use of org.apache.http.impl.auth.SPNegoSchemeFactory in project hbase by apache.
the class TestInfoServersACL method createHttpClient.
private CloseableHttpClient createHttpClient(String clientPrincipal) throws Exception {
// Logs in with Kerberos via GSS
GSSManager gssManager = GSSManager.getInstance();
// jGSS Kerberos login constant
Oid oid = new Oid("1.2.840.113554.1.2.2");
GSSName gssClient = gssManager.createName(clientPrincipal, GSSName.NT_USER_NAME);
GSSCredential credential = gssManager.createCredential(gssClient, GSSCredential.DEFAULT_LIFETIME, oid, GSSCredential.INITIATE_ONLY);
Lookup<AuthSchemeProvider> authRegistry = RegistryBuilder.<AuthSchemeProvider>create().register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true, true)).build();
BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY, new KerberosCredentials(credential));
return HttpClients.custom().setDefaultAuthSchemeRegistry(authRegistry).setDefaultCredentialsProvider(credentialsProvider).build();
}
use of org.apache.http.impl.auth.SPNegoSchemeFactory in project pentaho-kettle by pentaho.
the class SessionConfigurator method spnegoAuthenticate.
private Header spnegoAuthenticate(boolean stripPort, URI uri) throws Exception {
SPNegoSchemeFactory spNegoSchemeFactory = new SPNegoSchemeFactory(stripPort);
// using newInstance method instead of create method to be compatible httpclient library from 4.2 to 4.5
// the create method was introduced at version 4.3
SPNegoScheme spNegoScheme = (SPNegoScheme) spNegoSchemeFactory.newInstance(null);
spNegoScheme.processChallenge(AUTHENTICATE_HEADER);
return spNegoScheme.authenticate(credentials, new HttpGet(""), getContext(uri));
}
use of org.apache.http.impl.auth.SPNegoSchemeFactory in project ranger by apache.
the class ElasticSearchIndexBootStrapper method getRestClientBuilder.
public static RestClientBuilder getRestClientBuilder(String urls, String protocol, String user, String password, int port) {
RestClientBuilder restClientBuilder = RestClient.builder(EmbeddedServerUtil.toArray(urls, ",").stream().map(x -> new HttpHost(x, port, protocol)).<HttpHost>toArray(i -> new HttpHost[i]));
if (StringUtils.isNotBlank(user) && StringUtils.isNotBlank(password) && !user.equalsIgnoreCase("NONE") && !password.equalsIgnoreCase("NONE")) {
if (password.contains("keytab") && new File(password).exists()) {
final KerberosCredentialsProvider credentialsProvider = CredentialsProviderUtil.getKerberosCredentials(user, password);
Lookup<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create().register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory()).build();
restClientBuilder.setHttpClientConfigCallback(clientBuilder -> {
clientBuilder.setDefaultCredentialsProvider(credentialsProvider);
clientBuilder.setDefaultAuthSchemeRegistry(authSchemeRegistry);
return clientBuilder;
});
} else {
final CredentialsProvider credentialsProvider = CredentialsProviderUtil.getBasicCredentials(user, password);
restClientBuilder.setHttpClientConfigCallback(clientBuilder -> clientBuilder.setDefaultCredentialsProvider(credentialsProvider));
}
} else {
LOG.severe("ElasticSearch Credentials not provided!!");
final CredentialsProvider credentialsProvider = null;
restClientBuilder.setHttpClientConfigCallback(clientBuilder -> clientBuilder.setDefaultCredentialsProvider(credentialsProvider));
}
return restClientBuilder;
}
use of org.apache.http.impl.auth.SPNegoSchemeFactory in project ranger by apache.
the class ElasticSearchAuditDestination method getRestClientBuilder.
public static RestClientBuilder getRestClientBuilder(String urls, String protocol, String user, String password, int port) {
RestClientBuilder restClientBuilder = RestClient.builder(MiscUtil.toArray(urls, ",").stream().map(x -> new HttpHost(x, port, protocol)).<HttpHost>toArray(i -> new HttpHost[i]));
if (StringUtils.isNotBlank(user) && StringUtils.isNotBlank(password) && !user.equalsIgnoreCase("NONE") && !password.equalsIgnoreCase("NONE")) {
if (password.contains("keytab") && new File(password).exists()) {
final KerberosCredentialsProvider credentialsProvider = CredentialsProviderUtil.getKerberosCredentials(user, password);
Lookup<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create().register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory()).build();
restClientBuilder.setHttpClientConfigCallback(clientBuilder -> {
clientBuilder.setDefaultCredentialsProvider(credentialsProvider);
clientBuilder.setDefaultAuthSchemeRegistry(authSchemeRegistry);
return clientBuilder;
});
} else {
final CredentialsProvider credentialsProvider = CredentialsProviderUtil.getBasicCredentials(user, password);
restClientBuilder.setHttpClientConfigCallback(clientBuilder -> clientBuilder.setDefaultCredentialsProvider(credentialsProvider));
}
} else {
LOG.error("ElasticSearch Credentials not provided!!");
final CredentialsProvider credentialsProvider = null;
restClientBuilder.setHttpClientConfigCallback(clientBuilder -> clientBuilder.setDefaultCredentialsProvider(credentialsProvider));
}
return restClientBuilder;
}
use of org.apache.http.impl.auth.SPNegoSchemeFactory in project jmeter by apache.
the class AuthManager method setupCredentials.
/**
* Configure credentials and auth scheme on client if an authorization is
* available for url
* @param client {@link HttpClient}
* @param url URL to test
* @param credentialsProvider {@link CredentialsProvider}
* @param localHost host running JMeter
*/
public void setupCredentials(HttpClient client, URL url, CredentialsProvider credentialsProvider, String localHost) {
Authorization auth = getAuthForURL(url);
if (auth != null) {
String username = auth.getUser();
String realm = auth.getRealm();
String domain = auth.getDomain();
if (log.isDebugEnabled()) {
log.debug(username + " > D=" + domain + " R=" + realm + " M=" + auth.getMechanism());
}
if (Mechanism.KERBEROS.equals(auth.getMechanism())) {
((AbstractHttpClient) client).getAuthSchemes().register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(isStripPort(url)));
credentialsProvider.setCredentials(new AuthScope(null, -1, null), USE_JAAS_CREDENTIALS);
} else {
credentialsProvider.setCredentials(new AuthScope(url.getHost(), url.getPort(), realm.length() == 0 ? null : realm), new NTCredentials(username, auth.getPass(), localHost, domain));
}
}
}
Aggregations