lucene-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From da...@apache.org
Subject lucene-solr:jira/http2: Upgrade to Jetty 9.4.14
Date Tue, 20 Nov 2018 16:21:42 GMT
Repository: lucene-solr
Updated Branches:
  refs/heads/jira/http2 22b10a56b -> ae147e3e1


Upgrade to Jetty 9.4.14


Project: http://git-wip-us.apache.org/repos/asf/lucene-solr/repo
Commit: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/ae147e3e
Tree: http://git-wip-us.apache.org/repos/asf/lucene-solr/tree/ae147e3e
Diff: http://git-wip-us.apache.org/repos/asf/lucene-solr/diff/ae147e3e

Branch: refs/heads/jira/http2
Commit: ae147e3e1baa3c09b4d03a531c14ac73a6a0bd9b
Parents: 22b10a5
Author: Cao Manh Dat <datcm@apache.org>
Authored: Tue Nov 20 16:21:34 2018 +0000
Committer: Cao Manh Dat <datcm@apache.org>
Committed: Tue Nov 20 16:21:34 2018 +0000

----------------------------------------------------------------------
 lucene/ivy-versions.properties                  |   2 +-
 .../solrj/impl/Krb5HttpClientBuilder.java       |  10 +-
 ...PreemptiveBasicAuthClientBuilderFactory.java |   4 +-
 .../jetty/client/SPNEGOAuthentication.java      | 380 -------------------
 .../SolrAuthenticationProtocolHandler.java      | 314 ---------------
 .../SolrWWWAuthenticationProtocolHandler.java   |  84 ----
 6 files changed, 6 insertions(+), 788 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/ae147e3e/lucene/ivy-versions.properties
----------------------------------------------------------------------
diff --git a/lucene/ivy-versions.properties b/lucene/ivy-versions.properties
index 9d3de22..8953b72 100644
--- a/lucene/ivy-versions.properties
+++ b/lucene/ivy-versions.properties
@@ -246,7 +246,7 @@ org.codehaus.janino.version = 2.7.6
 
 /org.conscrypt/conscrypt-openjdk-uber = 1.3.0
 
-org.eclipse.jetty.version = 9.4.13.v20181111
+org.eclipse.jetty.version = 9.4.14.v20181114
 /org.eclipse.jetty.http2/http2-client = ${org.eclipse.jetty.version}
 /org.eclipse.jetty.http2/http2-common = ${org.eclipse.jetty.version}
 /org.eclipse.jetty.http2/http2-hpack = ${org.eclipse.jetty.version}

http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/ae147e3e/solr/solrj/src/java/org/apache/solr/client/solrj/impl/Krb5HttpClientBuilder.java
----------------------------------------------------------------------
diff --git a/solr/solrj/src/java/org/apache/solr/client/solrj/impl/Krb5HttpClientBuilder.java
b/solr/solrj/src/java/org/apache/solr/client/solrj/impl/Krb5HttpClientBuilder.java
index a98f38f..51977d7 100644
--- a/solr/solrj/src/java/org/apache/solr/client/solrj/impl/Krb5HttpClientBuilder.java
+++ b/solr/solrj/src/java/org/apache/solr/client/solrj/impl/Krb5HttpClientBuilder.java
@@ -43,13 +43,9 @@ import org.apache.http.cookie.CookieSpecProvider;
 import org.apache.http.entity.BufferedHttpEntity;
 import org.apache.http.impl.auth.SPNegoSchemeFactory;
 import org.apache.http.impl.client.BasicCredentialsProvider;
-import org.eclipse.jetty.client.SolrAuthenticationProtocolHandler;
 import org.eclipse.jetty.client.HttpAuthenticationStore;
-import org.eclipse.jetty.client.SPNEGOAuthentication;
-import org.eclipse.jetty.client.SolrWWWAuthenticationProtocolHandler;
-import org.eclipse.jetty.client.api.Request;
-import org.eclipse.jetty.client.api.Response;
-import org.eclipse.jetty.http.HttpHeader;
+import org.eclipse.jetty.client.WWWAuthenticationProtocolHandler;
+import org.eclipse.jetty.client.util.SPNEGOAuthentication;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -130,7 +126,7 @@ public class Krb5HttpClientBuilder implements HttpClientBuilderFactory
{
     HttpAuthenticationStore authenticationStore = new HttpAuthenticationStore();
     authenticationStore.addAuthentication(createSPNEGOAuthentication());
     http2Client.getHttpClient().setAuthenticationStore(authenticationStore);
