Example 41 with UrlEncodedFormEntity
use of org.apache.http.client.entity.UrlEncodedFormEntity in project wildfly by wildfly.
the class Utils method makeHttpCallWoSPNEGO.
/**
* Creates request against SPNEGO protected web-app with FORM fallback. It doesn't try to login using SPNEGO - it uses FORM
* authn directly.
*
* @param contextUrl
* @param page
* @param user
* @param pass
* @param expectedStatusCode
* @return
* @throws IOException
* @throws URISyntaxException
* @throws PrivilegedActionException
* @throws LoginException
*/
public static String makeHttpCallWoSPNEGO(final String contextUrl, final String page, final String user, final String pass, final int expectedStatusCode) throws IOException, URISyntaxException, PrivilegedActionException, LoginException {
final String strippedContextUrl = StringUtils.stripEnd(contextUrl, "/");
final String url = strippedContextUrl + page;
LOGGER.trace("Requesting URL: " + url);
final DefaultHttpClient httpClient = new DefaultHttpClient();
httpClient.setRedirectStrategy(REDIRECT_STRATEGY);
String unauthorizedPageBody = null;
try {
final HttpGet httpGet = new HttpGet(url);
HttpResponse response = httpClient.execute(httpGet);
int statusCode = response.getStatusLine().getStatusCode();
if (HttpServletResponse.SC_UNAUTHORIZED != statusCode || StringUtils.isEmpty(user)) {
assertEquals("Unexpected HTTP response status code.", expectedStatusCode, statusCode);
return EntityUtils.toString(response.getEntity());
}
final Header[] authnHeaders = response.getHeaders("WWW-Authenticate");
assertTrue("WWW-Authenticate header is present", authnHeaders != null && authnHeaders.length > 0);
final Set<String> authnHeaderValues = new HashSet<String>();
for (final Header header : authnHeaders) {
authnHeaderValues.add(header.getValue());
}
assertTrue("WWW-Authenticate: Negotiate header is missing", authnHeaderValues.contains("Negotiate"));
LOGGER.debug("HTTP response was SC_UNAUTHORIZED, let's authenticate the user " + user);
unauthorizedPageBody = EntityUtils.toString(response.getEntity());
assertNotNull(unauthorizedPageBody);
LOGGER.trace(unauthorizedPageBody);
assertTrue(unauthorizedPageBody.contains("j_security_check"));
HttpPost httpPost = new HttpPost(strippedContextUrl + "/j_security_check");
List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>();
nameValuePairs.add(new BasicNameValuePair("j_username", user));
nameValuePairs.add(new BasicNameValuePair("j_password", pass));
httpPost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
response = httpClient.execute(httpPost);
statusCode = response.getStatusLine().getStatusCode();
assertEquals("Unexpected status code returned after the authentication.", expectedStatusCode, statusCode);
return EntityUtils.toString(response.getEntity());
} finally {
// When HttpClient instance is no longer needed,
// shut down the connection manager to ensure
// immediate deallocation of all system resources
httpClient.getConnectionManager().shutdown();
}
}
Also used :
HttpPost(org.apache.http.client.methods.HttpPost)
NameValuePair(org.apache.http.NameValuePair)
BasicNameValuePair(org.apache.http.message.BasicNameValuePair)
HttpGet(org.apache.http.client.methods.HttpGet)
ArrayList(java.util.ArrayList)
HttpResponse(org.apache.http.HttpResponse)
UrlEncodedFormEntity(org.apache.http.client.entity.UrlEncodedFormEntity)
DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient)
Header(org.apache.http.Header)
BasicNameValuePair(org.apache.http.message.BasicNameValuePair)
HashSet(java.util.HashSet)
Example 42 with UrlEncodedFormEntity
use of org.apache.http.client.entity.UrlEncodedFormEntity in project wildfly by wildfly.
the class Utils method makeHttpCallWithFallback.
