commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ol...@apache.org
Subject svn commit: r160490 - in jakarta/commons/proper/httpclient/trunk/src: java/org/apache/commons/httpclient/HttpMethodDirector.java java/org/apache/commons/httpclient/auth/AuthState.java test/org/apache/commons/httpclient/auth/TestNTLMAuth.java
Date Thu, 07 Apr 2005 23:03:44 GMT
Author: olegk
Date: Thu Apr  7 16:03:43 2005
New Revision: 160490

URL: http://svn.apache.org/viewcvs?view=rev&rev=160490
Log:
PR #34255 (Preemptive authentication causes NTLM auth scheme to fail)

Contributed by Michael Becke & Oleg Kalnichevski
Reviewed by Ortwin Gl├╝ck

Modified:
    jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/HttpMethodDirector.java
    jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/auth/AuthState.java
    jakarta/commons/proper/httpclient/trunk/src/test/org/apache/commons/httpclient/auth/TestNTLMAuth.java

Modified: jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/HttpMethodDirector.java
URL: http://svn.apache.org/viewcvs/jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/HttpMethodDirector.java?view=diff&r1=160489&r2=160490
==============================================================================
--- jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/HttpMethodDirector.java
(original)
+++ jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/HttpMethodDirector.java
Thu Apr  7 16:03:43 2005
@@ -665,6 +665,7 @@
         AuthState authstate = method.getHostAuthState();
         if (authstate.isPreemptive()) {
             authstate.invalidate();
+            authstate.setAuthRequested(true);
         }
         Map challenges = AuthChallengeParser.parseChallenges(
             method.getResponseHeaders(WWW_AUTH_CHALLENGE));
@@ -732,6 +733,7 @@
         AuthState authstate = method.getProxyAuthState();
         if (authstate.isPreemptive()) {
             authstate.invalidate();
+            authstate.setAuthRequested(true);
         }
         Map proxyChallenges = AuthChallengeParser.parseChallenges(
             method.getResponseHeaders(PROXY_AUTH_CHALLENGE));

Modified: jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/auth/AuthState.java
URL: http://svn.apache.org/viewcvs/jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/auth/AuthState.java?view=diff&r1=160489&r2=160490
==============================================================================
--- jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/auth/AuthState.java
(original)
+++ jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/auth/AuthState.java
Thu Apr  7 16:03:43 2005
@@ -160,4 +160,22 @@
             return null;
         }
     }
+    
+    public String toString() {
+        StringBuffer buffer = new StringBuffer();
+        buffer.append("Auth state: auth requested [");
+        buffer.append(this.authRequested);
+        buffer.append("]; auth attempted [");
+        buffer.append(this.authAttempted);
+        if (this.authScheme != null) {
+            buffer.append("]; auth scheme [");
+            buffer.append(this.authScheme.getSchemeName());
+            buffer.append("]; realm [");
+            buffer.append(this.authScheme.getRealm());            
+        }
+        buffer.append("] preemptive [");
+        buffer.append(this.preemptive);
+        buffer.append("]");
+        return buffer.toString();
+    }
 }

Modified: jakarta/commons/proper/httpclient/trunk/src/test/org/apache/commons/httpclient/auth/TestNTLMAuth.java
URL: http://svn.apache.org/viewcvs/jakarta/commons/proper/httpclient/trunk/src/test/org/apache/commons/httpclient/auth/TestNTLMAuth.java?view=diff&r1=160489&r2=160490
==============================================================================
--- jakarta/commons/proper/httpclient/trunk/src/test/org/apache/commons/httpclient/auth/TestNTLMAuth.java
(original)
+++ jakarta/commons/proper/httpclient/trunk/src/test/org/apache/commons/httpclient/auth/TestNTLMAuth.java
Thu Apr  7 16:03:43 2005
@@ -31,19 +31,19 @@
 import java.io.IOException;
 
 import junit.framework.Test;
-import junit.framework.TestCase;
 import junit.framework.TestSuite;
 
 import org.apache.commons.httpclient.FakeHttpMethod;
 import org.apache.commons.httpclient.Header;
-import org.apache.commons.httpclient.HttpClient;
+import org.apache.commons.httpclient.HttpClientTestBase;
+import org.apache.commons.httpclient.HttpState;
 import org.apache.commons.httpclient.HttpStatus;
 import org.apache.commons.httpclient.HttpVersion;
 import org.apache.commons.httpclient.NTCredentials;
+import org.apache.commons.httpclient.methods.GetMethod;
 import org.apache.commons.httpclient.protocol.Protocol;
 import org.apache.commons.httpclient.server.HttpService;
 import org.apache.commons.httpclient.server.RequestLine;
-import org.apache.commons.httpclient.server.SimpleHttpServer;
 import org.apache.commons.httpclient.server.SimpleRequest;
 import org.apache.commons.httpclient.server.SimpleResponse;
 
