diff --git a/src/java/org/apache/http/auth/AuthPolicy.java b/src/java/org/apache/http/auth/AuthPolicy.java new file mode 100644 index 000000000..2278468b6 --- /dev/null +++ b/src/java/org/apache/http/auth/AuthPolicy.java @@ -0,0 +1,191 @@ +/* + * $HeadURL$ + * $Revision$ + * $Date$ + * + * ==================================================================== + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ==================================================================== + * + * This software consists of voluntary contributions made by many + * individuals on behalf of the Apache Software Foundation. For more + * information on the Apache Software Foundation, please see + * . + * + */ + +package org.apache.http.auth; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.http.impl.auth.BasicScheme; +import org.apache.http.impl.auth.DigestScheme; + +/** + * Authentication policy class. The Authentication policy provides corresponding + * authentication scheme interfrace for a given type of authorization challenge. + *

The following specifications are provided: + *

+ * + * @author Oleg Kalnichevski + * + * @version $Revision$ + * @since 3.0 + */ +public abstract class AuthPolicy { + + private static final HashMap SCHEMES = new HashMap(); + private static final ArrayList SCHEME_LIST = new ArrayList(); + + /** + * The key used to look up the list of IDs of supported {@link AuthScheme + * authentication schemes} in their order of preference. The scheme IDs are + * stored in a {@link java.util.Collection} as {@link java.lang.String}s. + * + *

+ * If several schemes are returned in the WWW-Authenticate + * or Proxy-Authenticate header, this parameter defines which + * {@link AuthScheme authentication schemes} takes precedence over others. + * The first item in the collection represents the most preferred + * {@link AuthScheme authentication scheme}, the last item represents the ID + * of the least preferred one. + *

+ * + * @see org.apache.commons.httpclient.params.DefaultHttpParams + */ + public static final String AUTH_SCHEME_PRIORITY = "http.auth.scheme-priority"; + + /** + * The NTLM scheme is a proprietary Microsoft Windows Authentication + * protocol (considered to be the most secure among currently supported + * authentication schemes). + */ + public static final String NTLM = "NTLM"; + + /** + * Digest authentication scheme as defined in RFC2617. + */ + public static final String DIGEST = "Digest"; + + /** + * Basic authentication scheme as defined in RFC2617 (considered inherently + * insecure, but most widely supported) + */ + public static final String BASIC = "Basic"; + + static { +// AuthPolicy.registerAuthScheme(NTLM, NTLMScheme.class); + AuthPolicy.registerAuthScheme(DIGEST, DigestScheme.class); + AuthPolicy.registerAuthScheme(BASIC, BasicScheme.class); + } + + /** Log object. */ + protected static final Log LOG = LogFactory.getLog(AuthPolicy.class); + + /** + * Registers a class implementing an {@link AuthScheme authentication scheme} with + * the given identifier. If a class with the given ID already exists it will be overridden. + * This ID is the same one used to retrieve the {@link AuthScheme authentication scheme} + * from {@link #getAuthScheme(String)}. + * + *

+ * Please note that custom authentication preferences, if used, need to be updated accordingly + * for the new {@link AuthScheme authentication scheme} to take effect. + *

