commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ol...@apache.org
Subject cvs commit: jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth AuthState.java
Date Tue, 02 Nov 2004 19:39:17 GMT
olegk       2004/11/02 11:39:16

  Modified:    httpclient/src/java/org/apache/commons/httpclient
                        HttpMethodDirector.java
               httpclient/src/java/org/apache/commons/httpclient/auth
                        AuthState.java
  Log:
  PR #31981 (SSL + proxy + Host auth + Keep Alive off causes an infinite loop in HttpMethodDirector)
  
  Contributed by Oleg Kalnichevski
  Reviewed by Michael Becke and Rindress MacDonald <rmacdona at enterasys.com>
  
  Revision  Changes    Path
  1.32      +32 -41    jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodDirector.java
  
  Index: HttpMethodDirector.java
  ===================================================================
  RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodDirector.java,v
  retrieving revision 1.31
  retrieving revision 1.32
  diff -u -r1.31 -r1.32
  --- HttpMethodDirector.java	6 Oct 2004 17:32:04 -0000	1.31
  +++ HttpMethodDirector.java	2 Nov 2004 19:39:16 -0000	1.32
  @@ -90,15 +90,6 @@
       /** A flag to indicate if the connection should be released after the method is executed.
*/
       private boolean releaseConnection = false;
   
  -    private static final int AUTH_UNINITIATED = 0;
  -    private static final int AUTH_PREEMPTIVE = 1;
  -    private static final int AUTH_WWW_REQUIRED = 2;
  -    private static final int AUTH_PROXY_REQUIRED = 3;
  -    private static final int AUTH_NOT_REQUIRED = Integer.MAX_VALUE;
  -
  -    /** Actual state of authentication process */
  -    private int authProcess = AUTH_UNINITIATED;
  -    
       /** Authentication processor */
       private AuthChallengeProcessor authProcessor = null;
   
  @@ -167,7 +158,6 @@
                        || this.state.isAuthenticationPreemptive()) 
                       {
                           LOG.debug("Preemptively sending default basic credentials");
  -                        this.authProcess = AUTH_PREEMPTIVE;
                           method.getHostAuthState().setPreemptive();
                           if (this.conn.isProxied()) {
                               method.getProxyAuthState().setPreemptive();
  @@ -200,8 +190,6 @@
                       if (processAuthenticationResponse(method)) {
                           retry = true;
                       }
  -                } else {
  -                    this.authProcess = AUTH_NOT_REQUIRED;
                   }
                   if (!retry) {
                       break;
  @@ -265,11 +253,12 @@
               // User defined authentication header(s) present
               return;
           }
  -        AuthScheme authscheme = method.getHostAuthState().getAuthScheme();
  +        AuthState authstate = method.getHostAuthState();
  +        AuthScheme authscheme = authstate.getAuthScheme();
           if (authscheme == null) {
               return;
           }
  -        if ((this.authProcess == AUTH_WWW_REQUIRED) || (!authscheme.isConnectionBased()))
{
  +        if (authstate.isAuthRequested() || !authscheme.isConnectionBased()) {
               String host = method.getParams().getVirtualHost();
               if (host == null) {
                   host = conn.getHost();
  @@ -307,11 +296,12 @@
               // User defined authentication header(s) present
               return;
           }
  -        AuthScheme authscheme = method.getProxyAuthState().getAuthScheme();
  +        AuthState authstate = method.getProxyAuthState();
  +        AuthScheme authscheme = authstate.getAuthScheme();
           if (authscheme == null) {
               return;
           }
  -        if ((this.authProcess == AUTH_PROXY_REQUIRED) || (!authscheme.isConnectionBased()))
{
  +        if (authstate.isAuthRequested() || !authscheme.isConnectionBased()) {
               AuthScope authscope = new AuthScope(
                   conn.getProxyHost(), conn.getProxyPort(), 
                   authscheme.getRealm(), 
  @@ -480,12 +470,12 @@
               executeWithRetry(this.connectMethod);
               code = this.connectMethod.getStatusCode();
               boolean retry = false;
  -            if (code == HttpStatus.SC_PROXY_AUTHENTICATION_REQUIRED) {
  +            AuthState authstate = this.connectMethod.getProxyAuthState(); 
  +            authstate.setAuthRequested(code == HttpStatus.SC_PROXY_AUTHENTICATION_REQUIRED);
  +            if (authstate.isAuthRequested()) {
                   if (processAuthenticationResponse(this.connectMethod)) {
                       retry = true;
                   }
  -            } else {
  -                this.authProcess = AUTH_NOT_REQUIRED;
               }
               if (!retry) {
                   break;
  @@ -682,7 +672,7 @@
               authscheme.getRealm(), 
               authscheme.getSchemeName());  
   
  -        if ((this.authProcess == AUTH_WWW_REQUIRED) && (authscheme.isComplete()))
{
  +        if (authstate.isAuthAttempted() && authscheme.isComplete()) {
               // Already tried and failed
               Credentials credentials = promptForCredentials(
                   authscheme, method.getParams(), authscope);
  @@ -695,8 +685,7 @@
                   return true;
               }
           } else {
  -            this.authProcess = AUTH_WWW_REQUIRED;
  -                        
  +            authstate.setAuthAttempted(true);
               Credentials credentials = this.state.getCredentials(authscope);
               if (credentials == null) {
                   credentials = promptForCredentials(
  @@ -741,7 +730,7 @@
               authscheme.getRealm(), 
               authscheme.getSchemeName());  
   