-    http2Client.getProtocolHandlers().put(new SolrWWWAuthenticationProtocolHandler(http2Client.getHttpClient()));
+    http2Client.getProtocolHandlers().put(new WWWAuthenticationProtocolHandler(http2Client.getHttpClient()));
   }
 
   public SolrHttpClientBuilder getBuilder(SolrHttpClientBuilder builder) {

http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/ae147e3e/solr/solrj/src/java/org/apache/solr/client/solrj/impl/PreemptiveBasicAuthClientBuilderFactory.java
----------------------------------------------------------------------
diff --git a/solr/solrj/src/java/org/apache/solr/client/solrj/impl/PreemptiveBasicAuthClientBuilderFactory.java
b/solr/solrj/src/java/org/apache/solr/client/solrj/impl/PreemptiveBasicAuthClientBuilderFactory.java
index 9f266f5..3ec0bfb 100644
--- a/solr/solrj/src/java/org/apache/solr/client/solrj/impl/PreemptiveBasicAuthClientBuilderFactory.java
+++ b/solr/solrj/src/java/org/apache/solr/client/solrj/impl/PreemptiveBasicAuthClientBuilderFactory.java
@@ -37,7 +37,7 @@ import org.apache.solr.common.util.StrUtils;
 import org.eclipse.jetty.client.HttpAuthenticationStore;
 import org.eclipse.jetty.client.ProxyAuthenticationProtocolHandler;
 import org.apache.solr.client.solrj.util.SolrBasicAuthentication;
-import org.eclipse.jetty.client.SolrWWWAuthenticationProtocolHandler;
+import org.eclipse.jetty.client.WWWAuthenticationProtocolHandler;
 
 /**
  * HttpClientConfigurer implementation providing support for preemptive Http Basic authentication
@@ -117,7 +117,7 @@ public class PreemptiveBasicAuthClientBuilderFactory implements HttpClientBuilde
     HttpAuthenticationStore authenticationStore = new HttpAuthenticationStore();
     authenticationStore.addAuthentication(new SolrBasicAuthentication(basicAuthUser, basicAuthPass));
     client.getHttpClient().setAuthenticationStore(authenticationStore);
-    client.getProtocolHandlers().put(new SolrWWWAuthenticationProtocolHandler(client.getHttpClient()));
+    client.getProtocolHandlers().put(new WWWAuthenticationProtocolHandler(client.getHttpClient()));
     client.getProtocolHandlers().put(new ProxyAuthenticationProtocolHandler(client.getHttpClient()));
   }
 

http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/ae147e3e/solr/solrj/src/java/org/eclipse/jetty/client/SPNEGOAuthentication.java
----------------------------------------------------------------------
diff --git a/solr/solrj/src/java/org/eclipse/jetty/client/SPNEGOAuthentication.java b/solr/solrj/src/java/org/eclipse/jetty/client/SPNEGOAuthentication.java
deleted file mode 100644
index 1afc43b..0000000
--- a/solr/solrj/src/java/org/eclipse/jetty/client/SPNEGOAuthentication.java
+++ /dev/null
@@ -1,380 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.eclipse.jetty.client;
-
-import java.io.IOException;
-import java.net.URI;
-import java.nio.file.Path;
-import java.security.PrivilegedAction;
-import java.util.Arrays;
-import java.util.Base64;
-import java.util.HashMap;
-import java.util.Locale;
-import java.util.Map;
-
-import javax.security.auth.Subject;
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.PasswordCallback;
-import javax.security.auth.login.AppConfigurationEntry;
-import javax.security.auth.login.Configuration;
-import javax.security.auth.login.LoginContext;
-import javax.security.auth.login.LoginException;
-
-import org.eclipse.jetty.client.api.AuthenticationStore;
-import org.eclipse.jetty.client.api.ContentResponse;
-import org.eclipse.jetty.client.api.Request;
-import org.eclipse.jetty.client.util.AbstractAuthentication;
-import org.eclipse.jetty.http.HttpHeader;
-import org.eclipse.jetty.util.Attributes;
-import org.eclipse.jetty.util.log.Log;
-import org.eclipse.jetty.util.log.Logger;
-import org.ietf.jgss.GSSContext;
-import org.ietf.jgss.GSSException;
