Removed experimental CredSsp auth scheme

This commit is contained in:
Oleg Kalnichevski 2018-11-16 10:26:16 +01:00
parent d3e34f70c4
commit 03de3ab16c
7 changed files with 2 additions and 1192 deletions

View File

@ -63,12 +63,7 @@ public enum AuthSchemes {
* (considered to be the most secure among currently supported
* authentication schemes).
*/
KERBEROS("Kerberos"),
/**
* CredSSP authentication scheme defined in [MS-CSSP].
*/
CREDSSP("CredSSP");
KERBEROS("Kerberos");
public final String ident;

View File

@ -68,7 +68,6 @@ public class DefaultAuthenticationStrategy implements AuthenticationStrategy {
AuthSchemes.SPNEGO.ident,
AuthSchemes.KERBEROS.ident,
AuthSchemes.NTLM.ident,
AuthSchemes.CREDSSP.ident,
AuthSchemes.DIGEST.ident,
AuthSchemes.BASIC.ident));

View File

@ -60,7 +60,6 @@ import org.apache.hc.client5.http.impl.DefaultRedirectStrategy;
import org.apache.hc.client5.http.impl.DefaultSchemePortResolver;
import org.apache.hc.client5.http.impl.auth.BasicCredentialsProvider;
import org.apache.hc.client5.http.impl.auth.BasicSchemeFactory;
import org.apache.hc.client5.http.impl.auth.CredSspSchemeFactory;
import org.apache.hc.client5.http.impl.auth.DigestSchemeFactory;
import org.apache.hc.client5.http.impl.auth.KerberosSchemeFactory;
import org.apache.hc.client5.http.impl.auth.NTLMSchemeFactory;
@ -765,7 +764,6 @@ public class Http2AsyncClientBuilder {
authSchemeRegistryCopy = RegistryBuilder.<AuthSchemeProvider>create()
.register(AuthSchemes.BASIC.ident, new BasicSchemeFactory())
.register(AuthSchemes.DIGEST.ident, new DigestSchemeFactory())
.register(AuthSchemes.CREDSSP.ident, new CredSspSchemeFactory())
.register(AuthSchemes.NTLM.ident, new NTLMSchemeFactory())
.register(AuthSchemes.SPNEGO.ident,
new SPNegoSchemeFactory(KerberosConfig.DEFAULT, SystemDefaultDnsResolver.INSTANCE))

View File

@ -46,9 +46,9 @@ import org.apache.hc.client5.http.SystemDefaultDnsResolver;
import org.apache.hc.client5.http.UserTokenHandler;
import org.apache.hc.client5.http.async.AsyncExecChainHandler;
import org.apache.hc.client5.http.auth.AuthSchemeProvider;
import org.apache.hc.client5.http.auth.AuthSchemes;
import org.apache.hc.client5.http.auth.CredentialsProvider;
import org.apache.hc.client5.http.auth.KerberosConfig;
import org.apache.hc.client5.http.auth.AuthSchemes;
import org.apache.hc.client5.http.config.RequestConfig;
import org.apache.hc.client5.http.cookie.BasicCookieStore;
import org.apache.hc.client5.http.cookie.CookieSpecProvider;
@ -65,7 +65,6 @@ import org.apache.hc.client5.http.impl.IdleConnectionEvictor;
import org.apache.hc.client5.http.impl.NoopUserTokenHandler;
import org.apache.hc.client5.http.impl.auth.BasicCredentialsProvider;
import org.apache.hc.client5.http.impl.auth.BasicSchemeFactory;
import org.apache.hc.client5.http.impl.auth.CredSspSchemeFactory;
import org.apache.hc.client5.http.impl.auth.DigestSchemeFactory;
import org.apache.hc.client5.http.impl.auth.KerberosSchemeFactory;
import org.apache.hc.client5.http.impl.auth.NTLMSchemeFactory;
@ -972,7 +971,6 @@ public class HttpAsyncClientBuilder {
authSchemeRegistryCopy = RegistryBuilder.<AuthSchemeProvider>create()
.register(AuthSchemes.BASIC.ident, new BasicSchemeFactory())
.register(AuthSchemes.DIGEST.ident, new DigestSchemeFactory())
.register(AuthSchemes.CREDSSP.ident, new CredSspSchemeFactory())
.register(AuthSchemes.NTLM.ident, new NTLMSchemeFactory())
.register(AuthSchemes.SPNEGO.ident,
new SPNegoSchemeFactory(KerberosConfig.DEFAULT, SystemDefaultDnsResolver.INSTANCE))