@@ -54,10 +54,10 @@
  * @author <a href="mailto:jsdever@apache.org">Jeff Dever</a>
  * @version $Id$
  */
-public class TestNTLMAuth extends TestCase {
+public class TestNTLMAuth extends HttpClientTestBase {
 
     // ------------------------------------------------------------ Constructor
-    public TestNTLMAuth(String testName) {
+    public TestNTLMAuth(String testName) throws IOException {
         super(testName);
     }
 
@@ -150,18 +150,15 @@
 
     
     public void testNTLMAuthenticationRetry() throws Exception {
-        // configure the server
-        SimpleHttpServer server = new SimpleHttpServer(); // use arbitrary port
-        server.setTestname(getName());
-        server.setHttpService(new NTLMAuthService());
+
+        this.server.setHttpService(new NTLMAuthService());
 
         // configure the client
-        HttpClient client = new HttpClient();
-        client.getHostConfiguration().setHost(
+        this.client.getHostConfiguration().setHost(
                 server.getLocalAddress(), server.getLocalPort(),
                 Protocol.getProtocol("http"));
         
-        client.getState().setCredentials(AuthScope.ANY, 
+        this.client.getState().setCredentials(AuthScope.ANY, 
                 new NTCredentials("username", "password", "host", "domain"));
         
         FakeHttpMethod httpget = new FakeHttpMethod("/");
@@ -172,7 +169,70 @@
         }
         assertNull(httpget.getResponseHeader("WWW-Authenticate"));
         assertEquals(200, httpget.getStatusCode());
-        server.destroy();
     }
+
+    private class PreemptiveNTLMAuthService implements HttpService {
+
+        public PreemptiveNTLMAuthService() {
+            super();
+        }
+
+        public boolean process(final SimpleRequest request, final SimpleResponse response)
+            throws IOException
+        {
+            RequestLine requestLine = request.getRequestLine();
+            HttpVersion ver = requestLine.getHttpVersion();
+            Header auth = request.getFirstHeader("Authorization");
+            if (auth == null) { 
+                response.setStatusLine(ver, HttpStatus.SC_BAD_REQUEST);
+                response.setBodyString("Authorization header missing");
+                return true;
+            } else {
+                String authstr = auth.getValue();
+                
+                if (authstr.indexOf("NTLM") != -1) {
+                    response.setStatusLine(ver, HttpStatus.SC_OK);
+                    return true;
+                } else if (authstr.indexOf("Basic") != -1) {
+                    response.setStatusLine(ver, HttpStatus.SC_UNAUTHORIZED);
+                    response.addHeader(new Header("WWW-Authenticate", "Negotiate"));
+                    response.addHeader(new Header("WWW-Authenticate", "NTLM"));
+                    response.setBodyString("Authorization required");
+                    return true;
+                } else {
+                    response.setStatusLine(ver, HttpStatus.SC_BAD_REQUEST);
+                    response.setBodyString("Unknown auth type: " + authstr);
+                    return true;
+                }
+            }
+        }
+    }
+
+    /**
+     * Make sure preemptive authorization works when the server requires NLM.
+     * @throws Exception
+     */
+    public void testPreemptiveAuthorization() throws Exception {
+
+        NTCredentials creds = 
+            new NTCredentials("testuser", "testpass", "host", "domain");
+        
+        HttpState state = new HttpState();
+        state.setCredentials(AuthScope.ANY, creds);
+        this.client.setState(state);
+        this.client.getParams().setAuthenticationPreemptive(true);
+
+        this.server.setHttpService(new PreemptiveNTLMAuthService());
+
+        GetMethod httpget = new GetMethod("/test/");
+        try {
+            this.client.executeMethod(httpget);
+        } finally {
+            httpget.releaseConnection();
+        }
+        assertNotNull(httpget.getStatusLine());
+        assertEquals(HttpStatus.SC_OK, httpget.getStatusLine().getStatusCode());
+    }
+    
     
 }



---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org


Mime
View raw message