+ * + * @param id the identifier for this scheme + * @param clazz the class to register + * + * @see #getAuthScheme(String) + * @see #AUTH_SCHEME_PRIORITY + */ + public static synchronized void registerAuthScheme(final String id, Class clazz) { + if (id == null) { + throw new IllegalArgumentException("Id may not be null"); + } + if (clazz == null) { + throw new IllegalArgumentException("Authentication scheme class may not be null"); + } + SCHEMES.put(id.toLowerCase(), clazz); + SCHEME_LIST.add(id.toLowerCase()); + } + + /** + * Unregisters the class implementing an {@link AuthScheme authentication scheme} with + * the given ID. + * + * @param id the ID of the class to unregister + */ + public static synchronized void unregisterAuthScheme(final String id) { + if (id == null) { + throw new IllegalArgumentException("Id may not be null"); + } + SCHEMES.remove(id.toLowerCase()); + SCHEME_LIST.remove(id.toLowerCase()); + } + + /** + * Gets the {@link AuthScheme authentication scheme} with the given ID. + * + * @param id the {@link AuthScheme authentication scheme} ID + * + * @return {@link AuthScheme authentication scheme} + * + * @throws IllegalStateException if a scheme with the ID cannot be found + */ + public static synchronized AuthScheme getAuthScheme(final String id) + throws IllegalStateException { + + if (id == null) { + throw new IllegalArgumentException("Id may not be null"); + } + Class clazz = (Class)SCHEMES.get(id.toLowerCase()); + if (clazz != null) { + try { + return (AuthScheme)clazz.newInstance(); + } catch (Exception e) { + LOG.error("Error initializing authentication scheme: " + id, e); + throw new IllegalStateException(id + + " authentication scheme implemented by " + + clazz.getName() + " could not be initialized"); + } + } else { + throw new IllegalStateException("Unsupported authentication scheme " + id); + } + } + + /** + * Returns a list containing all registered {@link AuthScheme authentication + * schemes} in their default order. + * + * @return {@link AuthScheme authentication scheme} + */ + public static synchronized List getDefaultAuthPrefs() { + return (List)SCHEME_LIST.clone(); + } +} diff --git a/src/java/org/apache/http/auth/AuthScope.java b/src/java/org/apache/http/auth/AuthScope.java new file mode 100644 index 000000000..7a3d5b74a --- /dev/null +++ b/src/java/org/apache/http/auth/AuthScope.java @@ -0,0 +1,305 @@ +/* + * $HeadURL$ + * $Revision$ + * $Date$ + * + * ==================================================================== + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ==================================================================== + * + * This software consists of voluntary contributions made by many + * individuals on behalf of the Apache Software Foundation. For more + * information on the Apache Software Foundation, please see + * . + * + */ + +package org.apache.http.auth; + +import org.apache.http.util.LangUtils; + +/** + * The class represents an authentication scope consisting of a host name, + * a port number, a realm name and an authentication scheme name which + * {@link org.apache.commons.httpclient.Credentials} apply to. + * + * @author Oleg Kalnichevski + * @author Adrian Sutton + * + * @since 3.0 + */ +public class AuthScope { + + /** + * The null value represents any host. In the future versions of + * HttpClient the use of this parameter will be discontinued. + */ + public static final String ANY_HOST = null; + + /** + * The -1 value represents any port. + */ + public static final int ANY_PORT = -1; + + /** + * The null value represents any realm. + */ + public static final String ANY_REALM = null; + + /** + * The null value represents any authentication scheme. + */ + public static final String ANY_SCHEME = null; + + /** + * Default scope matching any host, port, realm and authentication scheme. + * In the future versions of HttpClient the use of this parameter will be + * discontinued. + */ + public static final AuthScope ANY = new AuthScope(ANY_HOST, ANY_PORT, ANY_REALM, ANY_SCHEME); + + /** The authentication scheme the credentials apply to. */ + private String scheme = null; + + /** The realm the credentials apply to. */ + private String realm = null; + + /** The host the credentials apply to. */ + private String host = null; + + /** The port the credentials apply to. */ + private int port = -1; + + /** Creates a new credentials scope for the given + * host, port, realm, and + * authentication scheme. + * + * @param host the host the credentials apply to. May be set + * to null if credenticals are applicable to + * any host. + * @param port the port the credentials apply to. May be set + * to negative value if credenticals are applicable to + * any port. + * @param realm the realm the credentials apply to. May