cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cschnei...@apache.org
Subject svn commit: r1054926 - in /cxf/trunk: rt/transports/http/src/main/java/org/apache/cxf/transport/http/ rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/ rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/ rt/transpo...
Date Tue, 04 Jan 2011 07:28:15 GMT
Author: cschneider
Date: Tue Jan  4 07:28:14 2011
New Revision: 1054926

URL: http://svn.apache.org/viewvc?rev=1054926&view=rev
Log:
CXF-3216 Moving http auth classes to as separate package. changing HttpAuthSupplier to an
interface and making it simpler. Note: This makes HttpAuthSupplier incompatible with the old
style. 

Added:
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DefaultBasicAuthSupplier.java
      - copied, changed from r1052233, cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/DefaultBasicAuthSupplier.java
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DigestAuthSupplier.java
      - copied, changed from r1052233, cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/DigestAuthSupplier.java
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/HttpAuthHeader.java
      - copied, changed from r1052233, cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthHeader.java
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/HttpAuthSupplier.java
      - copied, changed from r1051955, cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthSupplier.java
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/SpnegoAuthSupplier.java
      - copied, changed from r1052233, cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/SpnegoAuthSupplier.java
Removed:
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/DefaultBasicAuthSupplier.java
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/DigestAuthSupplier.java
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthHeader.java
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthSupplier.java
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpBasicAuthSupplier.java
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpSpnegoAuthInterceptor.java
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/SpnegoAuthSupplier.java
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpBasicAuthSupplierBeanDefinitionParser.java
Modified:
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpAuthSupplierBeanDefinitionParser.java
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpConduitBeanDefinitionParser.java
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/NamespaceHandler.java
    cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/DigestAuthSupplierTest.java
    cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/HTTPConduitTest.java
    cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/HttpAuthHeaderTest.java
    cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPConduitTest.java

Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java?rev=1054926&r1=1054925&r2=1054926&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
(original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
Tue Jan  4 07:28:14 2011
@@ -64,6 +64,11 @@ import org.apache.cxf.phase.PhaseInterce
 import org.apache.cxf.service.model.EndpointInfo;
 import org.apache.cxf.transport.AbstractConduit;
 import org.apache.cxf.transport.MessageObserver;
+import org.apache.cxf.transport.http.auth.DefaultBasicAuthSupplier;
+import org.apache.cxf.transport.http.auth.DigestAuthSupplier;
+import org.apache.cxf.transport.http.auth.HttpAuthHeader;
+import org.apache.cxf.transport.http.auth.HttpAuthSupplier;
+import org.apache.cxf.transport.http.auth.SpnegoAuthSupplier;
 import org.apache.cxf.transport.http.policy.PolicyUtils;
 import org.apache.cxf.transport.https.CertConstraints;
 import org.apache.cxf.transport.https.CertConstraintsInterceptor;
@@ -236,9 +241,16 @@ public class HTTPConduit 
     private MessageTrustDecider trustDecider;
     
     /**
-     * This field contains the HttpAuthSupplier.
+     * Implements the authentication handling when talking to a server. If it is not set
+     * it will be created from the authorizationPolicy.authType
      */
     private HttpAuthSupplier authSupplier;
+    
+    /**
+     * Implements the proxy authentication handling. If it is not set
+     * it will be created from the proxyAuthorizationPolicy.authType
+     */
+    private HttpAuthSupplier proxyAuthSupplier;
 
     private Cookies cookies;
     
@@ -361,8 +373,6 @@ public class HTTPConduit 
         } else {
             LOG.log(Level.FINE, "HttpAuthSupplier of class '" 
                     + authSupplier.getClass().getName()
-                    + "' with logical name of '"
-                    + authSupplier.getLogicalName()
                     + "' has been configured for Conduit '" 
                     + getConduitName()
                     + "'");
@@ -471,8 +481,11 @@ public class HTTPConduit 
         int chunkThreshold = 0;
         final AuthorizationPolicy effectiveAuthPolicy = getEffectiveAuthPolicy(message);
         if (this.authSupplier == null) {
-            String authType = effectiveAuthPolicy.getAuthorizationType();
-            this.authSupplier = createAuthSupplier(authType);
+            this.authSupplier = createAuthSupplier(effectiveAuthPolicy.getAuthorizationType());
+        }
+        
+        if (this.proxyAuthSupplier == null) {
+            this.proxyAuthSupplier = createAuthSupplier(proxyAuthorizationPolicy.getAuthorizationType());
         }
 