/**
* Creates request against SPNEGO protected web-app with FORM fallback. It tries to login using SPNEGO first - if it fails,
* FORM is used.
*
* @param contextUrl
* @param page
* @param user
* @param pass
* @param expectedStatusCode
* @return
* @throws IOException
* @throws URISyntaxException
* @throws PrivilegedActionException
* @throws LoginException
*/
public static String makeHttpCallWithFallback(final String contextUrl, final String page, final String user, final String pass, final int expectedStatusCode) throws IOException, URISyntaxException, PrivilegedActionException, LoginException {
final String strippedContextUrl = StringUtils.stripEnd(contextUrl, "/");
final String url = strippedContextUrl + page;
LOGGER.trace("Requesting URL: " + url);
String unauthorizedPageBody = null;
final Krb5LoginConfiguration krb5Configuration = new Krb5LoginConfiguration(getLoginConfiguration());
Registry<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create().register(AuthSchemes.SPNEGO, new JBossNegotiateSchemeFactory(true)).build();
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(new AuthScope(null, -1, null), new NullHCCredentials());
final CloseableHttpClient httpClient = HttpClientBuilder.create().setDefaultAuthSchemeRegistry(authSchemeRegistry).setDefaultCredentialsProvider(credentialsProvider).setRedirectStrategy(REDIRECT_STRATEGY).setConnectionManager(new BasicHttpClientConnectionManager()).build();
try {
final HttpGet httpGet = new HttpGet(url);
final HttpResponse response = httpClient.execute(httpGet);
int statusCode = response.getStatusLine().getStatusCode();
if (HttpServletResponse.SC_UNAUTHORIZED != statusCode || StringUtils.isEmpty(user)) {
assertEquals("Unexpected HTTP response status code.", expectedStatusCode, statusCode);
return EntityUtils.toString(response.getEntity());
}
final Header[] authnHeaders = response.getHeaders("WWW-Authenticate");
assertTrue("WWW-Authenticate header is present", authnHeaders != null && authnHeaders.length > 0);
final Set<String> authnHeaderValues = new HashSet<String>();
for (final Header header : authnHeaders) {
authnHeaderValues.add(header.getValue());
}
assertTrue("WWW-Authenticate: Negotiate header is missing", authnHeaderValues.contains("Negotiate"));
LOGGER.debug("HTTP response was SC_UNAUTHORIZED, let's authenticate the user " + user);
unauthorizedPageBody = EntityUtils.toString(response.getEntity());
// Use our custom configuration to avoid reliance on external config
Configuration.setConfiguration(krb5Configuration);
// 1. Authenticate to Kerberos.
final LoginContext lc = loginWithKerberos(krb5Configuration, user, pass);
// 2. Perform the work as authenticated Subject.
final String responseBody = Subject.doAs(lc.getSubject(), new PrivilegedExceptionAction<String>() {
public String run() throws Exception {
final HttpResponse response = httpClient.execute(httpGet);
int statusCode = response.getStatusLine().getStatusCode();
assertEquals("Unexpected status code returned after the authentication.", expectedStatusCode, statusCode);
return EntityUtils.toString(response.getEntity());
}
});
lc.logout();
return responseBody;
} catch (LoginException e) {
assertNotNull(unauthorizedPageBody);
assertTrue(unauthorizedPageBody.contains("j_security_check"));
HttpPost httpPost = new HttpPost(strippedContextUrl + "/j_security_check");
List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>();
nameValuePairs.add(new BasicNameValuePair("j_username", user));
nameValuePairs.add(new BasicNameValuePair("j_password", pass));
httpPost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
final HttpResponse response = httpClient.execute(httpPost);
int statusCode = response.getStatusLine().getStatusCode();
assertEquals("Unexpected status code returned after the authentication.", expectedStatusCode, statusCode);
return EntityUtils.toString(response.getEntity());
} finally {
// When HttpClient instance is no longer needed,
// shut down the connection manager to ensure
// immediate deallocation of all system resources
httpClient.close();
// reset login configuration
krb5Configuration.resetConfiguration();
}
}
Also used :
HttpPost(org.apache.http.client.methods.HttpPost)
BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider)
