hc-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ol...@apache.org
Subject svn commit: r818596 - in /httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client: ClientAuthentication.java ClientInteractiveAuthentication.java ClientKerberosAuthentication.java
Date Thu, 24 Sep 2009 19:19:07 GMT
Author: olegk
Date: Thu Sep 24 19:19:05 2009
New Revision: 818596

URL: http://svn.apache.org/viewvc?rev=818596&view=rev
Log:
Cleaned up Kerberos example a little 

Modified:
    httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client/ClientAuthentication.java
    httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client/ClientInteractiveAuthentication.java
    httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client/ClientKerberosAuthentication.java

Modified: httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client/ClientAuthentication.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client/ClientAuthentication.java?rev=818596&r1=818595&r2=818596&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client/ClientAuthentication.java
(original)
+++ httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client/ClientAuthentication.java
Thu Sep 24 19:19:05 2009
@@ -21,9 +21,6 @@
  * individuals on behalf of the Apache Software Foundation.  For more
  * information on the Apache Software Foundation, please see
  * <http://www.apache.org/>.
- *
- * [Additional notices, if required by prior licensing conditions]
- *
  */
 
 package org.apache.http.examples.client;

Modified: httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client/ClientInteractiveAuthentication.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client/ClientInteractiveAuthentication.java?rev=818596&r1=818595&r2=818596&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client/ClientInteractiveAuthentication.java
(original)
+++ httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client/ClientInteractiveAuthentication.java
Thu Sep 24 19:19:05 2009
@@ -21,9 +21,6 @@
  * individuals on behalf of the Apache Software Foundation.  For more
  * information on the Apache Software Foundation, please see
  * <http://www.apache.org/>.
- *
- * [Additional notices, if required by prior licensing conditions]
- *
  */
 
 package org.apache.http.examples.client;

Modified: httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client/ClientKerberosAuthentication.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client/ClientKerberosAuthentication.java?rev=818596&r1=818595&r2=818596&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client/ClientKerberosAuthentication.java
(original)
+++ httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client/ClientKerberosAuthentication.java
Thu Sep 24 19:19:05 2009
@@ -1,11 +1,12 @@
 /*
  * ====================================================================
  *
- *  Copyright 2002-2009 The Apache Software Foundation
- *
- *  Licensed under the Apache License, Version 2.0 (the "License");
- *  you may not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
@@ -20,35 +21,22 @@
  * individuals on behalf of the Apache Software Foundation.  For more
  * information on the Apache Software Foundation, please see
  * <http://www.apache.org/>.
- *
  */
 
 package org.apache.http.examples.client;
 
-import java.io.IOException;
-import java.security.KeyManagementException;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
 import java.security.Principal;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.CertificateException;
-import java.util.Arrays;
-import java.util.Collections;
 
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
 import org.apache.http.HttpEntity;
 import org.apache.http.HttpResponse;
-import org.apache.http.auth.AuthSchemeRegistry;
 import org.apache.http.auth.AuthScope;
 import org.apache.http.auth.Credentials;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.client.methods.HttpUriRequest;
-import org.apache.http.client.protocol.ClientContext;
+import org.apache.http.client.params.AuthPolicy;
 import org.apache.http.impl.auth.NegotiateSchemeFactory;
 import org.apache.http.impl.client.DefaultHttpClient;
-import org.apache.http.protocol.BasicHttpContext;
-import org.apache.http.protocol.HttpContext;
+import org.apache.http.util.EntityUtils;
 
 /**
  * Kerberos auth example.
@@ -110,135 +98,91 @@
  *   com.sun.security.auth.module.Krb5LoginModule required client=TRUE useTicketCache=true
debug=true;
  *};
  * </pre>
+ * 
+ * @since 4.1
  */
 public class ClientKerberosAuthentication {
-    private static final Log LOG = LogFactory.getLog(ClientKerberosAuthentication.class);
-    private static String kerbHttpHost = "";
-    
-    public static void main(String[] args) throws KeyStoreException, NoSuchAlgorithmException,
CertificateException, IOException, KeyManagementException, UnrecoverableKeyException {
+
+    public static void main(String[] args) throws Exception {
+
         System.setProperty("java.security.auth.login.config", "login.conf");
         System.setProperty("java.security.krb5.conf", "krb5.conf");
         System.setProperty("sun.security.krb5.debug", "true");
         System.setProperty("javax.security.auth.useSubjectCredsOnly","false");
         
-        if( args.length > 0 )
-            kerbHttpHost = args[0];
-        
-        /*        Below is helpful on windows.
-
-         Solution 2: You need to update the Windows registry to disable this new feature.
The registry key allowtgtsessionkey should be added--and set correctly--to allow session keys
to be sent in the Kerberos Ticket-Granting Ticket.
-
-         On the Windows Server 2003 and Windows 2000 SP4, here is the required registry setting:
-
-             HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos\Parameters
-             Value Name: allowtgtsessionkey
-             Value Type: REG_DWORD
-             Value: 0x01 
-
-         Here is the location of the registry setting on Windows XP SP2:
-
-             HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos\
-             Value Name: allowtgtsessionkey
-             Value Type: REG_DWORD
-             Value: 0x01
+        /*        
+         * Below is helpful on windows.
+         * Solution 2: You need to update the Windows registry to disable this new feature.