-import org.ietf.jgss.GSSManager;
-import org.ietf.jgss.GSSName;
-import org.ietf.jgss.Oid;
-
-import static java.nio.charset.StandardCharsets.UTF_8;
-
-/**
- * <p>Implementation of the SPNEGO (or "Negotiate") authentication defined in RFC 4559.</p>
- * <p>A {@link #getUserName() user} is logged in via JAAS (either via userName/password
or
- * via userName/keyTab) once only.</p>
- * <p>For every request that needs authentication, a {@link GSSContext} is initiated
and
- * later established after reading the response from the server.</p>
- * <p>Applications should create objects of this class and add them to the
- * {@link AuthenticationStore} retrieved from the {@link HttpClient}
- * via {@link HttpClient#getAuthenticationStore()}.</p>
- */
-public class SPNEGOAuthentication extends AbstractAuthentication
-{
-  private static final Logger LOG = Log.getLogger(SPNEGOAuthentication.class);
-  private static final String NEGOTIATE = HttpHeader.NEGOTIATE.asString();
-
-  private final GSSManager gssManager = GSSManager.getInstance();
-  private String userName;
-  private String userPassword;
-  private Path userKeyTabPath;
-  private String serviceName;
-  private boolean useTicketCache;
-  private Path ticketCachePath;
-  private boolean renewTGT;
-
-  public SPNEGOAuthentication(URI uri)
-  {
-    super(uri, ANY_REALM);
-  }
-
-  @Override
-  public String getType()
-  {
-    return NEGOTIATE;
-  }
-
-  /**
-   * @return the user name of the user to login
-   */
-  public String getUserName()
-  {
-    return userName;
-  }
-
-  /**
-   * @param userName user name of the user to login
-   */
-  public void setUserName(String userName)
-  {
-    this.userName = userName;
-  }
-
-  /**
-   * @return the password of the user to login
-   */
-  public String getUserPassword()
-  {
-    return userPassword;
-  }
-
-  /**
-   * @param userPassword the password of the user to login
-   * @see #setUserKeyTabPath(Path)
-   */
-  public void setUserPassword(String userPassword)
-  {
-    this.userPassword = userPassword;
-  }
-
-  /**
-   * @return the path of the keyTab file with the user credentials
-   */
-  public Path getUserKeyTabPath()
-  {
-    return userKeyTabPath;
-  }
-
-  /**
-   * @param userKeyTabPath the path of the keyTab file with the user credentials
-   * @see #setUserPassword(String)
-   */
-  public void setUserKeyTabPath(Path userKeyTabPath)
-  {
-    this.userKeyTabPath = userKeyTabPath;
-  }
-
-  /**
-   * @return the name of the service to use
-   */
-  public String getServiceName()
-  {
-    return serviceName;
-  }
-
-  /**
-   * @param serviceName the name of the service to use
-   */
-  public void setServiceName(String serviceName)
-  {
-    this.serviceName = serviceName;
-  }
-
-  /**
-   * @return whether to use the ticket cache during login
-   */
-  public boolean isUseTicketCache()
-  {
-    return useTicketCache;
-  }
-
-  /**
-   * @param useTicketCache whether to use the ticket cache during login
-   * @see #setTicketCachePath(Path)
-   */
-  public void setUseTicketCache(boolean useTicketCache)
-  {
-    this.useTicketCache = useTicketCache;
-  }
-
-  /**
-   * @return the path of the ticket cache file
-   */
-  public Path getTicketCachePath()
-  {
-    return ticketCachePath;
-  }
-
-  /**
-   * @param ticketCachePath the path of the ticket cache file
-   * @see #setUseTicketCache(boolean)
-   */
-  public void setTicketCachePath(Path ticketCachePath)
-  {
-    this.ticketCachePath = ticketCachePath;
-  }
-
-  /**
-   * @return whether to renew the ticket granting ticket
-   */
-  public boolean isRenewTGT()
-  {
-    return renewTGT;
-  }
-
-  /**
-   * @param renewTGT whether to renew the ticket granting ticket
-   */
-  public void setRenewTGT(boolean renewTGT)
-  {
-    this.renewTGT = renewTGT;
