hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Saminda Abeyruwan <sami...@opensource.lk>
Subject Re: Automatic switch between Basic Auth and NTLM Auth
Date Wed, 13 Sep 2006 10:56:48 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Oleg Kalnichevski wrote:
> On Wed, 2006-09-13 at 10:08 +0530, Saminda Abeyruwan wrote:
> Hi Devs,
> 
> I'm Saminda Abeyruwan, Axis2 committer, design and contributed to the
> http/https transport in Axis2. In the process I've been able to
> contribute to Basic and NTLM Auth based on the sample you guys have put
> on the site. But we do (Axis2) handle Basic and NTLM separately. Thus,
> we configure httpclient manually to do basic or NTLM auth. IMHO This is
> wrong. I've been found that this switch is automatically handled by
> commons-httpclient-3.0.
> 
> I would kindly asked, how could i write a codebase to support auth
> without knowing what auth mechanism commons-httpclient uses. I tried
> mayer times to grasp this idea and did some research. But i still need
> some help. Commons-httpclient is a powerful tool, and Axis2 really want
> to explore its capacity.
> 
> 
>> Hi Saminda,
> 
>> HttpClient is designed to automatically select an authentication scheme
>> based on the challenge returned by the target server. It is always the
>> server side of HTTP that determines what kind of authentication
>> mechanism should be used. In those cases when the target server supports
>> multiple authentication schemes HttpClient makes an effort to select the
>> most secure one. The default auth scheme order of preference is NTLM,
>> Digest, Basic. In other words per default HttpClient will always pick
>> NTLM over Basic given a choice. One can set a different order of
>> preference if so is desired. For instance, if you want to make sure
>> HttpClient does not use Basic auth at all, just exclude Basic from the
>> order of preference. 
> 
>> If you need more details, just let me know.
> 
>> Hope this helps somewhat.
> 
>> Oleg

Hi Oleg,

Thank you for the quick response. Based on the
InteractiveAuthenticationExample sample, I've written my own credential
provider to provide either UsernamePasswordCredentials or NTCredentials.

What would be the based way to set the AuthScop, and where should I set
it, if I'm using the following.
    ....
    HttpClient client = new HttpClient();
        client.getParams().setParameter(
            CredentialsProvider.PROVIDER, new MyCredentialProvider());
        GetMethod httpget = new GetMethod("http://foo.com");
        httpget.setDoAuthentication(true);
        try {
            // execute the GET
            int status = client.executeMethod(httpget);
            // print the status and response
            System.out.println(httpget.getStatusLine().toString());
            System.out.println(httpget.getResponseBodyAsString());
        } finally {
            // release any connection resources used by the method
            httpget.releaseConnection();
        }
      ....

Thank you

Saminda

> 
> 
> Please do help me on this.
> 
> Looking forward to hearing from you.
> 
> Saminda
> 
>>
- ---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-dev-help@jakarta.apache.org
>>
>>

> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: httpclient-dev-help@jakarta.apache.org



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFB+PwYmklbLuW6wYRAsFxAJ4hAnjya1b85Pek2ssrYaiiK2EK3gCcDoiO
l8qonPO9XtzX0IE/6GNGQG4=
=LkWj
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-dev-help@jakarta.apache.org


Mime
View raw message