         if (this.authSupplier.requiresRequestCaching()) {
@@ -727,26 +740,16 @@ public class HTTPConduit 
             URL url
     ) {
         Headers headers = new Headers(message);
-        String authString = authSupplier.getPreemptiveAuthorization(this, url, message);
+        AuthorizationPolicy effectiveAuthPolicy = getEffectiveAuthPolicy(message);
+        String authString = authSupplier.getAuthorization(effectiveAuthPolicy, url, message,
null);
         if (authString != null) {
             headers.setAuthorization(authString);
         }
         
-        // TODO Also use an authSupplier for proxy auth
-        AuthorizationPolicy proxyAuthPolicy = getProxyAuthorization();
-        if (proxyAuthPolicy != null && proxyAuthPolicy.isSetUserName()) {
-            String userName = proxyAuthPolicy.getUserName();
-            if (userName != null) {
-                String passwd = "";
-                if (proxyAuthPolicy.isSetPassword()) {
-                    passwd = proxyAuthPolicy.getPassword();
-                }
-                headers.setProxyAuthorization(HttpBasicAuthSupplier.getBasicAuthHeader(userName,
passwd));
-            } else if (proxyAuthPolicy.isSetAuthorizationType() 
-                       && proxyAuthPolicy.isSetAuthorization()) {
-                headers.setProxyAuthorization(proxyAuthPolicy.getAuthorizationType() + "
" 
-                        + proxyAuthPolicy.getAuthorization());
-            }
+        String proxyAuthString = authSupplier.getAuthorization(proxyAuthorizationPolicy,

+                                                               url, message, null);
+        if (proxyAuthString != null) {
+            headers.setProxyAuthorization(proxyAuthString);
         }
     }
 
@@ -906,6 +909,14 @@ public class HTTPConduit 
         this.authSupplier = supplier;
     }
     
+    public HttpAuthSupplier getProxyAuthSupplier() {
+        return proxyAuthSupplier;
+    }
+
+    public void setProxyAuthSupplier(HttpAuthSupplier proxyAuthSupplier) {
+        this.proxyAuthSupplier = proxyAuthSupplier;
+    }
+
     /**
      * This function processes any retransmits at the direction of redirections
      * or "unauthorized" responses.
@@ -1002,27 +1013,17 @@ public class HTTPConduit 
         CacheAndWriteOutputStream cachedStream
     ) throws IOException {
         HttpAuthHeader authHeader = new HttpAuthHeader(connection.getHeaderField("WWW-Authenticate"));
-        // If we don't have a dynamic supply of user pass, then
-        // we don't retransmit. We just die with a Http 401 response.
-        if (authSupplier == null) {
-            if (authHeader.authTypeIsDigest()) {
-                authSupplier = new DigestAuthSupplier();
-            } else {
-                return connection;
-            }
-        }
-        
         URL currentURL = connection.getURL();
         String realm = authHeader.getRealm();
         detectAuthorizationLoop(getConduitName(), message, currentURL, realm);
+        AuthorizationPolicy effectiveAthPolicy = getEffectiveAuthPolicy(message);
         String authorizationToken = 
-            authSupplier.getAuthorizationForRealm(
-                this, currentURL, message, realm, authHeader.getFullHeader());
+            authSupplier.getAuthorization(
+                effectiveAthPolicy, currentURL, message, authHeader.getFullHeader());
         if (authorizationToken == null) {
             // authentication not possible => we give up
             return connection;
         }
-
         new Headers(message).setAuthorization(authorizationToken);
         cookies.writeToMessageHeaders(message);
         connection.disconnect();
@@ -1628,11 +1629,6 @@ public class HTTPConduit 
         return PolicyUtils.HTTPCLIENTPOLICY_ASSERTION_QNAME.equals(type);  
     }
 