-  }
-
-  @Override
-  public Result authenticate(Request request, ContentResponse response, HeaderInfo headerInfo,
Attributes context)
-  {
-    SPNEGOContext spnegoContext = (SPNEGOContext)context.getAttribute(SPNEGOContext.ATTRIBUTE);
-    if (LOG.isDebugEnabled())
-      LOG.debug("Authenticate with context {}", spnegoContext);
-    if (spnegoContext == null)
-    {
-      spnegoContext = login();
-      context.setAttribute(SPNEGOContext.ATTRIBUTE, spnegoContext);
-    }
-
-    String b64Input = headerInfo.getBase64();
-    byte[] input = b64Input == null ? new byte[0] : Base64.getDecoder().decode(b64Input);
-    byte[] output = Subject.doAs(spnegoContext.subject, initGSSContext(spnegoContext, request.getHost(),
input));
-    String b64Output = output == null ? null : new String(Base64.getEncoder().encode(output),
UTF_8);
-
-    // The result cannot be used for subsequent requests,
-    // so it always has a null URI to avoid being cached.
-    return new SPNEGOResult(null, b64Output);
-  }
-
-  private SPNEGOContext login()
-  {
-    try
-    {
-      // First login via JAAS using the Kerberos AS_REQ call, with a client user.
-      // This will populate the Subject with the client user principal and the TGT.
-      String user = getUserName();
-      if (LOG.isDebugEnabled())
-        LOG.debug("Logging in user {}", user);
-      CallbackHandler callbackHandler = new PasswordCallbackHandler();
-      LoginContext loginContext = new LoginContext("", null, callbackHandler, new SPNEGOConfiguration());
-      loginContext.login();
-      Subject subject = loginContext.getSubject();
-
-      SPNEGOContext spnegoContext = new SPNEGOContext();
-      spnegoContext.subject = subject;
-      if (LOG.isDebugEnabled())
-        LOG.debug("Initialized {}", spnegoContext);
-      return spnegoContext;
-    }
-    catch (LoginException x)
-    {
-      throw new RuntimeException(x);
-    }
-  }
-
-  private PrivilegedAction<byte[]> initGSSContext(SPNEGOContext spnegoContext, String
host, byte[] bytes)
-  {
-    return () ->
-    {
-      try
-      {
-        // The call to initSecContext with the service name will
-        // trigger the Kerberos TGS_REQ call, asking for the SGT,
-        // which will be added to the Subject credentials because
-        // initSecContext() is called from within Subject.doAs().
-        GSSContext gssContext = spnegoContext.gssContext;
-        if (gssContext == null)
-        {
-          String principal = getServiceName() + "@" + host;
-          GSSName serviceName = gssManager.createName(principal, GSSName.NT_HOSTBASED_SERVICE);
-          Oid spnegoOid = new Oid("1.3.6.1.5.5.2");
-          gssContext = gssManager.createContext(serviceName, spnegoOid, null, GSSContext.INDEFINITE_LIFETIME);
-          spnegoContext.gssContext = gssContext;
-          gssContext.requestMutualAuth(true);
-        }
-        byte[] result = gssContext.initSecContext(bytes, 0, bytes.length);
-        if (LOG.isDebugEnabled())
-          LOG.debug("{} {}", gssContext.isEstablished() ? "Initialized" : "Initializing",
gssContext);
-        return result;
-      }
-      catch (GSSException x)
-      {
-        throw new RuntimeException(x);
-      }
-    };
-  }
-
-  public static class SPNEGOResult implements Result
-  {
-    private final URI uri;
-    private final HttpHeader header;
-    private final String value;
-
-    public SPNEGOResult(URI uri, String token)
-    {
-      this(uri, HttpHeader.AUTHORIZATION, token);
-    }
-
-    public SPNEGOResult(URI uri, HttpHeader header, String token)
-    {
-      this.uri = uri;
-      this.header = header;
-      this.value = NEGOTIATE + (token == null ? "" : " " + token);
-    }
-
-    @Override
-    public URI getURI()
-    {
-      return uri;
