hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oleg Kalnichevski (JIRA)" <j...@apache.org>
Subject [jira] Resolved: (HTTPCLIENT-901) Add a ContextAwareAuthScheme that has access to the HttpContext in the authenticate method
Date Thu, 08 Apr 2010 18:39:36 GMT

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-901?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Oleg Kalnichevski resolved HTTPCLIENT-901.
------------------------------------------

    Resolution: Fixed

Sebastiaan,

I had to go ahead and fix the problem with the proxy authentication exercising my best judgement
based on your input. I guess we will have to live with SPNEGO in its present form for now.
Hopefully you will manage to get around to submitting your improvements some time in the future.


Closing as FIXED.

Oleg  

> Add a ContextAwareAuthScheme that has access to the HttpContext in the authenticate method
> ------------------------------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-901
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-901
>             Project: HttpComponents HttpClient
>          Issue Type: Improvement
>          Components: HttpAuth
>    Affects Versions: 4.1 Alpha1
>            Reporter: Sebastiaan van Erk
>             Fix For: 4.1 Alpha2
>
>
> The interface to be added would be:
> /**
>  * This interface represents an extended  authentication scheme
>  * that requires access to {@link HttpContext} in order to
>  * generate an authorization string.
>  *
>  * @since 4.1
>  */
> public interface ContextAwareAuthScheme extends AuthScheme {
>     /**
>      * Produces an authorization string for the given set of
>      * {@link Credentials}.
>      *
>      * @param credentials The set of credentials to be used for athentication
>      * @param request The request being authenticated
>      * @param context HTTP context
>      * @throws AuthenticationException if authorization string cannot
>      *   be generated due to an authentication failure
>      *
>      * @return the authorization string
>      */
>     Header authenticate(
>             Credentials credentials,
>             HttpRequest request,
>             HttpContext context) throws AuthenticationException;
> }
> Binary compatibility can be maintained by doing an instanceof check at the location where
AuthScheme.authenticate() is called at the moment, and calling the context aware version if
available.
> This interface is necessary for the NegotiateScheme authentication scheme because the
service names for the authentication tickets are based on the hostname of the target host
or proxy host, depending on whether it's normal or proxy authentication, and this information
is only available from the HttpContext.
> Without the HttpContext there is a workaround that works most of the time, which looks
like this:
> 	String host;
> 	if (isProxy()) {
> 		// FIXME this should actually taken from the HttpContext.
> 		HttpHost proxy = ConnRouteParams.getDefaultProxy(request.getParams());
> 		host = proxy.getHostName();
> 	} else {
> 		host = request.getLastHeader("Host").getValue();
> 	}

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message