-    @Deprecated
-    public void setBasicAuthSupplier(HttpBasicAuthSupplier basicAuthSupplier) {
-        setAuthSupplier(basicAuthSupplier);
-    }
-
     public void propertyChange(PropertyChangeEvent evt) {
         if (evt.getSource() == clientSidePolicy
             && "decoupledEndpoint".equals(evt.getPropertyName())) {

Copied: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DefaultBasicAuthSupplier.java
(from r1052233, cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/DefaultBasicAuthSupplier.java)
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DefaultBasicAuthSupplier.java?p2=cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DefaultBasicAuthSupplier.java&p1=cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/DefaultBasicAuthSupplier.java&r1=1052233&r2=1054926&rev=1054926&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/DefaultBasicAuthSupplier.java
(original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DefaultBasicAuthSupplier.java
Tue Jan  4 07:28:14 2011
@@ -16,34 +16,38 @@
  * specific language governing permissions and limitations
  * under the License.
  */
-package org.apache.cxf.transport.http;
+package org.apache.cxf.transport.http.auth;
 
 import java.net.URL;
 
+import org.apache.cxf.common.util.Base64Utility;
 import org.apache.cxf.configuration.security.AuthorizationPolicy;
 import org.apache.cxf.message.Message;
 
-final class DefaultBasicAuthSupplier extends HttpAuthSupplier {
-    DefaultBasicAuthSupplier() {
+public final class DefaultBasicAuthSupplier implements HttpAuthSupplier {
+    public DefaultBasicAuthSupplier() {
         super();
     }
 
-    @Override
-    public String getPreemptiveAuthorization(HTTPConduit conduit, URL currentURL, Message
message) {
-        AuthorizationPolicy effectiveAuthPolicy = conduit.getEffectiveAuthPolicy(message);
-        if (effectiveAuthPolicy.getUserName() != null && effectiveAuthPolicy.getPassword()
!= null) {
-            return HttpBasicAuthSupplier.getBasicAuthHeader(effectiveAuthPolicy.getUserName(),

-                                                            effectiveAuthPolicy.getPassword());
+    public boolean requiresRequestCaching() {
+        return false;
+    }
+    
+    public static String getBasicAuthHeader(String userName, String passwd) {
+        String userAndPass = userName + ":" + passwd;
+        return "Basic " + Base64Utility.encode(userAndPass.getBytes());
+    }
+
+    public String getAuthorization(AuthorizationPolicy  authPolicy,
+                                   URL currentURL,
+                                   Message message,
+                                   String fullHeader) {
+        if (authPolicy.getUserName() != null && authPolicy.getPassword() != null)
{
+            return getBasicAuthHeader(authPolicy.getUserName(), 
+                                      authPolicy.getPassword());
         } else {
             return null;
         }
     }
 
-    @Override
-    public String getAuthorizationForRealm(HTTPConduit conduit, URL currentURL, Message message,
-                                           String realm, String fullHeader) {
-        return getPreemptiveAuthorization(conduit, currentURL, message);
-    }
-
-
 }
\ No newline at end of file

Copied: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DigestAuthSupplier.java
(from r1052233, cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/DigestAuthSupplier.java)
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DigestAuthSupplier.java?p2=cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DigestAuthSupplier.java&p1=cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/DigestAuthSupplier.java&r1=1052233&r2=1054926&rev=1054926&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/DigestAuthSupplier.java
(original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DigestAuthSupplier.java
Tue Jan  4 07:28:14 2011
@@ -17,7 +17,7 @@
  * under the License.
  */
 
-package org.apache.cxf.transport.http;
+package org.apache.cxf.transport.http.auth;
 
 import java.io.UnsupportedEncodingException;
 import java.net.URL;
@@ -33,7 +33,7 @@ import org.apache.cxf.message.Message;
 /**
  * 
  */
-public class DigestAuthSupplier extends HttpAuthSupplier {
+public class DigestAuthSupplier implements HttpAuthSupplier {
     private static final char[] HEXADECIMAL = {
         '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'
     };
@@ -60,11 +60,23 @@ public class DigestAuthSupplier extends 
         return true;
     }
 