-    }
-
-    @Override
-    public void apply(Request request)
-    {
-      request.header(header, value);
-    }
-  }
-
-  private static class SPNEGOContext
-  {
-    private static final String ATTRIBUTE = SPNEGOContext.class.getName();
-
-    private Subject subject;
-    private GSSContext gssContext;
-
-    @Override
-    public String toString()
-    {
-      return String.format(Locale.ROOT, "%s@%x[context=%s]", getClass().getSimpleName(),
hashCode(), gssContext);
-    }
-  }
-
-  private class PasswordCallbackHandler implements CallbackHandler
-  {
-    @Override
-    public void handle(Callback[] callbacks) throws IOException
-    {
-      PasswordCallback callback = Arrays.stream(callbacks)
-          .filter(PasswordCallback.class::isInstance)
-          .map(PasswordCallback.class::cast)
-          .findAny()
-          .filter(c -> c.getPrompt().contains(getUserName()))
-          .orElseThrow(IOException::new);
-      callback.setPassword(getUserPassword().toCharArray());
-    }
-  }
-
-  private class SPNEGOConfiguration extends Configuration
-  {
-    @Override
-    public AppConfigurationEntry[] getAppConfigurationEntry(String name)
-    {
-      Map<String, Object> options = new HashMap<>();
-      if (LOG.isDebugEnabled())
-        options.put("debug", "true");
-      options.put("refreshKrb5Config", "true");
-      options.put("principal", getUserName());
-      options.put("isInitiator", "true");
-      Path keyTabPath = getUserKeyTabPath();
-      if (keyTabPath != null)
-      {
-        options.put("doNotPrompt", "true");
-        options.put("useKeyTab", "true");
-        options.put("keyTab", keyTabPath.toAbsolutePath().toString());
-        options.put("storeKey", "true");
-      }
-      boolean useTicketCache = isUseTicketCache();
-      if (useTicketCache)
-      {
-        options.put("useTicketCache", "true");
-        Path ticketCachePath = getTicketCachePath();
-        if (ticketCachePath != null)
-          options.put("ticketCache", ticketCachePath.toAbsolutePath().toString());
-        options.put("renewTGT", String.valueOf(isRenewTGT()));
-      }
-
-      String moduleClass = "com.sun.security.auth.module.Krb5LoginModule";
-      AppConfigurationEntry config = new AppConfigurationEntry(moduleClass, AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
options);
-      return new AppConfigurationEntry[]{config};
-    }
-  }
-}

http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/ae147e3e/solr/solrj/src/java/org/eclipse/jetty/client/SolrAuthenticationProtocolHandler.java
----------------------------------------------------------------------
diff --git a/solr/solrj/src/java/org/eclipse/jetty/client/SolrAuthenticationProtocolHandler.java
b/solr/solrj/src/java/org/eclipse/jetty/client/SolrAuthenticationProtocolHandler.java
deleted file mode 100644
index 6d40b38..0000000
--- a/solr/solrj/src/java/org/eclipse/jetty/client/SolrAuthenticationProtocolHandler.java
+++ /dev/null
@@ -1,314 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.eclipse.jetty.client;
-
-import java.net.URI;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-import org.eclipse.jetty.client.api.Authentication;
-import org.eclipse.jetty.client.api.Authentication.HeaderInfo;
-import org.eclipse.jetty.client.api.Connection;
-import org.eclipse.jetty.client.api.ContentProvider;
-import org.eclipse.jetty.client.api.ContentResponse;
-import org.eclipse.jetty.client.api.Request;
-import org.eclipse.jetty.client.api.Response;
-import org.eclipse.jetty.client.api.Result;
-import org.eclipse.jetty.client.util.BufferingResponseListener;
-import org.eclipse.jetty.http.HttpField;
-import org.eclipse.jetty.http.HttpHeader;
-import org.eclipse.jetty.http.QuotedCSV;
-import org.eclipse.jetty.util.log.Log;