  -        if ((this.authProcess == AUTH_PROXY_REQUIRED) && (authscheme.isComplete()))
{
  +        if (authstate.isAuthAttempted() && authscheme.isComplete()) {
               // Already tried and failed
               Credentials credentials = promptForProxyCredentials(
                   authscheme, method.getParams(), authscope);
  @@ -754,8 +743,7 @@
                   return true;
               }
           } else {
  -            this.authProcess = AUTH_PROXY_REQUIRED;
  -
  +            authstate.setAuthAttempted(true);
               Credentials credentials = this.state.getProxyCredentials(authscope);
               if (credentials == null) {
                   credentials = promptForProxyCredentials(
  @@ -806,20 +794,23 @@
        * @return boolean <tt>true</tt> if a retry is needed, <tt>false</tt>
otherwise.
        */
       private boolean isAuthenticationNeeded(final HttpMethod method) {
  -        switch (method.getStatusCode()) {
  -            case HttpStatus.SC_UNAUTHORIZED:
  -            case HttpStatus.SC_PROXY_AUTHENTICATION_REQUIRED:
  -                LOG.debug("Authorization required");
  -                if (method.getDoAuthentication()) { //process authentication response
  -                    return true;
  -                } else { //let the client handle the authenticaiton
  -                    LOG.info("Authentication requested but doAuthentication is "
  -                            + "disabled");
  -                    return false;
  -                }
  -            default:
  +        method.getHostAuthState().setAuthRequested(
  +                method.getStatusCode() == HttpStatus.SC_UNAUTHORIZED);
  +        method.getProxyAuthState().setAuthRequested(
  +                method.getStatusCode() == HttpStatus.SC_PROXY_AUTHENTICATION_REQUIRED);
  +        if (method.getHostAuthState().isAuthRequested() || 
  +            method.getProxyAuthState().isAuthRequested()) {
  +            LOG.debug("Authorization required");
  +            if (method.getDoAuthentication()) { //process authentication response
  +                return true;
  +            } else { //let the client handle the authenticaiton
  +                LOG.info("Authentication requested but doAuthentication is "
  +                        + "disabled");
                   return false;
  -        } //end of switch
  +            }
  +        } else {
  +            return false;
  +        }
       }
   
       private Credentials promptForCredentials(
  
  
  
  1.3       +59 -11    jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/AuthState.java
  
  Index: AuthState.java
  ===================================================================
  RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/AuthState.java,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- AuthState.java	18 Apr 2004 23:51:36 -0000	1.2
  +++ AuthState.java	2 Nov 2004 19:39:16 -0000	1.3
  @@ -41,6 +41,12 @@
       /** Actual authentication scheme */
       private AuthScheme authScheme = null;
   
  +    /** Whether an authetication challenged has been received */
  +    private boolean authRequested = false;
  +
  +    /** Whether the authetication challenge has been responsed to */
  +    private boolean authAttempted = false;
  +
       /** Whether preemtive authentication is attempted */
       private boolean preemptive  = false; 
         
  @@ -53,6 +59,56 @@
       }
   
       /**
  +     * Invalidates the authentication state by resetting its parameters.
  +     */
  +    public void invalidate() {
  +        this.authScheme = null;
  +        this.authRequested = false;
  +        this.authAttempted = false;
  +        this.preemptive = false;
  +    }
  +
  +    /** 
  +     * Tests whether authenication challenge has been received
  +     *  
  +     * @return <tt>true</tt> if authenication challenge has been received,

  +     *  <tt>false</tt> otherwise
  +     */
  +    public boolean isAuthRequested() {
  +        return this.authRequested;
  +    }
  +        
  +    /** 
  +     * Sets authentication request status
  +     *  
  +     * @param challengeReceived <tt>true</tt> if authenication has been requested,

  +     *  <tt>false</tt> otherwise
  +     */
  +    public void setAuthRequested(boolean challengeReceived) {
  +        this.authRequested = challengeReceived;
  +    }
  +    
  +    /** 
  +     * Tests whether authenication challenge has been responsed to
  +     *  
  +     * @return <tt>true</tt> if authenication challenge has been responsed
to, 
  +     *  <tt>false</tt> otherwise
  +     */
  +    public boolean isAuthAttempted() {
  +        return this.authAttempted;
  +    }
  +        
  +    /** 
  +     * Sets authentication attempt status
  +     *  
  +     * @param challengeResponded <tt>true</tt> if authenication has been attempted,

  +     *  <tt>false</tt> otherwise
  +     */
  +    public void setAuthAttempted(boolean challengeResponded) {
  +        this.authAttempted = challengeResponded;
  +    }
  +    
  +    /**
        * Preemptively assigns Basic authentication scheme.
        */
       public void setPreemptive() {
  @@ -63,14 +119,6 @@
           this.preemptive = true;
       }
   
  -    /**
  -     * Invalidates the authentication state by resetting its parameters.
  -     */
  -    public void invalidate() {
  -        this.authScheme = null;
  -        this.preemptive = false;
  -    }
  -    
       /**
        * Tests if preemptive authentication is used.
        * 
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org


Mime
View raw message