-    @Override
-    public String getAuthorizationForRealm(HTTPConduit conduit, URL currentURL,
-                                           Message message,
-                                           String realm, String fullHeader) {
-        AuthorizationPolicy authPolicy = conduit.getEffectiveAuthPolicy(message);
+    public String getAuthorization(AuthorizationPolicy  authPolicy,
+                                   URL currentURL,
+                                   Message message,
+                                   String fullHeader) {
+        if (fullHeader == null) {
+            DigestInfo di = authInfo.get(currentURL);
+            if (di != null) {
+                /* Preemptive authentication is only possible if we have a cached
+                 * challenge
+                 */
+                return di.generateAuth(currentURL.getFile(), 
+                                       authPolicy.getUserName(),
+                                       authPolicy.getPassword());            
+            } else {
+                return null;
+            }
+        }
         HttpAuthHeader authHeader = new HttpAuthHeader(fullHeader);
         if (authHeader.authTypeIsDigest() && authPolicy != null) {
             Map<String, String> map = authHeader.getParams();
@@ -95,17 +107,6 @@ public class DigestAuthSupplier extends 
         }
         return null;
     }
-    @Override
-    public String getPreemptiveAuthorization(HTTPConduit conduit, URL currentURL, Message
message) {
-        DigestInfo di = authInfo.get(currentURL);
-        AuthorizationPolicy authPolicy = conduit.getEffectiveAuthPolicy(message);
-        if (di != null) {
-            return di.generateAuth(currentURL.getFile(), 
-                                   authPolicy.getUserName(),
-                                   authPolicy.getPassword());            
-        }
-        return null;
-    }
 
     public String createCnonce() throws UnsupportedEncodingException {
         String cnonce = Long.toString(System.currentTimeMillis());

Copied: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/HttpAuthHeader.java
(from r1052233, cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthHeader.java)
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/HttpAuthHeader.java?p2=cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/HttpAuthHeader.java&p1=cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthHeader.java&r1=1052233&r2=1054926&rev=1054926&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthHeader.java
(original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/HttpAuthHeader.java
Tue Jan  4 07:28:14 2011
@@ -16,7 +16,7 @@
  * specific language governing permissions and limitations
  * under the License.
  */
-package org.apache.cxf.transport.http;
+package org.apache.cxf.transport.http.auth;
 
 import java.io.IOException;
 import java.io.StreamTokenizer;

Copied: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/HttpAuthSupplier.java
(from r1051955, cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthSupplier.java)
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/HttpAuthSupplier.java?p2=cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/HttpAuthSupplier.java&p1=cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthSupplier.java&r1=1051955&r2=1054926&rev=1054926&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthSupplier.java
(original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/HttpAuthSupplier.java
Tue Jan  4 07:28:14 2011
@@ -17,21 +17,15 @@
  * under the License.
  */
 
-package org.apache.cxf.transport.http;
+package org.apache.cxf.transport.http.auth;
 
 import java.net.URL;
 
+import org.apache.cxf.configuration.security.AuthorizationPolicy;
 import org.apache.cxf.message.Message;
 