-import org.eclipse.jetty.util.log.Logger;
-
-public abstract class SolrAuthenticationProtocolHandler implements ProtocolHandler
-{
-  public static final int DEFAULT_MAX_CONTENT_LENGTH = 16*1024;
-  public static final Logger LOG = Log.getLogger(SolrAuthenticationProtocolHandler.class);
-  private final HttpClient client;
-  private final int maxContentLength;
-  private final ResponseNotifier notifier;
-
-  private static final Pattern CHALLENGE_PATTERN = Pattern.compile("(?<schemeOnly>[!#$%&'*+\\-.^_`|~0-9A-Za-z]+)|(?:(?<scheme>[!#$%&'*+\\-.^_`|~0-9A-Za-z]+)\\s+)?(?:(?<token68>[a-zA-Z0-9\\-._~+/]+=*)|(?<paramName>[!#$%&'*+\\-.^_`|~0-9A-Za-z]+)\\s*=\\s*(?:(?<paramValue>.*)))");
-
-  protected SolrAuthenticationProtocolHandler(HttpClient client, int maxContentLength)
-  {
-    this.client = client;
-    this.maxContentLength = maxContentLength;
-    this.notifier = new ResponseNotifier();
-  }
-
-  protected HttpClient getHttpClient()
-  {
-    return client;
-  }
-
-  protected abstract HttpHeader getAuthenticateHeader();
-
-  protected abstract HttpHeader getAuthorizationHeader();
-
-  protected abstract URI getAuthenticationURI(Request request);
-
-  protected abstract String getAuthenticationAttribute();
-
-  @Override
-  public Response.Listener getResponseListener()
-  {
-    // Return new instances every time to keep track of the response content
-    return new AuthenticationListener();
-  }
-
-
-  protected List<HeaderInfo> getHeaderInfo(String header) throws IllegalArgumentException
-  {
-    List<HeaderInfo> headerInfos = new ArrayList<>();
-    Matcher m;
-
-    for(String value : new QuotedCSV(true, header))
-    {
-      m = CHALLENGE_PATTERN.matcher(value);
-      if (m.matches())
-      {
-        if(m.group("schemeOnly") != null)
-        {
-          headerInfos.add(new HeaderInfo(getAuthorizationHeader(), m.group(1), new HashMap<>()));
-          continue;
-        }
-
-        if (m.group("scheme") != null)
-        {
-          headerInfos.add(new HeaderInfo(getAuthorizationHeader(), m.group("scheme"), new
HashMap<>()));
-        }
-
-        if (headerInfos.isEmpty())
-          throw new IllegalArgumentException("Parameters without auth-scheme");
-
-        Map<String, String> authParams = headerInfos.get(headerInfos.size() - 1).getParameters();
-        if (m.group("paramName") != null)
-        {
-          String paramVal = QuotedCSV.unquote(m.group("paramValue"));
-          authParams.put(m.group("paramName"), paramVal);
-        }
-        else if (m.group("token68") != null)
-        {
-          if (!authParams.isEmpty())
-            throw new IllegalArgumentException("token68 after auth-params");
-
-          authParams.put("base64", m.group("token68"));
-        }
-      }
-    }
-
-    return headerInfos;
-  }
-
-  private class AuthenticationListener extends BufferingResponseListener
-  {
-    private AuthenticationListener()
-    {
-      super(maxContentLength);
-    }
-
-    @Override
-    public void onComplete(Result result)
-    {
-      HttpRequest request = (HttpRequest)result.getRequest();
-      ContentResponse response = new HttpContentResponse(result.getResponse(), getContent(),
getMediaType(), getEncoding());
-      if (result.getResponseFailure() != null)
-      {
-        if (LOG.isDebugEnabled())
-          LOG.debug("Authentication challenge failed {}", result.getFailure());
-        forwardFailureComplete(request, result.getRequestFailure(), response, result.getResponseFailure());
-        return;
-      }
-
-      String authenticationAttribute = getAuthenticationAttribute();
-      HttpConversation conversation = request.getConversation();
-      if (conversation.getAttribute(authenticationAttribute) != null)
-      {
-        // We have already tried to authenticate, but we failed again.