View File

@ -1,82 +0,0 @@
/*
* ====================================================================
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
*/
package org.apache.hc.client5.http.impl.auth;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.SSLContext;
import org.apache.hc.client5.http.auth.AuthScheme;
import org.apache.hc.client5.http.auth.AuthSchemeProvider;
import org.apache.hc.client5.http.ssl.TrustAllStrategy;
import org.apache.hc.core5.annotation.Contract;
import org.apache.hc.core5.annotation.Experimental;
import org.apache.hc.core5.annotation.ThreadingBehavior;
import org.apache.hc.core5.http.protocol.HttpContext;
import org.apache.hc.core5.ssl.SSLContexts;
import org.apache.hc.core5.ssl.SSLInitializationException;
/**
* {@link AuthSchemeProvider} implementation that creates and initializes
* {@link CredSspScheme} instances.
*
* @since 4.0
*/
@Contract(threading = ThreadingBehavior.STATELESS)
@Experimental
public class CredSspSchemeFactory implements AuthSchemeProvider
{
private final SSLContext sslContext;
public CredSspSchemeFactory() {
this(createDefaultContext());
}
public CredSspSchemeFactory(final SSLContext sslContext) {
this.sslContext = sslContext != null ? sslContext : createDefaultContext();
}
private static SSLContext createDefaultContext() throws SSLInitializationException {
try {
return SSLContexts.custom()
.loadTrustMaterial(new TrustAllStrategy())
.build();
} catch (final NoSuchAlgorithmException | KeyManagementException | KeyStoreException ex) {
throw new SSLInitializationException(ex.getMessage(), ex);
}
}
@Override
public AuthScheme create(final HttpContext context) {
return new CredSspScheme(sslContext);
}
}

View File

@ -68,7 +68,6 @@ import org.apache.hc.client5.http.impl.IdleConnectionEvictor;
import org.apache.hc.client5.http.impl.NoopUserTokenHandler;
import org.apache.hc.client5.http.impl.auth.BasicCredentialsProvider;
import org.apache.hc.client5.http.impl.auth.BasicSchemeFactory;
import org.apache.hc.client5.http.impl.auth.CredSspSchemeFactory;
import org.apache.hc.client5.http.impl.auth.DigestSchemeFactory;
import org.apache.hc.client5.http.impl.auth.KerberosSchemeFactory;
import org.apache.hc.client5.http.impl.auth.NTLMSchemeFactory;
@ -953,7 +952,6 @@ public class HttpClientBuilder {
authSchemeRegistryCopy = RegistryBuilder.<AuthSchemeProvider>create()
.register(AuthSchemes.BASIC.ident, new BasicSchemeFactory())
.register(AuthSchemes.DIGEST.ident, new DigestSchemeFactory())
.register(AuthSchemes.CREDSSP.ident, new CredSspSchemeFactory())
.register(AuthSchemes.NTLM.ident, new NTLMSchemeFactory())
.register(AuthSchemes.SPNEGO.ident, new SPNegoSchemeFactory(KerberosConfig.DEFAULT, SystemDefaultDnsResolver.INSTANCE))
.register(AuthSchemes.KERBEROS.ident, new KerberosSchemeFactory(KerberosConfig.DEFAULT, SystemDefaultDnsResolver.INSTANCE))