 /**
- * This abstract class is extended by developers who need HTTP Auth
- * functionality on the client side. It supplies Authorization 
- * information to an HTTPConduit.
- * <p>
- * The HTTPConduit will make a call to getPreemptiveAuthorization before
- * an HTTP request is made. The HTTPConduit will call on 
- * getAuthorizationForRealm upon getting a 401 HTTP Response with a
- * "WWW-Authenticate: Basic realm=????" header. 
+ * Supplies Authorization information to an HTTPConduit.
  * <p>
  * A HTTPConduit keeps a reference to this HttpAuthSupplier for the life
  * of the HTTPConduit, unless changed out by dynamic configuration.
@@ -40,89 +34,30 @@ import org.apache.cxf.message.Message;
  * <p>
  * For instance, an implementation may not provide a Authorization preemptively for 
  * a particular URL and decide to get the realm information from 
- * a 401 response in which the HTTPConduit will call getAuthorizationForReam for
+ * a 401 response in which the HTTPConduit will call getAuthorization for
  * that URL. Then this implementation may provide the Authorization for this
- * particular URL preemptively for subsequent calls to getPreemptiveAuthorization.
+ * particular URL preemptively for subsequent calls to getAuthorization.
  */
-public abstract class HttpAuthSupplier {
-    
-    /**
-     * This field contains the logical name of this HttpBasicAuthSuppler.
-     * This field is not assigned to be final, since an extension may be
-     * Spring initialized as a bean, have an appropriate setLogicalName
-     * method, and set this field.
-     */
-    protected String logicalName;
-    
-    /**
-     * The default constructor assigns the class name as the LogicalName.
-     *
-     */
-    protected HttpAuthSupplier() {
-        logicalName = this.getClass().getName();
-    }
-    
-    /**
-     * This constructor assigns the LogicalName of this HttpBasicAuthSupplier.
-     * 
-     * @param name The Logical Name.
-     */
-    protected HttpAuthSupplier(String name) {
-        logicalName = name;
-    }
-    
-    /**
-     * This method returns the LogicalName of this HttpBasicAuthSupplier.
-     */
-    public String getLogicalName() {
-        return logicalName;
-    }
-    
+public interface HttpAuthSupplier {
+
     /**
      * If the supplier requires the request to be cached to be resent, return true
      */
-    public boolean requiresRequestCaching() {
-        return false;
-    }
-    
-    /**
-     * The HTTPConduit makes a call to this method before connecting
-     * to the server behind a particular URL. If this implementation does not 
-     * have a Authorization for this URL, it should return null.
-     * 
-     * @param conduit     The HTTPConduit making the call.
-     * @param currentURL  The URL to which the request is to be made.
-     * @param message     The CXF Message.
-     * 
-     * @return This method returns null if no Authorization is available.
-     */
-    public abstract String getPreemptiveAuthorization(
-            HTTPConduit  conduit,
-            URL     currentURL,
-            Message message);
+    boolean requiresRequestCaching();
             
     /**
-     * The HTTPConduit makes a call to this method if it
-     * receives a 401 response to a particular URL for
-     * a given message. The realm information is taken
-     * from the "WWW-Authenticate: ???? realm=?????"
-     * header. The current message may be retransmitted
-     * if this call returns a Authorization. The current message will
-     * fail with a 401 if null is returned. If no Authorization is available
-     * for this particular URL, realm, and message, then null
-     * should be returned.
+     * The HTTPConduit makes a call to this method to obtain
+     * an Authentication token for http authentication.
      * 
-     * @param conduit     The conduit making the call.
-     * @param currentURL  The current URL from which the reponse came.
-     * @param message     The CXF Message.
-     * @param realm       The realm extraced from the basic auth header.
-     * @param fullHeader  The full WWW-Authenticate header
-     * @return
-     */
-    public abstract String getAuthorizationForRealm(
-            HTTPConduit conduit,
-            URL     currentURL,
+     * @param authPolicy credentials for the authentication
+     * @param url The URL we want to connect to
+     * @param message     The CXF Message
+     * @param fullHeader  The full WWW-Authenticate header or null if preemptive auth
+     * @return token for Authenticate string or null if authentication is not possible
+     */
+    String getAuthorization(
+            AuthorizationPolicy  authPolicy,
+            URL     url,
             Message message,
-            String  realm,
             String  fullHeader);
 }