-        if (LOG.isDebugEnabled())
-          LOG.debug("Bad credentials for {}", request);
-        forwardSuccessComplete(request, response);
-        return;
-      }
-
-      HttpHeader header = getAuthenticateHeader();
-      List<Authentication.HeaderInfo> headerInfos = parseAuthenticateHeader(response,
header);
-      if (headerInfos.isEmpty())
-      {
-        if (LOG.isDebugEnabled())
-          LOG.debug("Authentication challenge without {} header", header);
-        forwardFailureComplete(request, result.getRequestFailure(), response, new HttpResponseException("HTTP
protocol violation: Authentication challenge without " + header + " header", response));
-        return;
-      }
-
-      Authentication authentication = null;
-      Authentication.HeaderInfo headerInfo = null;
-      URI authURI = resolveURI(request, getAuthenticationURI(request));
-      if (authURI != null)
-      {
-        for (Authentication.HeaderInfo element : headerInfos)
-        {
-          authentication = client.getAuthenticationStore().findAuthentication(element.getType(),
authURI, element.getRealm());
-          if (authentication != null)
-          {
-            headerInfo = element;
-            break;
-          }
-        }
-      }
-      if (authentication == null)
-      {
-        if (LOG.isDebugEnabled())
-          LOG.debug("No authentication available for {}", request);
-        forwardSuccessComplete(request, response);
-        return;
-      }
-
-      ContentProvider requestContent = request.getContent();
-      if (requestContent != null && !requestContent.isReproducible())
-      {
-        if (LOG.isDebugEnabled())
-          LOG.debug("Request content not reproducible for {}", request);
-        forwardSuccessComplete(request, response);
-        return;
-      }
-
-      try
-      {
-        Authentication.Result authnResult = authentication.authenticate(request, response,
headerInfo, conversation);
-        if (LOG.isDebugEnabled())
-          LOG.debug("Authentication result {}", authnResult);
-        if (authnResult == null)
-        {
-          forwardSuccessComplete(request, response);
-          return;
-        }
-
-        conversation.setAttribute(authenticationAttribute, true);
-
-        URI requestURI = request.getURI();
-        String path = null;
-        if (requestURI == null)
-        {
-          requestURI = resolveURI(request, null);
-          path = request.getPath();
-        }
-        Request newRequest = client.copyRequest(request, requestURI);
-        if (path != null)
-          newRequest.path(path);
-
-        authnResult.apply(newRequest);
-        // Copy existing, explicitly set, authorization headers.
-        copyIfAbsent(request, newRequest, HttpHeader.AUTHORIZATION);
-        copyIfAbsent(request, newRequest, HttpHeader.PROXY_AUTHORIZATION);
-
-        AfterAuthenticationListener listener = new AfterAuthenticationListener(authnResult);
-        Connection connection = (Connection)request.getAttributes().get(Connection.class.getName());
-        if (connection != null)
-          connection.send(newRequest, listener);
-        else
-          newRequest.send(listener);
-      }
-      catch (Throwable x)
-      {
-        if (LOG.isDebugEnabled())
-          LOG.debug("Authentication failed", x);
-        forwardFailureComplete(request, null, response, x);
-      }
-    }
-
-    private URI resolveURI(HttpRequest request, URI uri)
-    {
-      if (uri != null)
-        return uri;
-      String target = request.getScheme() + "://" + request.getHost();
-      int port = request.getPort();
-      if (port > 0)
-        target += ":" + port;
-      return URI.create(target);
-    }
-
-    private void copyIfAbsent(HttpRequest oldRequest, Request newRequest, HttpHeader header)
-    {
-      HttpField field = oldRequest.getHeaders().getField(header);
-      if (field != null && !newRequest.getHeaders().contains(header))
-        newRequest.getHeaders().put(field);
-    }
-
-    private void forwardSuccessComplete(HttpRequest request, Response response)
-    {
-      HttpConversation conversation = request.getConversation();