HttpGet(org.apache.http.client.methods.HttpGet)
LoginContext(javax.security.auth.login.LoginContext)
BasicNameValuePair(org.apache.http.message.BasicNameValuePair)
List(java.util.List)
ArrayList(java.util.ArrayList)
BasicHttpClientConnectionManager(org.apache.http.impl.conn.BasicHttpClientConnectionManager)
HashSet(java.util.HashSet)
JBossNegotiateSchemeFactory(org.jboss.as.test.integration.security.common.negotiation.JBossNegotiateSchemeFactory)
CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient)
NameValuePair(org.apache.http.NameValuePair)
BasicNameValuePair(org.apache.http.message.BasicNameValuePair)
HttpResponse(org.apache.http.HttpResponse)
BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider)
CredentialsProvider(org.apache.http.client.CredentialsProvider)
UrlEncodedFormEntity(org.apache.http.client.entity.UrlEncodedFormEntity)
LoginException(javax.security.auth.login.LoginException)
ProtocolException(org.apache.http.ProtocolException)
URISyntaxException(java.net.URISyntaxException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
PrivilegedActionException(java.security.PrivilegedActionException)
MalformedURLException(java.net.MalformedURLException)
IOException(java.io.IOException)
UnknownHostException(java.net.UnknownHostException)
Header(org.apache.http.Header)
AuthScope(org.apache.http.auth.AuthScope)
LoginException(javax.security.auth.login.LoginException)
AuthSchemeProvider(org.apache.http.auth.AuthSchemeProvider)
Example 43 with UrlEncodedFormEntity
use of org.apache.http.client.entity.UrlEncodedFormEntity in project wildfly by wildfly.
the class Utils method makeCall.
/**
* Makes HTTP call with FORM authentication.
*
* @param URL
* @param user
* @param pass
* @param expectedStatusCode
* @throws Exception
*/
public static void makeCall(String URL, String user, String pass, int expectedStatusCode) throws Exception {
DefaultHttpClient httpclient = new DefaultHttpClient();
try {
HttpGet httpget = new HttpGet(URL);
HttpResponse response = httpclient.execute(httpget);
HttpEntity entity = response.getEntity();
if (entity != null) {
EntityUtils.consume(entity);
}
// We should get the Login Page
StatusLine statusLine = response.getStatusLine();
assertEquals(200, statusLine.getStatusCode());
// We should now login with the user name and password
HttpPost httpost = new HttpPost(URL + "/j_security_check");
List<NameValuePair> nvps = new ArrayList<NameValuePair>();
nvps.add(new BasicNameValuePair("j_username", user));
nvps.add(new BasicNameValuePair("j_password", pass));
httpost.setEntity(new UrlEncodedFormEntity(nvps, "UTF-8"));
response = httpclient.execute(httpost);
entity = response.getEntity();
if (entity != null) {
EntityUtils.consume(entity);
}
statusLine = response.getStatusLine();
// Post authentication - we have a 302
assertEquals(302, statusLine.getStatusCode());
Header locationHeader = response.getFirstHeader("Location");
String location = locationHeader.getValue();
HttpGet httpGet = new HttpGet(location);
response = httpclient.execute(httpGet);
entity = response.getEntity();
if (entity != null) {
EntityUtils.consume(entity);
}
// Either the authentication passed or failed based on the expected status code
statusLine = response.getStatusLine();
assertEquals(expectedStatusCode, statusLine.getStatusCode());
} finally {
// When HttpClient instance is no longer needed,
// shut down the connection manager to ensure
// immediate deallocation of all system resources
httpclient.getConnectionManager().shutdown();
}
}
Also used :
HttpPost(org.apache.http.client.methods.HttpPost)
NameValuePair(org.apache.http.NameValuePair)
BasicNameValuePair(org.apache.http.message.BasicNameValuePair)
HttpEntity(org.apache.http.HttpEntity)
HttpGet(org.apache.http.client.methods.HttpGet)
ArrayList(java.util.ArrayList)
HttpResponse(org.apache.http.HttpResponse)
UrlEncodedFormEntity(org.apache.http.client.entity.UrlEncodedFormEntity)
DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient)
StatusLine(org.apache.http.StatusLine)
Header(org.apache.http.Header)
BasicNameValuePair(org.apache.http.message.BasicNameValuePair)
Example 44 with UrlEncodedFormEntity
use of org.apache.http.client.entity.UrlEncodedFormEntity in project wildfly by wildfly.