Copied: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/SpnegoAuthSupplier.java
(from r1052233, cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/SpnegoAuthSupplier.java)
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/SpnegoAuthSupplier.java?p2=cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/SpnegoAuthSupplier.java&p1=cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/SpnegoAuthSupplier.java&r1=1052233&r2=1054926&rev=1054926&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/SpnegoAuthSupplier.java
(original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/SpnegoAuthSupplier.java
Tue Jan  4 07:28:14 2011
@@ -16,7 +16,7 @@
  * specific language governing permissions and limitations
  * under the License.
  */
-package org.apache.cxf.transport.http;
+package org.apache.cxf.transport.http.auth;
 
 import java.net.URL;
 import java.security.PrivilegedActionException;
@@ -42,17 +42,22 @@ import org.ietf.jgss.GSSManager;
 import org.ietf.jgss.GSSName;
 import org.ietf.jgss.Oid;
 
-public class SpnegoAuthSupplier extends HttpAuthSupplier {
+public class SpnegoAuthSupplier implements HttpAuthSupplier {
     private static final String KERBEROS_OID = "1.2.840.113554.1.2.2";
     //private static final String SPNEGO_OID = "1.3.6.1.5.5.2";
 
-    private static final Logger LOG = LogUtils.getL7dLogger(HTTPConduit.class);
+    private static final Logger LOG = LogUtils.getL7dLogger(SpnegoAuthSupplier.class);
 
     private LoginContext lc;
+    
+    public boolean requiresRequestCaching() {
+        return false;
+    }
 
-    @Override
-    public String getPreemptiveAuthorization(HTTPConduit conduit, URL currentURL, Message
message) {
-        AuthorizationPolicy authPolicy = conduit.getEffectiveAuthPolicy(message);
+    public String getAuthorization(AuthorizationPolicy  authPolicy,
+                                    URL currentURL,
+                                    Message message,
+                                    String fullHeader) {
         if (!HttpAuthHeader.AUTH_TYPE_NEGOTIATE.equals(authPolicy.getAuthorizationType()))
{
             return null;
         }
@@ -68,12 +73,6 @@ public class SpnegoAuthSupplier extends 
         }
     }
 
-    @Override
-    public String getAuthorizationForRealm(HTTPConduit conduit, URL currentURL, Message message,
-                                           String realm, String fullHeader) {
-        return getPreemptiveAuthorization(conduit, currentURL, message);
-    }
-
     /**
      * Create and return service ticket token
      * 
@@ -169,4 +168,5 @@ public class SpnegoAuthSupplier extends 
         };
         return handler;
     }
+
 }

Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpAuthSupplierBeanDefinitionParser.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpAuthSupplierBeanDefinitionParser.java?rev=1054926&r1=1054925&r2=1054926&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpAuthSupplierBeanDefinitionParser.java
(original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpAuthSupplierBeanDefinitionParser.java
Tue Jan  4 07:28:14 2011
@@ -22,7 +22,7 @@ package org.apache.cxf.transport.http.sp
 
 import org.w3c.dom.Element;
 import org.apache.cxf.configuration.spring.AbstractBeanDefinitionParser;
-import org.apache.cxf.transport.http.HttpAuthSupplier;
+import org.apache.cxf.transport.http.auth.HttpAuthSupplier;
 
 public class HttpAuthSupplierBeanDefinitionParser extends
         AbstractBeanDefinitionParser {

Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpConduitBeanDefinitionParser.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpConduitBeanDefinitionParser.java?rev=1054926&r1=1054925&r2=1054926&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpConduitBeanDefinitionParser.java
(original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpConduitBeanDefinitionParser.java
Tue Jan  4 07:28:14 2011
@@ -34,8 +34,8 @@ import org.apache.cxf.configuration.secu
 import org.apache.cxf.configuration.spring.AbstractBeanDefinitionParser;
 import org.apache.cxf.staxutils.StaxUtils;
 import org.apache.cxf.transport.http.HTTPConduit;
-import org.apache.cxf.transport.http.HttpAuthSupplier;
 import org.apache.cxf.transport.http.MessageTrustDecider;
+import org.apache.cxf.transport.http.auth.HttpAuthSupplier;
 import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
 import org.springframework.beans.factory.support.BeanDefinitionBuilder;
 import org.springframework.beans.factory.xml.ParserContext;

Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/NamespaceHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/NamespaceHandler.java?rev=1054926&r1=1054925&r2=1054926&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/NamespaceHandler.java
(original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/NamespaceHandler.java
Tue Jan  4 07:28:14 2011
@@ -27,9 +27,7 @@ public class NamespaceHandler extends Na
         registerBeanDefinitionParser("trustDecider", 
                 new MessageTrustDeciderBeanDefinitionParser());        
         registerBeanDefinitionParser("authSupplier", 
-                new HttpAuthSupplierBeanDefinitionParser()); 
-        registerBeanDefinitionParser("basicAuthSupplier", 
-                                     new HttpBasicAuthSupplierBeanDefinitionParser()); 
+                new HttpAuthSupplierBeanDefinitionParser());
         registerBeanDefinitionParser("destination", 
                 new HttpDestinationBeanDefinitionParser());        
     }

Modified: cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/DigestAuthSupplierTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/DigestAuthSupplierTest.java?rev=1054926&r1=1054925&r2=1054926&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/DigestAuthSupplierTest.java
(original)
+++ cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/DigestAuthSupplierTest.java
Tue Jan  4 07:28:14 2011
@@ -27,6 +27,8 @@ import java.util.Map;
 import org.apache.cxf.configuration.security.AuthorizationPolicy;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.message.MessageImpl;
+import org.apache.cxf.transport.http.auth.DigestAuthSupplier;
+import org.apache.cxf.transport.http.auth.HttpAuthHeader;
 import org.easymock.classextension.EasyMock;
 import org.easymock.classextension.IMocksControl;
 
@@ -71,18 +73,15 @@ public class DigestAuthSupplierTest {
             
         };
         IMocksControl control = EasyMock.createControl();
-        HTTPConduit conduit = control.createMock(HTTPConduit.class);
         AuthorizationPolicy authorizationPolicy = new AuthorizationPolicy();
         authorizationPolicy.setUserName("testUser");
         authorizationPolicy.setPassword("testPassword");
-        
-        EasyMock.expect(conduit.getEffectiveAuthPolicy(EasyMock.isA(Message.class)))
-            .andReturn(authorizationPolicy).atLeastOnce();
         URL url = new URL("http://myserver");
         Message message = new MessageImpl();
         control.replay();
+        
         String authToken = authSupplier
-            .getAuthorizationForRealm(conduit, url, message, "myRealm", fullHeader);
+            .getAuthorization(authorizationPolicy, url, message, fullHeader);
         HttpAuthHeader authHeader = new HttpAuthHeader(authToken);
         assertEquals("Digest", authHeader.getAuthType());
         Map<String, String> params = authHeader.getParams();

Modified: cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/HTTPConduitTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/HTTPConduitTest.java?rev=1054926&r1=1054925&r2=1054926&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/HTTPConduitTest.java
(original)
+++ cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/HTTPConduitTest.java
Tue Jan  4 07:28:14 2011
@@ -35,6 +35,7 @@ import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.message.MessageImpl;
 import org.apache.cxf.service.model.EndpointInfo;
+import org.apache.cxf.transport.http.auth.HttpAuthSupplier;
 import org.apache.cxf.ws.addressing.EndpointReferenceType;
 import org.apache.cxf.wsdl.EndpointReferenceUtils;
 
@@ -68,20 +69,16 @@ public class HTTPConduitTest extends Ass
         return message;
     }
 
-    /**
-     * This test class is a Basic Auth Supplier with a
-     * preemptive UserPass.
-     */
-    class BasicAuthSupplier extends HttpBasicAuthSupplier {
-        public UserPass getPreemptiveUserPass(
-                String conduitName, URL url, Message m) {
-            return createUserPass("Gandalf", "staff");
-        }
-        public UserPass getUserPassForRealm(
-                String conduitName, URL url, Message m, String r) {
-            return null;
+    private final class TestAuthSupplier implements HttpAuthSupplier {
+
+        public String getAuthorization(AuthorizationPolicy authPolicy, URL currentURL, Message
message,
+                                       String fullHeader) {
+            return "myauth";
         }
 
+        public boolean requiresRequestCaching() {
+            return false;
+        }
     }
 
