Example 1 with WindowsCredentialsProvider
use of org.apache.http.impl.auth.win.WindowsCredentialsProvider in project cyberduck by iterate-ch.
the class DAVSession method login.
@Override
public void login(final Proxy proxy, final LoginCallback prompt, final CancelCallback cancel) throws BackgroundException {
final CredentialsProvider provider = new BasicCredentialsProvider();
if (preferences.getBoolean("webdav.ntlm.windows.authentication.enable") && WinHttpClients.isWinAuthAvailable()) {
provider.setCredentials(new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, AuthScope.ANY_REALM, AuthSchemes.NTLM), new WindowsCredentialsProvider(new BasicCredentialsProvider()).getCredentials(new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, AuthScope.ANY_REALM, AuthSchemes.NTLM)));
provider.setCredentials(new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, AuthScope.ANY_REALM, AuthSchemes.SPNEGO), new WindowsCredentialsProvider(new SystemDefaultCredentialsProvider()).getCredentials(new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, AuthScope.ANY_REALM, AuthSchemes.SPNEGO)));
} else {
provider.setCredentials(new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, AuthScope.ANY_REALM, AuthSchemes.NTLM), new NTCredentials(host.getCredentials().getUsername(), host.getCredentials().getPassword(), preferences.getProperty("webdav.ntlm.workstation"), preferences.getProperty("webdav.ntlm.domain")));
provider.setCredentials(new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, AuthScope.ANY_REALM, AuthSchemes.SPNEGO), new NTCredentials(host.getCredentials().getUsername(), host.getCredentials().getPassword(), preferences.getProperty("webdav.ntlm.workstation"), preferences.getProperty("webdav.ntlm.domain")));
}
provider.setCredentials(new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, AuthScope.ANY_REALM, AuthSchemes.BASIC), new UsernamePasswordCredentials(host.getCredentials().getUsername(), host.getCredentials().getPassword()));
provider.setCredentials(new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, AuthScope.ANY_REALM, AuthSchemes.DIGEST), new UsernamePasswordCredentials(host.getCredentials().getUsername(), host.getCredentials().getPassword()));
provider.setCredentials(new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, AuthScope.ANY_REALM, AuthSchemes.KERBEROS), new UsernamePasswordCredentials(host.getCredentials().getUsername(), host.getCredentials().getPassword()));
client.setCredentials(provider);
if (preferences.getBoolean("webdav.basic.preemptive")) {
switch(proxy.getType()) {
case DIRECT:
case SOCKS:
// Enable preemptive authentication. See HttpState#setAuthenticationPreemptive
client.enablePreemptiveAuthentication(host.getHostname(), host.getPort(), host.getPort(), Charset.forName(preferences.getProperty("http.credentials.charset")));
break;
default:
client.disablePreemptiveAuthentication();
}
} else {
client.disablePreemptiveAuthentication();
}
if (host.getCredentials().isPassed()) {
log.warn(String.format("Skip verifying credentials with previous successful authentication event for %s", this));
return;
}
try {
final Path home = new DelegatingHomeFeature(new WorkdirHomeFeature(host), new DefaultPathHomeFeature(host)).find();
final HttpHead head = new HttpHead(new DAVPathEncoder().encode(home));
try {
client.execute(head, new MicrosoftIISFeaturesResponseHandler());
} catch (SardineException e) {
switch(e.getStatusCode()) {
case HttpStatus.SC_NOT_FOUND:
log.warn(String.format("Ignore failure %s", e));
break;
case HttpStatus.SC_NOT_IMPLEMENTED:
case HttpStatus.SC_FORBIDDEN:
case HttpStatus.SC_UNSUPPORTED_MEDIA_TYPE:
case HttpStatus.SC_METHOD_NOT_ALLOWED:
log.warn(String.format("Failed HEAD request to %s with %s. Retry with PROPFIND.", host, e.getResponsePhrase()));
cancel.verify();
// Possibly only HEAD requests are not allowed
list.list(home, new DisabledListProgressListener() {
@Override
public void chunk(final Path parent, final AttributedList<Path> list) throws ListCanceledException {
try {
cancel.verify();
} catch (ConnectionCanceledException e) {
