Examples with CredentialsProvider - org.apache.http.client.CredentialsProvider

Example 76 with CredentialsProvider

use of org.apache.http.client.CredentialsProvider in project sling by apache.

the class SmokeIT method newClient.

private CloseableHttpClient newClient() {
    CredentialsProvider credsProvider = new BasicCredentialsProvider();
    UsernamePasswordCredentials creds = new UsernamePasswordCredentials("admin", "admin");
    credsProvider.setCredentials(new AuthScope("localhost", LAUNCHPAD_PORT), creds);
    return HttpClientBuilder.create().setDefaultCredentialsProvider(credsProvider).build();
}

Also used : BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider) AuthScope(org.apache.http.auth.AuthScope) BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider) CredentialsProvider(org.apache.http.client.CredentialsProvider) UsernamePasswordCredentials(org.apache.http.auth.UsernamePasswordCredentials)

Example 77 with CredentialsProvider

use of org.apache.http.client.CredentialsProvider in project ddf by codice.

the class TestSecurity method testAllowedCipherSuites.

@Test
public void testAllowedCipherSuites() throws Exception {
    String[] supportedCipherSuites = { "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" };
    List<String> systemCipherSuites = Arrays.asList(System.getProperty("https.cipherSuites").split(","));
    assertThat("Missing a supported cipher suite", systemCipherSuites, equalTo(Arrays.asList(supportedCipherSuites)));
    // Used to filter out cipher's that don't use our current key algorithm
    KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
    keystore.load(new FileInputStream(KEY_STORE_PATH), "changeit".toCharArray());
    String keyAlgorithm = keystore.getKey("localhost", "changeit".toCharArray()).getAlgorithm();
    String url = SERVICE_ROOT.getUrl() + "/catalog/query?q=*&src=local";
    CredentialsProvider credentialsProvider = createBasicAuth("admin", "admin");
    for (String cipher : supportedCipherSuites) {
        if (cipher.contains("_" + keyAlgorithm + "_")) {
            HttpClient client = createHttpClient("TLSv1.2", new String[] { cipher }, credentialsProvider);
            assertBasicAuth(client, url, 200);
        }
    }
}

Also used : HttpClient(org.apache.http.client.HttpClient) Matchers.containsString(org.hamcrest.Matchers.containsString) BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider) CredentialsProvider(org.apache.http.client.CredentialsProvider) KeyStore(java.security.KeyStore) FileInputStream(java.io.FileInputStream) AbstractIntegrationTest(org.codice.ddf.itests.common.AbstractIntegrationTest) Test(org.junit.Test)

Example 78 with CredentialsProvider

use of org.apache.http.client.CredentialsProvider in project ddf by codice.

the class TestSecurity method testDisallowedCipherSuites.

@Test(expected = SSLHandshakeException.class)
public void testDisallowedCipherSuites() throws Exception {
    String[] disallowedCipherSuites = new String[] { //                "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
    "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", "TLS_ECDHE_RSA_WITH_RC4_128_SHA", "SSL_RSA_WITH_RC4_128_SHA", "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", "TLS_ECDH_RSA_WITH_RC4_128_SHA", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "SSL_RSA_WITH_RC4_128_MD5", "TLS_EMPTY_RENEGOTIATION_INFO_SCSV" };
    List<String> systemCipherSuites = Arrays.asList(System.getProperty("https.cipherSuites").split(","));
    List<String> intersection = new ArrayList<>(Arrays.asList(disallowedCipherSuites));
    intersection.retainAll(systemCipherSuites);
    assertThat("Supported cipher suite in disallowed ciphers", intersection, emptyCollectionOf(String.class));
    String url = SERVICE_ROOT.getUrl() + "/catalog/query?q=*&src=local";
    CredentialsProvider credentialsProvider = createBasicAuth("admin", "admin");
    HttpClient client = createHttpClient("TLSv1.2", disallowedCipherSuites, credentialsProvider);
    HttpGet get = new HttpGet(url);
    client.execute(get);
}

Also used : HttpClient(org.apache.http.client.HttpClient) HttpGet(org.apache.http.client.methods.HttpGet) ArrayList(java.util.ArrayList) Matchers.containsString(org.hamcrest.Matchers.containsString) BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider) CredentialsProvider(org.apache.http.client.CredentialsProvider) AbstractIntegrationTest(org.codice.ddf.itests.common.AbstractIntegrationTest) Test(org.junit.Test)

Example 79 with CredentialsProvider

use of org.apache.http.client.CredentialsProvider in project ddf by codice.

the class TestSecurity method createBasicAuth.

private CredentialsProvider createBasicAuth(String username, String password) {
    CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
    UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials(username, password);
    credentialsProvider.setCredentials(AuthScope.ANY, usernamePasswordCredentials);
    return credentialsProvider;
}

Also used : BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider) BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider) CredentialsProvider(org.apache.http.client.CredentialsProvider) UsernamePasswordCredentials(org.apache.http.auth.UsernamePasswordCredentials)

Aggregations

CredentialsProvider (org.apache.http.client.CredentialsProvider)79 BasicCredentialsProvider (org.apache.http.impl.client.BasicCredentialsProvider)52 UsernamePasswordCredentials (org.apache.http.auth.UsernamePasswordCredentials)50 AuthScope (org.apache.http.auth.AuthScope)43 HttpHost (org.apache.http.HttpHost)26 HttpGet (org.apache.http.client.methods.HttpGet)16 CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)16 HttpResponse (org.apache.http.HttpResponse)15 Test (org.junit.Test)14 Credentials (org.apache.http.auth.Credentials)13 IOException (java.io.IOException)12 Header (org.apache.http.Header)11 HttpClientContext (org.apache.http.client.protocol.HttpClientContext)11 HttpRequest (org.apache.http.HttpRequest)10 BasicScheme (org.apache.http.impl.auth.BasicScheme)9 HttpClientBuilder (org.apache.http.impl.client.HttpClientBuilder)9 HttpEntity (org.apache.http.HttpEntity)8 AuthenticationException (org.apache.http.auth.AuthenticationException)8 AbortableHttpRequest (org.apache.http.client.methods.AbortableHttpRequest)8 CloseableHttpResponse (org.apache.http.client.methods.CloseableHttpResponse)8