-      conversation.updateResponseListeners(null);
-      notifier.forwardSuccessComplete(conversation.getResponseListeners(), request, response);
-    }
-
-    private void forwardFailureComplete(HttpRequest request, Throwable requestFailure, Response
response, Throwable responseFailure)
-    {
-      HttpConversation conversation = request.getConversation();
-      conversation.updateResponseListeners(null);
-      List<Response.ResponseListener> responseListeners = conversation.getResponseListeners();
-      if (responseFailure == null)
-        notifier.forwardSuccess(responseListeners, response);
-      else
-        notifier.forwardFailure(responseListeners, response, responseFailure);
-      notifier.notifyComplete(responseListeners, new Result(request, requestFailure, response,
responseFailure));
-    }
-
-    private List<Authentication.HeaderInfo> parseAuthenticateHeader(Response response,
HttpHeader header)
-    {
-      // TODO: these should be ordered by strength
-      List<Authentication.HeaderInfo> result = new ArrayList<>();
-      List<String> values = response.getHeaders().getValuesList(header);
-      for (String value : values)
-      {
-        try
-        {
-          result.addAll(getHeaderInfo(value));
-        }
-        catch(IllegalArgumentException e)
-        {
-          if (LOG.isDebugEnabled())
-            LOG.debug("Failed to parse authentication header", e);
-        }
-      }
-      return result;
-    }
-  }
-
-  private class AfterAuthenticationListener extends Response.Listener.Adapter
-  {
-    private final Authentication.Result authenticationResult;
-
-    private AfterAuthenticationListener(Authentication.Result authenticationResult)
-    {
-      this.authenticationResult = authenticationResult;
-    }
-
-    @Override
-    public void onSuccess(Response response)
-    {
-      client.getAuthenticationStore().addAuthenticationResult(authenticationResult);
-    }
-  }
-}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/ae147e3e/solr/solrj/src/java/org/eclipse/jetty/client/SolrWWWAuthenticationProtocolHandler.java
----------------------------------------------------------------------
diff --git a/solr/solrj/src/java/org/eclipse/jetty/client/SolrWWWAuthenticationProtocolHandler.java
b/solr/solrj/src/java/org/eclipse/jetty/client/SolrWWWAuthenticationProtocolHandler.java
deleted file mode 100644
index b64372a..0000000
--- a/solr/solrj/src/java/org/eclipse/jetty/client/SolrWWWAuthenticationProtocolHandler.java
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.eclipse.jetty.client;
-
-import java.net.URI;
-
-import org.eclipse.jetty.client.api.Request;
-import org.eclipse.jetty.client.api.Response;
-import org.eclipse.jetty.http.HttpHeader;
-import org.eclipse.jetty.http.HttpStatus;
-
-/**
- * <p>A protocol handler that handles the 401 response code
- * in association with the {@code WWW-Authenticate} header.</p>
- *
- * @see ProxyAuthenticationProtocolHandler
- */
-public class SolrWWWAuthenticationProtocolHandler extends SolrAuthenticationProtocolHandler
-{
-  public static final String NAME = "www-authenticate";
-  private static final String ATTRIBUTE = SolrWWWAuthenticationProtocolHandler.class.getName()
+ ".attribute";
-
-  public SolrWWWAuthenticationProtocolHandler(HttpClient client)
-  {
-    this(client, DEFAULT_MAX_CONTENT_LENGTH);
-  }
-
-  public SolrWWWAuthenticationProtocolHandler(HttpClient client, int maxContentLength)
-  {
-    super(client, maxContentLength);
-  }
-
-  @Override
-  public String getName()
-  {
-    return NAME;
-  }
-
-  @Override
-  public boolean accept(Request request, Response response)
-  {
-    return response.getStatus() == HttpStatus.UNAUTHORIZED_401;
-  }
-
-  @Override
-  protected HttpHeader getAuthenticateHeader()
-  {
-    return HttpHeader.WWW_AUTHENTICATE;
-  }
-
-  @Override
-  protected HttpHeader getAuthorizationHeader()
-  {
-    return HttpHeader.AUTHORIZATION;
-  }
-
-  @Override
-  protected URI getAuthenticationURI(Request request)
-  {
-    return request.getURI();
-  }
-
-  @Override
-  protected String getAuthenticationAttribute()
-  {
-    return ATTRIBUTE;
-  }
-}
-


Mime
View raw message