be set + * to null if credenticals are applicable to + * any realm. + * @param scheme the authentication scheme the credentials apply to. + * May be set to null if credenticals are applicable to + * any authentication scheme. + * + * @since 3.0 + */ + public AuthScope(final String host, int port, + final String realm, final String scheme) + { + this.host = (host == null) ? ANY_HOST: host.toLowerCase(); + this.port = (port < 0) ? ANY_PORT: port; + this.realm = (realm == null) ? ANY_REALM: realm; + this.scheme = (scheme == null) ? ANY_SCHEME: scheme.toUpperCase();; + } + + /** Creates a new credentials scope for the given + * host, port, realm, and any + * authentication scheme. + * + * @param host the host the credentials apply to. May be set + * to null if credenticals are applicable to + * any host. + * @param port the port the credentials apply to. May be set + * to negative value if credenticals are applicable to + * any port. + * @param realm the realm the credentials apply to. May be set + * to null if credenticals are applicable to + * any realm. + * + * @since 3.0 + */ + public AuthScope(final String host, int port, final String realm) { + this(host, port, realm, ANY_SCHEME); + } + + /** Creates a new credentials scope for the given + * host, port, any realm name, and any + * authentication scheme. + * + * @param host the host the credentials apply to. May be set + * to null if credenticals are applicable to + * any host. + * @param port the port the credentials apply to. May be set + * to negative value if credenticals are applicable to + * any port. + * + * @since 3.0 + */ + public AuthScope(final String host, int port) { + this(host, port, ANY_REALM, ANY_SCHEME); + } + + /** + * Creates a copy of the given credentials scope. + * + * @since 3.0 + */ + public AuthScope(final AuthScope authscope) { + super(); + if (authscope == null) { + throw new IllegalArgumentException("Scope may not be null"); + } + this.host = authscope.getHost(); + this.port = authscope.getPort(); + this.realm = authscope.getRealm(); + this.scheme = authscope.getScheme(); + } + + /** + * @return the host + * + * @since 3.0 + */ + public String getHost() { + return this.host; + } + + /** + * @return the port + * + * @since 3.0 + */ + public int getPort() { + return this.port; + } + + /** + * @return the realm name + * + * @since 3.0 + */ + public String getRealm() { + return this.realm; + } + + /** + * @return the scheme type + * + * @since 3.0 + */ + public String getScheme() { + return this.scheme; + } + + /** + * Tests if the authentication scopes match. + * + * @return the match factor. Negative value signifies no match. + * Non-negative signifies a match. The greater the returned value + * the closer the match. + * + * @since 3.0 + */ + public int match(final AuthScope that) { + int factor = 0; + if (LangUtils.equals(this.scheme, that.scheme)) { + factor += 1; + } else { + if (this.scheme != ANY_SCHEME && that.scheme != ANY_SCHEME) { + return -1; + } + } + if (LangUtils.equals(this.realm, that.realm)) { + factor += 2; + } else { + if (this.realm != ANY_REALM && that.realm != ANY_REALM) { + return -1; + } + } + if (this.port == that.port) { + factor += 4; + } else { + if (this.port != ANY_PORT && that.port != ANY_PORT) { + return -1; + } + } + if (LangUtils.equals(this.host, that.host)) { + factor += 8; + } else { + if (this.host != ANY_HOST && that.host != ANY_HOST) { + return -1; + } + } + return factor; + } + + /** + * @see java.lang.Object#equals(Object) + */ + public boolean equals(Object o) { + if (o == null) { + return false; + } + if (o == this) { + return true; + } + if (!(o instanceof AuthScope)) { + return super.equals(o); + } + AuthScope that = (AuthScope) o; + return + LangUtils.equals(this.host, that.host) + && this.port == that.port + && LangUtils.equals(this.realm, that.realm) + && LangUtils.equals(this.scheme, that.scheme); + } + + /** + * @see java.lang.Object#toString() + */ + public String toString() { + StringBuffer buffer = new StringBuffer(); + if (this.scheme != null) { + buffer.append(this.scheme.toUpperCase()); + buffer.append(' '); + } + if (this.realm != null) { + buffer.append('\''); + buffer.append(this.realm); + buffer.append('\''); + } else { + buffer.append(""); + } + if (this.host != null) { + buffer.append('@'); + buffer.append(this.host); + if (this.port >= 0) { + buffer.append(':'); + buffer.append(this.port); + } + } + return buffer.toString(); + } + + /** + * @see java.lang.Object#hashCode() + */ + public int hashCode() { + int hash = LangUtils.HASH_SEED; + hash = LangUtils.hashCode(hash, this.host); + hash = LangUtils.hashCode(hash, this.port); + hash = LangUtils.hashCode(hash, this.realm); + hash = LangUtils.hashCode(hash, this.scheme); + return hash; + } +}