throw new ListCanceledException(list, e);
}
}
});
break;
case HttpStatus.SC_BAD_REQUEST:
if (preferences.getBoolean("webdav.basic.preemptive")) {
log.warn(String.format("Disable preemptive authentication for %s due to failure %s", host, e.getResponsePhrase()));
cancel.verify();
client.disablePreemptiveAuthentication();
client.execute(head, new MicrosoftIISFeaturesResponseHandler());
} else {
throw new DAVExceptionMappingService().map(e);
}
break;
default:
throw new DAVExceptionMappingService().map(e);
}
}
} catch (SardineException e) {
throw new DAVExceptionMappingService().map(e);
} catch (IOException e) {
throw new HttpExceptionMappingService().map(e);
}
}
Also used :
Path(ch.cyberduck.core.Path)
BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider)
DelegatingHomeFeature(ch.cyberduck.core.shared.DelegatingHomeFeature)
DisabledListProgressListener(ch.cyberduck.core.DisabledListProgressListener)
ConnectionCanceledException(ch.cyberduck.core.exception.ConnectionCanceledException)
DefaultPathHomeFeature(ch.cyberduck.core.shared.DefaultPathHomeFeature)
WindowsCredentialsProvider(org.apache.http.impl.auth.win.WindowsCredentialsProvider)
BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider)
CredentialsProvider(org.apache.http.client.CredentialsProvider)
SystemDefaultCredentialsProvider(org.apache.http.impl.client.SystemDefaultCredentialsProvider)
IOException(java.io.IOException)
WindowsCredentialsProvider(org.apache.http.impl.auth.win.WindowsCredentialsProvider)
HttpHead(org.apache.http.client.methods.HttpHead)
NTCredentials(org.apache.http.auth.NTCredentials)
UsernamePasswordCredentials(org.apache.http.auth.UsernamePasswordCredentials)
SardineException(com.github.sardine.impl.SardineException)
HttpExceptionMappingService(ch.cyberduck.core.http.HttpExceptionMappingService)
AttributedList(ch.cyberduck.core.AttributedList)
AuthScope(org.apache.http.auth.AuthScope)
SystemDefaultCredentialsProvider(org.apache.http.impl.client.SystemDefaultCredentialsProvider)
WorkdirHomeFeature(ch.cyberduck.core.shared.WorkdirHomeFeature)
ListCanceledException(ch.cyberduck.core.exception.ListCanceledException)
Example 2 with WindowsCredentialsProvider
use of org.apache.http.impl.auth.win.WindowsCredentialsProvider in project cyberduck by iterate-ch.
the class CallbackProxyAuthenticationStrategy method select.
@Override
public Queue<AuthOption> select(final Map<String, Header> challenges, final HttpHost authhost, final HttpResponse response, final HttpContext context) throws MalformedChallengeException {
final HttpClientContext clientContext = HttpClientContext.adapt(context);
final Queue<AuthOption> options = new LinkedList<AuthOption>();
final RequestConfig config = clientContext.getRequestConfig();
Collection<String> authPrefs = config.getProxyPreferredAuthSchemes();
if (authPrefs == null) {
authPrefs = DEFAULT_SCHEME_PRIORITY;
}
// if available try to authenticate with Integrated Windows Authentication
if (preferences.getBoolean("connection.proxy.windows.authentication.enable")) {
if (WinHttpClients.isWinAuthAvailable()) {
for (String s : IWA_SCHEME_PRIORITY) {
final Header challenge = challenges.get(s.toLowerCase(Locale.ROOT));
if (challenge != null) {
final AuthSchemeProvider provider;
switch(s) {
case AuthSchemes.SPNEGO:
provider = new BackportWindowsNegotiateSchemeFactory(null);
break;
default:
provider = new BackportWindowsNTLMSchemeFactory(null);
break;
}
if (log.isDebugEnabled()) {
log.debug(String.format("Use provider %s for challenge %s", provider, challenge));
}
final AuthScheme authScheme = provider.create(context);
authScheme.processChallenge(challenge);
final AuthScope authScope = new AuthScope(authhost.getHostName(), authhost.getPort(), authScheme.getRealm(), authScheme.getSchemeName());
if (log.isDebugEnabled()) {
log.debug(String.format("Add authentication options for scheme %s", authPrefs));
}
options.add(new AuthOption(authScheme, new WindowsCredentialsProvider(null == clientContext.getCredentialsProvider() ? new BasicCredentialsProvider() : clientContext.getCredentialsProvider()).getCredentials(authScope)));
}
}