the class SSOTestBase method executeFormLogin.
public static void executeFormLogin(HttpClient httpConn, URL warURL) throws IOException {
// Submit the login form
HttpPost formPost = new HttpPost(warURL + "j_security_check");
formPost.addHeader("Referer", warURL + "login.html");
List<NameValuePair> formparams = new ArrayList<>();
formparams.add(new BasicNameValuePair("j_username", "user1"));
formparams.add(new BasicNameValuePair("j_password", "password1"));
formPost.setEntity(new UrlEncodedFormEntity(formparams, "UTF-8"));
HttpResponse postResponse = httpConn.execute(formPost);
try {
int statusCode = postResponse.getStatusLine().getStatusCode();
Header[] errorHeaders = postResponse.getHeaders("X-NoJException");
assertTrue("Should see HTTP_MOVED_TEMP. Got " + statusCode, statusCode == HttpURLConnection.HTTP_MOVED_TEMP);
assertTrue("X-NoJException(" + Arrays.toString(errorHeaders) + ") is null", errorHeaders.length == 0);
EntityUtils.consume(postResponse.getEntity());
// Follow the redirect to the index.html page
String indexURL = postResponse.getFirstHeader("Location").getValue();
HttpGet rediretGet = new HttpGet(indexURL);
HttpResponse redirectResponse = httpConn.execute(rediretGet);
statusCode = redirectResponse.getStatusLine().getStatusCode();
errorHeaders = redirectResponse.getHeaders("X-NoJException");
assertTrue("Wrong response code: " + statusCode, statusCode == HttpURLConnection.HTTP_OK);
assertTrue("X-NoJException(" + Arrays.toString(errorHeaders) + ") is null", errorHeaders.length == 0);
String body = EntityUtils.toString(redirectResponse.getEntity());
assertTrue("Get of " + indexURL + " redirected to login page", !body.contains("j_security_check"));
} finally {
HttpClientUtils.closeQuietly(postResponse);
}
}
Also used :
HttpPost(org.apache.http.client.methods.HttpPost)
BasicNameValuePair(org.apache.http.message.BasicNameValuePair)
NameValuePair(org.apache.http.NameValuePair)
Header(org.apache.http.Header)
BasicNameValuePair(org.apache.http.message.BasicNameValuePair)
HttpGet(org.apache.http.client.methods.HttpGet)
ArrayList(java.util.ArrayList)
HttpResponse(org.apache.http.HttpResponse)
UrlEncodedFormEntity(org.apache.http.client.entity.UrlEncodedFormEntity)
Example 45 with UrlEncodedFormEntity
use of org.apache.http.client.entity.UrlEncodedFormEntity in project ABPlayer by winkstu.
the class HttpUtil method GetCookie.
