Removed experimental CredSsp auth scheme
This commit is contained in:
parent
d3e34f70c4
commit
03de3ab16c
|
@ -63,12 +63,7 @@ public enum AuthSchemes {
|
|||
* (considered to be the most secure among currently supported
|
||||
* authentication schemes).
|
||||
*/
|
||||
KERBEROS("Kerberos"),
|
||||
|
||||
/**
|
||||
* CredSSP authentication scheme defined in [MS-CSSP].
|
||||
*/
|
||||
CREDSSP("CredSSP");
|
||||
KERBEROS("Kerberos");
|
||||
|
||||
public final String ident;
|
||||
|
||||
|
|
|
@ -68,7 +68,6 @@ public class DefaultAuthenticationStrategy implements AuthenticationStrategy {
|
|||
AuthSchemes.SPNEGO.ident,
|
||||
AuthSchemes.KERBEROS.ident,
|
||||
AuthSchemes.NTLM.ident,
|
||||
AuthSchemes.CREDSSP.ident,
|
||||
AuthSchemes.DIGEST.ident,
|
||||
AuthSchemes.BASIC.ident));
|
||||
|
||||
|
|
|
@ -60,7 +60,6 @@ import org.apache.hc.client5.http.impl.DefaultRedirectStrategy;
|
|||
import org.apache.hc.client5.http.impl.DefaultSchemePortResolver;
|
||||
import org.apache.hc.client5.http.impl.auth.BasicCredentialsProvider;
|
||||
import org.apache.hc.client5.http.impl.auth.BasicSchemeFactory;
|
||||
import org.apache.hc.client5.http.impl.auth.CredSspSchemeFactory;
|
||||
import org.apache.hc.client5.http.impl.auth.DigestSchemeFactory;
|
||||
import org.apache.hc.client5.http.impl.auth.KerberosSchemeFactory;
|
||||
import org.apache.hc.client5.http.impl.auth.NTLMSchemeFactory;
|
||||
|
@ -765,7 +764,6 @@ public class Http2AsyncClientBuilder {
|
|||
authSchemeRegistryCopy = RegistryBuilder.<AuthSchemeProvider>create()
|
||||
.register(AuthSchemes.BASIC.ident, new BasicSchemeFactory())
|
||||
.register(AuthSchemes.DIGEST.ident, new DigestSchemeFactory())
|
||||
.register(AuthSchemes.CREDSSP.ident, new CredSspSchemeFactory())
|
||||
.register(AuthSchemes.NTLM.ident, new NTLMSchemeFactory())
|
||||
.register(AuthSchemes.SPNEGO.ident,
|
||||
new SPNegoSchemeFactory(KerberosConfig.DEFAULT, SystemDefaultDnsResolver.INSTANCE))
|
||||
|
|
|
@ -46,9 +46,9 @@ import org.apache.hc.client5.http.SystemDefaultDnsResolver;
|
|||
import org.apache.hc.client5.http.UserTokenHandler;
|
||||
import org.apache.hc.client5.http.async.AsyncExecChainHandler;
|
||||
import org.apache.hc.client5.http.auth.AuthSchemeProvider;
|
||||
import org.apache.hc.client5.http.auth.AuthSchemes;
|
||||
import org.apache.hc.client5.http.auth.CredentialsProvider;
|
||||
import org.apache.hc.client5.http.auth.KerberosConfig;
|
||||
import org.apache.hc.client5.http.auth.AuthSchemes;
|
||||
import org.apache.hc.client5.http.config.RequestConfig;
|
||||
import org.apache.hc.client5.http.cookie.BasicCookieStore;
|
||||
import org.apache.hc.client5.http.cookie.CookieSpecProvider;
|
||||
|
@ -65,7 +65,6 @@ import org.apache.hc.client5.http.impl.IdleConnectionEvictor;
|
|||
import org.apache.hc.client5.http.impl.NoopUserTokenHandler;
|
||||
import org.apache.hc.client5.http.impl.auth.BasicCredentialsProvider;
|
||||
import org.apache.hc.client5.http.impl.auth.BasicSchemeFactory;
|
||||
import org.apache.hc.client5.http.impl.auth.CredSspSchemeFactory;
|
||||
import org.apache.hc.client5.http.impl.auth.DigestSchemeFactory;
|
||||
import org.apache.hc.client5.http.impl.auth.KerberosSchemeFactory;
|
||||
import org.apache.hc.client5.http.impl.auth.NTLMSchemeFactory;
|
||||
|
@ -972,7 +971,6 @@ public class HttpAsyncClientBuilder {
|
|||
authSchemeRegistryCopy = RegistryBuilder.<AuthSchemeProvider>create()
|
||||
.register(AuthSchemes.BASIC.ident, new BasicSchemeFactory())
|
||||
.register(AuthSchemes.DIGEST.ident, new DigestSchemeFactory())
|
||||
.register(AuthSchemes.CREDSSP.ident, new CredSspSchemeFactory())
|
||||
.register(AuthSchemes.NTLM.ident, new NTLMSchemeFactory())
|
||||
.register(AuthSchemes.SPNEGO.ident,
|
||||
new SPNegoSchemeFactory(KerberosConfig.DEFAULT, SystemDefaultDnsResolver.INSTANCE))
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -1,82 +0,0 @@
|
|||
/*
|
||||
* ====================================================================
|
||||
* Licensed to the Apache Software Foundation (ASF) under one