if (!options.isEmpty()) {
return options;
}
}
}
Credentials credentials = keychain.getCredentials(authhost.toURI());
if (StringUtils.isEmpty(credentials.getPassword())) {
try {
credentials = prompt.prompt(bookmark, StringUtils.EMPTY, String.format("%s %s", LocaleFactory.localizedString("Login", "Login"), authhost.getHostName()), MessageFormat.format(LocaleFactory.localizedString("Login {0} with username and password", "Credentials"), authhost.getHostName()), new LoginOptions().icon(bookmark.getProtocol().disk()).usernamePlaceholder(LocaleFactory.localizedString("Username", "Credentials")).passwordPlaceholder(LocaleFactory.localizedString("Password", "Credentials")).user(true).password(true));
if (credentials.isSaved()) {
context.setAttribute(PROXY_CREDENTIALS_INPUT_ID, credentials);
}
} catch (LoginCanceledException ignored) {
// Ignore dismiss of prompt
throw new MalformedChallengeException(ignored.getMessage(), ignored);
}
}
final Lookup<AuthSchemeProvider> registry = clientContext.getAuthSchemeRegistry();
if (registry == null) {
log.warn("Missing authentication scheme registry in client context");
return options;
}
if (log.isDebugEnabled()) {
log.debug(String.format("Authentication schemes in the order of preference: %s", authPrefs));
}
for (final String id : authPrefs) {
final Header challenge = challenges.get(id.toLowerCase(Locale.ROOT));
if (challenge != null) {
final AuthSchemeProvider authSchemeProvider = registry.lookup(id);
if (authSchemeProvider == null) {
continue;
}
final AuthScheme authScheme = authSchemeProvider.create(context);
authScheme.processChallenge(challenge);
options.add(new AuthOption(authScheme, new NTCredentials(credentials.getUsername(), credentials.getPassword(), preferences.getProperty("webdav.ntlm.workstation"), preferences.getProperty("webdav.ntlm.domain"))));
} else {
if (log.isDebugEnabled()) {
log.debug(String.format("Challenge for %s authentication scheme not available", id));
// Try again
}
}
}
return options;
}
Also used :
RequestConfig(org.apache.http.client.config.RequestConfig)
BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider)
LoginCanceledException(ch.cyberduck.core.exception.LoginCanceledException)
MalformedChallengeException(org.apache.http.auth.MalformedChallengeException)
HttpClientContext(org.apache.http.client.protocol.HttpClientContext)
WindowsCredentialsProvider(org.apache.http.impl.auth.win.WindowsCredentialsProvider)
LinkedList(java.util.LinkedList)
AuthScheme(org.apache.http.auth.AuthScheme)
NTCredentials(org.apache.http.auth.NTCredentials)
LoginOptions(ch.cyberduck.core.LoginOptions)
AuthOption(org.apache.http.auth.AuthOption)
Header(org.apache.http.Header)
AuthScope(org.apache.http.auth.AuthScope)
AuthSchemeProvider(org.apache.http.auth.AuthSchemeProvider)
NTCredentials(org.apache.http.auth.NTCredentials)
Credentials(ch.cyberduck.core.Credentials)
Aggregations
AuthScope (org.apache.http.auth.AuthScope)2
NTCredentials (org.apache.http.auth.NTCredentials)2
WindowsCredentialsProvider (org.apache.http.impl.auth.win.WindowsCredentialsProvider)2
BasicCredentialsProvider (org.apache.http.impl.client.BasicCredentialsProvider)2
AttributedList (ch.cyberduck.core.AttributedList)1
Credentials (ch.cyberduck.core.Credentials)1
DisabledListProgressListener (ch.cyberduck.core.DisabledListProgressListener)1
LoginOptions (ch.cyberduck.core.LoginOptions)1
Path (ch.cyberduck.core.Path)1
ConnectionCanceledException (ch.cyberduck.core.exception.ConnectionCanceledException)1
ListCanceledException (ch.cyberduck.core.exception.ListCanceledException)1
LoginCanceledException (ch.cyberduck.core.exception.LoginCanceledException)1
HttpExceptionMappingService (ch.cyberduck.core.http.HttpExceptionMappingService)1
DefaultPathHomeFeature (ch.cyberduck.core.shared.DefaultPathHomeFeature)1
DelegatingHomeFeature (ch.cyberduck.core.shared.DelegatingHomeFeature)1
WorkdirHomeFeature (ch.cyberduck.core.shared.WorkdirHomeFeature)1
SardineException (com.github.sardine.impl.SardineException)1
IOException (java.io.IOException)1
LinkedList (java.util.LinkedList)1
Header (org.apache.http.Header)1
