hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Saminda Abeyruwan <sami...@opensource.lk>
Subject Re: Automatic switch between Basic Auth and NTLM Auth
Date Wed, 13 Sep 2006 15:38:20 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Oleg Kalnichevski wrote:
> On Wed, 2006-09-13 at 19:23 +0530, Saminda Abeyruwan wrote:
>> ...
> 
> Hi Oleg
> 
> Thank you very much for the response.
> 
> My custom credential provider is as follows,
> 
> ===========================================================================
> import org.apache.commons.httpclient.auth.*;
> import org.apache.commons.httpclient.Credentials;
> import org.apache.commons.httpclient.NTCredentials;
> import org.apache.commons.httpclient.UsernamePasswordCredentials;
> import org.apache.commons.logging.Log;
> import org.apache.commons.logging.LogFactory;
> 
> import java.io.IOException;
> /*
>  *
>  */
> 
> public class HTTPCredentialProvider implements CredentialsProvider {
> 
>     private static Log log =
> LogFactory.getLog(HTTPCredentialProvider.class);
> 
>     private String host;
>     private String realm;
>     private String username;
>     private String password;
> 
> 
>     public HTTPCredentialProvider(String host, String realm, String
> username, String password) {
>         this.host = host;
>         this.realm = realm;
>         this.username = username;
>         this.password = password;
> 
>     }
> 
>     public Credentials getCredentials(AuthScheme authscheme, String
> string, int i, boolean b)
>             throws CredentialsNotAvailableException {
>         if (authscheme == null) {
>             return null;
>         }
>         try {
>             if (authscheme instanceof NTLMScheme) {
>                 log.debug("NTLM Authentication authentication");
>                 if (username == null || password == null || host == null
> || realm == null) {
>                     throw new CredentialsNotAvailableException(
>                             "user or password or host or realm cannot be
> Null");
>                 }
>                 return new NTCredentials(username, password, host, realm);
>             } else if (authscheme instanceof RFC2617Scheme) {
>                 log.debug(host + " : " + " requires authentication with
> the realm '"
>                           + authscheme.getRealm() + "'");
>                 return new UsernamePasswordCredentials(username, password);
>             } else {
>                 throw new CredentialsNotAvailableException("Unsupported
> authentication scheme: " +
> 
> authscheme.getSchemeName());
>             }
>         } catch (IOException e) {
>             throw new CredentialsNotAvailableException(e.getMessage(), e);
>         }
> 
>     }
> 
> }
> ==========================================================================
> Axis2 just need to work with NTLM, Digest and Basic Auth. Would the
> above custom credential class satisfy the necessary requirement as you
> mentioned. Is there any improvement i should do.
> 
> Clients of Axis2, just say "Turn on Auth", and set host,..etc, where
> they set to HTTPCredentialProvider internally and httpclient magically
> do the auth.  Is this the correct way to handle this situation.
> 
> Saminda
> 
>> Saminda,
> 
>> This credentials provider will cause HttpClient to enter an infinite
>> loop if the given credentials are not valid for some reason (due to a
>> type, for instance).
> 
>> Essentially all you have to do to get the same net effect is this:
> 
>> String username = "username";
>> String password = "password";
>> String host = "somehost";
>> String realm = "realm";
>> NTCredentials creds = new NTCredentials(
>>   username, password, host, realm);
>> httpclient.getState().setCredentials(
>>  new AuthScope(host, AuthScope.ANY_PORT), 
>>  creds);
> 
>> NTCredentials is a super class of UsernamePasswordCredentials, so the
>> same set of credentials will work with Basic and Digest schemes.
> 
>> Give it a shot.
> 
>> Hope this helps
> 
>> Oleg 

Hi Oleg,

Thank you very much Oleg for such a quick response. Axis2 team really
appreciate this aid you have provided.

Since we are using NTCredentials, if the host required would be any host
and if the realm(domain) would be any, could we just pass null to host
and domain in NTCredentials object, and in scope it would be AuthScop.ANY.

Please do assist us on this.

Saminda

> 
> 
>

> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: httpclient-dev-help@jakarta.apache.org



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFCCXsYmklbLuW6wYRAl1XAJ99aC/ARAcY5qCqADvpQxepldSotgCgpq4l
Ija/dWhweklFfzMIA02WDdA=
=/cLi
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-dev-help@jakarta.apache.org


Mime
View raw message