|
||||
* or more contributor license agreements. See the NOTICE file
|
||||
* distributed with this work for additional information
|
||||
* regarding copyright ownership. The ASF licenses this file
|
||||
* to you under the Apache License, Version 2.0 (the
|
||||
* "License"); you may not use this file except in compliance
|
||||
* with the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
* ====================================================================
|
||||
*
|
||||
* This software consists of voluntary contributions made by many
|
||||
* individuals on behalf of the Apache Software Foundation. For more
|
||||
* information on the Apache Software Foundation, please see
|
||||
* <http://www.apache.org/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.apache.hc.client5.http.impl.auth;
|
||||
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.KeyStoreException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
|
||||
import javax.net.ssl.SSLContext;
|
||||
|
||||
import org.apache.hc.client5.http.auth.AuthScheme;
|
||||
import org.apache.hc.client5.http.auth.AuthSchemeProvider;
|
||||
import org.apache.hc.client5.http.ssl.TrustAllStrategy;
|
||||
import org.apache.hc.core5.annotation.Contract;
|
||||
import org.apache.hc.core5.annotation.Experimental;
|
||||
import org.apache.hc.core5.annotation.ThreadingBehavior;
|
||||
import org.apache.hc.core5.http.protocol.HttpContext;
|
||||
import org.apache.hc.core5.ssl.SSLContexts;
|
||||
import org.apache.hc.core5.ssl.SSLInitializationException;
|
||||
|
||||
/**
|
||||
* {@link AuthSchemeProvider} implementation that creates and initializes
|
||||
* {@link CredSspScheme} instances.
|
||||
*
|
||||
* @since 4.0
|
||||
*/
|
||||
@Contract(threading = ThreadingBehavior.STATELESS)
|
||||
@Experimental
|
||||
public class CredSspSchemeFactory implements AuthSchemeProvider
|
||||
{
|
||||
|
||||
private final SSLContext sslContext;
|
||||
|
||||
public CredSspSchemeFactory() {
|
||||
this(createDefaultContext());
|
||||
}
|
||||
|
||||
public CredSspSchemeFactory(final SSLContext sslContext) {
|
||||
this.sslContext = sslContext != null ? sslContext : createDefaultContext();
|
||||
}
|
||||
|
||||
private static SSLContext createDefaultContext() throws SSLInitializationException {
|
||||
try {
|
||||
return SSLContexts.custom()
|
||||
.loadTrustMaterial(new TrustAllStrategy())
|
||||
.build();
|
||||
} catch (final NoSuchAlgorithmException | KeyManagementException | KeyStoreException ex) {
|
||||
throw new SSLInitializationException(ex.getMessage(), ex);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public AuthScheme create(final HttpContext context) {
|
||||
return new CredSspScheme(sslContext);
|
||||
}
|
||||
|
||||
}
|
|
@ -68,7 +68,6 @@ import org.apache.hc.client5.http.impl.IdleConnectionEvictor;
|
|||
import org.apache.hc.client5.http.impl.NoopUserTokenHandler;
|
||||
import org.apache.hc.client5.http.impl.auth.BasicCredentialsProvider;
|
||||
import org.apache.hc.client5.http.impl.auth.BasicSchemeFactory;
|
||||
import org.apache.hc.client5.http.impl.auth.CredSspSchemeFactory;
|
||||
import org.apache.hc.client5.http.impl.auth.DigestSchemeFactory;
|
||||
import org.apache.hc.client5.http.impl.auth.KerberosSchemeFactory;
|
||||
import org.apache.hc.client5.http.impl.auth.NTLMSchemeFactory;
|
||||
|
@ -953,7 +952,6 @@ public class HttpClientBuilder {
|
|||
authSchemeRegistryCopy = RegistryBuilder.<AuthSchemeProvider>create()
|
||||
.register(AuthSchemes.BASIC.ident, new BasicSchemeFactory())
|
||||
.register(AuthSchemes.DIGEST.ident, new DigestSchemeFactory())
|
||||
.register(AuthSchemes.CREDSSP.ident, new CredSspSchemeFactory())
|
||||
.register(AuthSchemes.NTLM.ident, new NTLMSchemeFactory())
|
||||
.register(AuthSchemes.SPNEGO.ident, new SPNegoSchemeFactory(KerberosConfig.DEFAULT, SystemDefaultDnsResolver.INSTANCE))
|
||||
.register(AuthSchemes.KERBEROS.ident, new KerberosSchemeFactory(KerberosConfig.DEFAULT, SystemDefaultDnsResolver.INSTANCE))
|
||||
|
|
Loading…
Reference in New Issue