     /**
@@ -200,7 +197,7 @@ public class HTTPConduitTest extends Ass
                 headers.get("Authorization").get(0));
 
         // Setting a Basic Auth User Pass should override
-        conduit.setAuthSupplier(new BasicAuthSupplier());
+        conduit.setAuthSupplier(new TestAuthSupplier());
         message = getNewMessage();
 
         // Test Call
@@ -208,10 +205,9 @@ public class HTTPConduitTest extends Ass
 
         headers =
             CastUtils.cast((Map<?, ?>)message.get(Message.PROTOCOL_HEADERS));
-
-        assertEquals("Unexpected Authorization Token",
-                "Basic " + Base64Utility.encode("Gandalf:staff".getBytes()),
-                headers.get("Authorization").get(0));
+        List<String> authorization = headers.get("Authorization");
+        assertNotNull("Authorization Token must be set", authorization);
+        assertEquals("Wrong Authorization Token", "myauth", authorization.get(0));
 
         conduit.setAuthSupplier(null);
         // Setting authorization policy on the message should override 

Modified: cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/HttpAuthHeaderTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/HttpAuthHeaderTest.java?rev=1054926&r1=1054925&r2=1054926&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/HttpAuthHeaderTest.java
(original)
+++ cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/HttpAuthHeaderTest.java
Tue Jan  4 07:28:14 2011
@@ -21,6 +21,8 @@ package org.apache.cxf.transport.http;
 import java.util.HashMap;
 import java.util.Map;
 
+import org.apache.cxf.transport.http.auth.HttpAuthHeader;
+
 import org.junit.Test;
 
 import static org.junit.Assert.assertEquals;

Modified: cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPConduitTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPConduitTest.java?rev=1054926&r1=1054925&r2=1054926&view=diff
==============================================================================
--- cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPConduitTest.java
(original)
+++ cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPConduitTest.java
Tue Jan  4 07:28:14 2011
@@ -52,10 +52,11 @@ import org.apache.cxf.message.Message;
 import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
 
 import org.apache.cxf.transport.http.HTTPConduit;
-import org.apache.cxf.transport.http.HttpAuthSupplier;
 import org.apache.cxf.transport.http.MessageTrustDecider;
 import org.apache.cxf.transport.http.URLConnectionInfo;
 import org.apache.cxf.transport.http.UntrustedURLConnectionIOException;
+import org.apache.cxf.transport.http.auth.HttpAuthHeader;
+import org.apache.cxf.transport.http.auth.HttpAuthSupplier;
 
 import org.apache.cxf.transport.https.HttpsURLConnectionInfo;
 
@@ -742,7 +743,7 @@ public class HTTPConduitTest extends Abs
         
     }
 
-    public class MyBasicAuthSupplier extends HttpAuthSupplier {
+    public class MyBasicAuthSupplier implements HttpAuthSupplier {
 
         String realm;
         String user;
@@ -759,27 +760,18 @@ public class HTTPConduitTest extends Abs
             user  = u;
             pass  = p;
         }
-        @Override
-        public String getPreemptiveAuthorization(
-                HTTPConduit  conduit,
-                URL     currentURL,
-                Message message
-        ) {
-            return null;
-        }
 
         /**
          * If we don't have the realm set, then we loop
          * through the realms.
          */
-        @Override
-        public String getAuthorizationForRealm(
-                HTTPConduit  conduit, 
+        public String getAuthorization(
+                AuthorizationPolicy authPolicy,
                 URL     currentURL,
-                Message message, 
-                String  reqestedRealm,
+                Message message,
                 String fullHeader
         ) {
+            String reqestedRealm = new HttpAuthHeader(fullHeader).getRealm();
             if (realm != null && realm.equals(reqestedRealm)) {
                 return createUserPass(user, pass);
             }
@@ -804,6 +796,10 @@ public class HTTPConduitTest extends Abs
             return "Basic " + token;
         }
 
+        public boolean requiresRequestCaching() {
+            return false;
+        }
+
     }
 
     /**



Mime
View raw message