache.http.conn.scheme.Scheme) AuthScheme(org.apache.http.auth.AuthScheme) AuthScope(org.apache.http.auth.AuthScope) Credentials(org.apache.http.auth.Credentials) AuthScheme(org.apache.http.auth.AuthScheme)

Example 23 with Credentials

use of org.apache.http.auth.Credentials in project robovm by robovm.

the class RequestTargetAuthentication method process.

public void process(final HttpRequest request, final HttpContext context) throws HttpException, IOException {
    if (request == null) {
        throw new IllegalArgumentException("HTTP request may not be null");
    }
    if (context == null) {
        throw new IllegalArgumentException("HTTP context may not be null");
    }
    if (request.containsHeader(AUTH.WWW_AUTH_RESP)) {
        return;
    }
    // Obtain authentication state
    AuthState authState = (AuthState) context.getAttribute(ClientContext.TARGET_AUTH_STATE);
    if (authState == null) {
        return;
    }
    AuthScheme authScheme = authState.getAuthScheme();
    if (authScheme == null) {
        return;
    }
    Credentials creds = authState.getCredentials();
    if (creds == null) {
        this.log.debug("User credentials not available");
        return;
    }
    if (authState.getAuthScope() != null || !authScheme.isConnectionBased()) {
        try {
            request.addHeader(authScheme.authenticate(creds, request));
        } catch (AuthenticationException ex) {
            if (this.log.isErrorEnabled()) {
                this.log.error("Authentication error: " + ex.getMessage());
            }
        }
    }
}
Also used : AuthState(org.apache.http.auth.AuthState) AuthenticationException(org.apache.http.auth.AuthenticationException) Credentials(org.apache.http.auth.Credentials) AuthScheme(org.apache.http.auth.AuthScheme)

Example 24 with Credentials

use of org.apache.http.auth.Credentials in project robovm by robovm.

the class BasicCredentialsProvider method matchCredentials.

/**
     * Find matching {@link Credentials credentials} for the given authentication scope.
     *
     * @param map the credentials hash map
     * @param authscope the {@link AuthScope authentication scope}
     * @return the credentials 
     * 
     */
private static Credentials matchCredentials(final HashMap<AuthScope, Credentials> map, final AuthScope authscope) {
    // see if we get a direct hit
    Credentials creds = map.get(authscope);
    if (creds == null) {
        // Nope.
        // Do a full scan
        int bestMatchFactor = -1;
        AuthScope bestMatch = null;
        for (AuthScope current : map.keySet()) {
            int factor = authscope.match(current);
            if (factor > bestMatchFactor) {
                bestMatchFactor = factor;
                bestMatch = current;
            }
        }
        if (bestMatch != null) {
            creds = map.get(bestMatch);
        }
    }
    return creds;
}
Also used : AuthScope(org.apache.http.auth.AuthScope) Credentials(org.apache.http.auth.Credentials)

Example 25 with Credentials

use of org.apache.http.auth.Credentials in project wildfly by wildfly.

the class IdentityLoginModuleTestCase method assertPrincipal.

/**
     * Calls {@link PrincipalPrintingServlet} and checks if the returned principal name is the expected one.
     *
     * @param url
     * @param expectedPrincipal
     * @return Principal name returned from {@link PrincipalPrintingServlet}
     */
private String assertPrincipal(URL url, String expectedPrincipal) {
    DefaultHttpClient httpclient = new DefaultHttpClient();
    Credentials creds = new UsernamePasswordCredentials("anyUsername");
    httpclient.getCredentialsProvider().setCredentials(new AuthScope(url.getHost(), url.getPort()), creds);
    HttpGet httpget = new HttpGet(url.toExternalForm());
    String text;
    try {
        HttpResponse response = httpclient.execute(httpget);
        assertEquals("Unexpected status code", HttpServletResponse.SC_OK, response.getStatusLine().getStatusCode());
        text = EntityUtils.toString(response.getEntity());
    } catch (IOException e) {
        throw new RuntimeException("Servlet response IO exception", e);
    }
    assertEquals("Unexpected principal name assigned by IdentityLoinModule", expectedPrincipal, text);
    return text;
}
Also used : HttpGet(org.apache.http.client.methods.HttpGet) AuthScope(org.apache.http.auth.AuthScope) HttpResponse(org.apache.http.HttpResponse) IOException(java.io.IOException) DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient) Credentials(org.apache.http.auth.Credentials) UsernamePasswordCredentials(org.apache.http.auth.UsernamePasswordCredentials) UsernamePasswordCredentials(org.apache.http.auth.UsernamePasswordCredentials)

Aggregations

Credentials (org.apache.http.auth.Credentials)39 AuthScope (org.apache.http.auth.AuthScope)22 UsernamePasswordCredentials (org.apache.http.auth.UsernamePasswordCredentials)16 AuthScheme (org.apache.http.auth.AuthScheme)15 CredentialsProvider (org.apache.http.client.CredentialsProvider)13 AuthState (org.apache.http.auth.AuthState)11 AuthenticationException (org.apache.http.auth.AuthenticationException)9 HttpHost (org.apache.http.HttpHost)8 BasicCredentialsProvider (org.apache.http.impl.client.BasicCredentialsProvider)7 NTCredentials (org.apache.http.auth.NTCredentials)5 IOException (java.io.IOException)4 Header (org.apache.http.Header)4 HttpException (org.apache.http.HttpException)4 HttpRequest (org.apache.http.HttpRequest)4 HttpResponse (org.apache.http.HttpResponse)4 Scheme (org.apache.http.conn.scheme.Scheme)4 BasicScheme (org.apache.http.impl.auth.BasicScheme)4 HttpEntity (org.apache.http.HttpEntity)3 AbortableHttpRequest (org.apache.http.client.methods.AbortableHttpRequest)3 CloseableHttpResponse (org.apache.http.client.methods.CloseableHttpResponse)3