+         * The registry key allowtgtsessionkey should be added--and set correctly--to allow

+         * session keys to be sent in the Kerberos Ticket-Granting Ticket.
+         * 
+         * On the Windows Server 2003 and Windows 2000 SP4, here is the required registry
setting:
+         *
+         * HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos\Parameters
+         *   Value Name: allowtgtsessionkey
+         *   Value Type: REG_DWORD
+         *   Value: 0x01 
+         *
+         * Here is the location of the registry setting on Windows XP SP2:
+         *
+         * HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos\
+         *   Value Name: allowtgtsessionkey
+         *   Value Type: REG_DWORD
+         *   Value: 0x01
          */
 
         DefaultHttpClient httpclient = new DefaultHttpClient();
 
-        /* NegotiateSchemeFactory creates the NegotiateScheme instance to be use for each
request
-         * if using Java 5/6 and IIS7 you can just use the defaults. JbossNegotiate use setStripPort(true),
-         * or add service names with ports to kerberos DB. JbossNegotiate needs Java 6 or
a SpengoGenerator.
+        /* 
+         * NegotiateSchemeFactory creates the NegotiateScheme instance to be use for each
request
+         * if using Java 5/6 and IIS7 you can just use the defaults. 
+         * JbossNegotiate use setStripPort(true), or add service names with ports to kerberos
DB. 
+         * JbossNegotiate needs Java 6 or a SpengoGenerator.
          */
-        NegotiateSchemeFactory negotiateFact = new NegotiateSchemeFactory();
-//        negotiateFact.setStripPort(false);
-//        negotiateFact.setSpnegoCreate(true);
-//        negotiateFact.setSpengoGenerator(new BouncySpnegoTokenGenerator());
+        NegotiateSchemeFactory nsf = new NegotiateSchemeFactory();
+//        nsf.setStripPort(false);
+//        nsf.setSpnegoCreate(true);
+//        nsf.setSpengoGenerator(new BouncySpnegoTokenGenerator());
         
-        AuthSchemeRegistry authSchemeRegistry = httpclient.getAuthSchemes();
-        authSchemeRegistry.unregister("basic");
-        authSchemeRegistry.unregister("digest");
-        authSchemeRegistry.unregister("NTLM");
-        authSchemeRegistry.register("Negotiate", negotiateFact);
-//        authSchemeRegistry.register("NTLM", new NTLMSchemeFactory());
-//        authSchemeRegistry.register("Basic", new BasicSchemeFactory());
-        httpclient.setAuthSchemes(authSchemeRegistry);
+        httpclient.getAuthSchemes().register(AuthPolicy.SPNEGO, nsf);
 
         Credentials use_jaas_creds = new Credentials() {
-            // @Override
+
             public String getPassword() {
                 return null;
             }
-            // @Override
+
             public Principal getUserPrincipal() {
                 return null;
             }
+            
         };
 
         httpclient.getCredentialsProvider().setCredentials(
                 new AuthScope(null, -1, null),
                 use_jaas_creds);
 
-        HttpUriRequest request = new HttpGet(kerbHttpHost);
-        HttpResponse response = null;
-        HttpEntity entity = null;
-
-        // ResponseHandler<String> responseHandler = new BasicResponseHandler();
-        String responseBody = null;
-        /* note the we use the 2 parameter execute call. */
-        /* also keepalives should be implemented, either set on server or code in client
*/
-        try{
-            // responseBody = httpclient.execute(request,  responseHandler, createHttpContext(httpclient));
-            response = httpclient.execute(request, createHttpContext(httpclient));
-            entity = response.getEntity();
-        } catch ( Exception ex){
-            LOG.debug(ex.getMessage(), ex);
-        }
+        HttpUriRequest request = new HttpGet("http://kerberoshost/");
+        HttpResponse response = httpclient.execute(request);
+        HttpEntity entity = response.getEntity();
 
         System.out.println("----------------------------------------");
-        System.out.println(responseBody);
+        System.out.println(response.getStatusLine());
         System.out.println("----------------------------------------");
         if (entity != null) {
-            System.out.println("Response content length: " + entity.getContentLength());
-            entity.writeTo(System.out);
+            System.out.println(EntityUtils.toString(entity));
         }
+        System.out.println("----------------------------------------");
+        
+        // This ensures the connection gets released back to the manager
         if (entity != null) {
             entity.consumeContent();
         }
-    }
 
-    /**
-     * createHttpContext - This is a copy of DefaultHttpClient method
-     * createHttpContext with "negotiate" added to AUTH_SCHEME_PREF to allow for 
-     * Kerberos authentication. Could also extend DefaultHttpClient overriding the
-     * default createHttpContext.
-     * 
-     * @param httpclient - our Httpclient
-     * @return HttpContext
-     */
-    static HttpContext createHttpContext(DefaultHttpClient httpclient){
-        HttpContext context = new BasicHttpContext();
-        context.setAttribute(
-                ClientContext.AUTHSCHEME_REGISTRY, 
-                httpclient.getAuthSchemes());
-        context.setAttribute(
-                ClientContext.AUTH_SCHEME_PREF, 
-                Collections.unmodifiableList( Arrays.asList(new String[] {
-                        "negotiate",
-                        "ntlm",
-                        "digest",
-                        "basic" 
-                }))
-        );
-        context.setAttribute(
-                ClientContext.COOKIESPEC_REGISTRY, 
-                httpclient.getCookieSpecs());
-        context.setAttribute(
-                ClientContext.COOKIE_STORE, 
-                httpclient.getCookieStore());
-        context.setAttribute(
-                ClientContext.CREDS_PROVIDER, 
-                httpclient.getCredentialsProvider());
-        return context;
+        // When HttpClient instance is no longer needed, 
+        // shut down the connection manager to ensure
+        // immediate deallocation of all system resources
+        httpclient.getConnectionManager().shutdown();        
     }
-    
+
 }



Mime
View raw message