public static Integer GetCookie(String url, String number, String pw, String select, String host) {
System.out.println("GetCookie");
int result = 4;
HttpPost httpPost = new HttpPost(hostBase + url);
List<NameValuePair> nvps = new ArrayList<NameValuePair>();
nvps.add(new BasicNameValuePair("number", number));
nvps.add(new BasicNameValuePair("passwd", pw));
nvps.add(new BasicNameValuePair("select", select));
BasicHttpParams httpParams = new BasicHttpParams();
HttpConnectionParams.setConnectionTimeout(httpParams, 10000);
HttpConnectionParams.setSoTimeout(httpParams, 10000);
try {
DefaultHttpClient httpClient = new DefaultHttpClient(httpParams);
httpClient.setRedirectHandler(new RedirectHandler() {
@Override
public boolean isRedirectRequested(HttpResponse response, HttpContext context) {
return false;
}
@Override
public URI getLocationURI(HttpResponse response, HttpContext context) throws ProtocolException {
return null;
}
});
httpPost.setEntity(new UrlEncodedFormEntity(nvps, HTTP.UTF_8));
HttpResponse response = httpClient.execute(httpPost);
System.out.println(response.getStatusLine().getStatusCode());
if (response.getStatusLine().getStatusCode() == 200) {
return 2;
} else if (response.getStatusLine().getStatusCode() == 302) {
Header[] headers = response.getHeaders("Location");
if (headers != null && headers.length > 0) {
List<Cookie> list = httpClient.getCookieStore().getCookies();
for (Cookie c : list) {
cookieName = c.getName();
cookieValue = c.getValue();
}
System.out.println(cookieName + cookieValue);
return 3;
}
} else if (response.getStatusLine().getStatusCode() == 404) {
return -1;
}
} catch (Exception e) {
e.printStackTrace();
}
return result;
}
Also used :
Cookie(org.apache.http.cookie.Cookie)
HttpPost(org.apache.http.client.methods.HttpPost)
BasicNameValuePair(org.apache.http.message.BasicNameValuePair)
NameValuePair(org.apache.http.NameValuePair)
ProtocolException(org.apache.http.ProtocolException)
ClientProtocolException(org.apache.http.client.ClientProtocolException)
RedirectHandler(org.apache.http.client.RedirectHandler)
ArrayList(java.util.ArrayList)
HttpContext(org.apache.http.protocol.HttpContext)
HttpResponse(org.apache.http.HttpResponse)
UrlEncodedFormEntity(org.apache.http.client.entity.UrlEncodedFormEntity)
URI(java.net.URI)
DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient)
ProtocolException(org.apache.http.ProtocolException)
ClientProtocolException(org.apache.http.client.ClientProtocolException)
DataFormatException(java.util.zip.DataFormatException)
ConnectException(java.net.ConnectException)
IOException(java.io.IOException)
BasicNameValuePair(org.apache.http.message.BasicNameValuePair)
ArrayList(java.util.ArrayList)
List(java.util.List)
BasicHttpParams(org.apache.http.params.BasicHttpParams)
Aggregations
UrlEncodedFormEntity (org.apache.http.client.entity.UrlEncodedFormEntity)134
BasicNameValuePair (org.apache.http.message.BasicNameValuePair)111
HttpPost (org.apache.http.client.methods.HttpPost)105
NameValuePair (org.apache.http.NameValuePair)100
ArrayList (java.util.ArrayList)96
HttpResponse (org.apache.http.HttpResponse)74
IOException (java.io.IOException)47
HttpEntity (org.apache.http.HttpEntity)40
DefaultHttpClient (org.apache.http.impl.client.DefaultHttpClient)31
ClientProtocolException (org.apache.http.client.ClientProtocolException)27
UnsupportedEncodingException (java.io.UnsupportedEncodingException)26
HttpClient (org.apache.http.client.HttpClient)20
Test (org.junit.Test)20
HttpGet (org.apache.http.client.methods.HttpGet)19
Map (java.util.Map)18
JSONObject (org.json.JSONObject)18
TestHttpClient (io.undertow.testutils.TestHttpClient)14
CloseableHttpResponse (org.apache.http.client.methods.CloseableHttpResponse)14
HashMap (java.util.HashMap)13
Header (org.apache.http.Header)13
