hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Httpcomponents Wiki] Update of "HttpClientTutorial" by OlegKalnichevski
Date Fri, 15 May 2009 19:11:55 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Httpcomponents Wiki" for change notification.

The following page has been changed by OlegKalnichevski:
http://wiki.apache.org/HttpComponents/HttpClientTutorial

------------------------------------------------------------------------------
      
  = HTTP authentication =
  
+     HttpClient provides full support for authentication schemes defined by the HTTP standard
specification. HttpClient's authentication framework can also be extended to support non-standard
authentication schemes such as NTLM and SPNEGO.
+ 
  == User credentials ==
    
-   Basic username / password. NTLM credentials. Credentials providers. Credentials store.
+   Any process sof user authentication requires a set of credentials that can be used to
establish user identity. In the simplest form user crednetials can be just a user name / password
pair. UsernamePasswordCredentials represents a set of credentials consisting of a security
principal and a password in clear text. This implementation is sufficient for standard authentication
schemes defined by the HTTP standard specification. 
    
+ {{{
+ UsernamePasswordCredentials creds = new UsernamePasswordCredentials("user", "pwd");
+ System.out.println(creds.getUserPrincipal().getName());
+ System.out.println(creds.getPassword());
+ }}}
+ 
+ stdout>
+ {{{
+ user
+ pwd
+ }}}
+ 
+     NTCredentials is a Microsoft Windows specific implementation that includes in addition
to the user name / password pair a set of additional Windows specific attributes such as the
name of the user domain, as in Microsoft Windows network the same user can belong to multiple
domains with a different set of authorizations.
+ 
+ {{{
+ NTCredentials creds = new NTCredentials("user", "pwd", "workstation", "domain");
+ System.out.println(creds.getUserPrincipal().getName());
+ System.out.println(creds.getPassword());
+ }}}
+ 
+ stdout>
+ {{{
+ DOMAIN/user
+ pwd
+ }}}
+     
  == Authentication schemes ==
  
+     The AuthScheme interface represents an abstract challenge-response oriented authentication
scheme. An authentication scheme is expected to support the following functions:
- === Basic ===
-   
-    Well, basic authetication. Suits best TLS/SSL encrypted communication.
  
+     * Parse and process the challenge sent by the target server in response to request for
a protected resource.
+  
+     * Provide properties of the processed challenge: the authentication scheme type and
its parameters, such the realm this authentication scheme is applicable to, if avaialble
- === Digest ===
-   
-    Digest authetication. More secure than Basic.
- 
- === NTLM authentication ===
-   
-    Windows platform specific. Believed to be more secure than Digest. Supported only partially

-    through an external engine (JCIFS).
-    
+     
+     * Generate authorization string for the given set of credentials and the HTTP request
in response to the actual authorization challenge.
+ 
+     Please note authentication schemes may be stateful involving a series of challenge-response
exchanges.
+ 
+     HttpClient ships with several AuthScheme implementations:
+     
+     * '''Basic''': Basic authentication scheme as defined in RFC 2617. This authentication
scheme is insecure, as the credentials are transmitted in clear text. Despite its insecurity
Basic authentication scheme is perfectly adequate if used in combination with the TLS/SSL
encryption.
+   
+     * '''Digest''': Digest authentication scheme as defined in RFC 2617. Digest authentication
scheme is considered more secure than Basic and can be a good choice for those applications
that do not want the overhead of full transport security through TLS/SSL encryption.
+   
+     * '''NTLM authentication''': NTLM is a proprietary authentication scheme developed by
Microsoft and optimized for Windows platforms. NTLM is believed to be more secure than Digest.
This scheme is supported only partially and requires an external NTLM engine. For details
please refer to the NTLM_SUPPORT.txt document included with HttpClient distributions.
+ 
+ == HTTP authentication parameters ==
+     
+     These are parameters that be used to customize HTTP authentication process and behaviour
of individual authentication schemes:
+     
+     * '''http.auth.credential-charset''': Defines the charset to be used when encoding user
credentials. This parameter expects a value of type java.lang.String.
+ 
+ == Authentication scheme registry ==
+ 
+     HttpClient maintains a registry of available authentication scheme using AuthSchemeRegistry
class. The following schemes are registered per default:
+     
+     * '''Basic''': Basic authentication scheme.
+ 
+     * '''Digest''': Digest authentication scheme.
+         
+     NTLM scheme is not registered per default. 
+         
  == Choosing authetication policy ==
  
    HTTP client level authetication policy can be overriden on the HTTP request level if required.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message