Ported AuthPolicy and AuthScope from Commons HttpClient

git-svn-id: https://svn.apache.org/repos/asf/jakarta/httpcomponents/httpclient/trunk@527681 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Oleg Kalnichevski 2007-04-11 21:27:29 +00:00
parent 31d1001b23
commit 919eeb2933
2 changed files with 496 additions and 0 deletions

View File

@ -0,0 +1,191 @@
/*
* $HeadURL$
* $Revision$
* $Date$
*
* ====================================================================
*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
*/
package org.apache.http.auth;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.impl.auth.DigestScheme;
/**
* Authentication policy class. The Authentication policy provides corresponding
* authentication scheme interfrace for a given type of authorization challenge.
* <p>The following specifications are provided:
* <ul>
* <li><tt>Basic</tt>: Basic authentication scheme as defined in RFC2617
* (considered inherently insecure, but most widely supported)
* <li><tt>Digest</tt>: Digest authentication scheme as defined in RFC2617
* <li><tt>NTLM</tt>: The NTLM scheme is a proprietary Microsoft Windows
* Authentication protocol (considered to be the most secure among
* currently supported authentication schemes)
* </ul>
*
* @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
*
* @version $Revision$
* @since 3.0
*/
public abstract class AuthPolicy {
private static final HashMap SCHEMES = new HashMap();
private static final ArrayList SCHEME_LIST = new ArrayList();
/**
* The key used to look up the list of IDs of supported {@link AuthScheme
* authentication schemes} in their order of preference. The scheme IDs are
* stored in a {@link java.util.Collection} as {@link java.lang.String}s.
*
* <p>
* If several schemes are returned in the <tt>WWW-Authenticate</tt>
* or <tt>Proxy-Authenticate</tt> header, this parameter defines which
* {@link AuthScheme authentication schemes} takes precedence over others.
* The first item in the collection represents the most preferred
* {@link AuthScheme authentication scheme}, the last item represents the ID
* of the least preferred one.
* </p>
*
* @see org.apache.commons.httpclient.params.DefaultHttpParams
*/
public static final String AUTH_SCHEME_PRIORITY = "http.auth.scheme-priority";
/**
* The NTLM scheme is a proprietary Microsoft Windows Authentication
* protocol (considered to be the most secure among currently supported
* authentication schemes).
*/
public static final String NTLM = "NTLM";
/**
* Digest authentication scheme as defined in RFC2617.
*/
public static final String DIGEST = "Digest";
/**
* Basic authentication scheme as defined in RFC2617 (considered inherently
* insecure, but most widely supported)
*/
public static final String BASIC = "Basic";
static {
// AuthPolicy.registerAuthScheme(NTLM, NTLMScheme.class);
AuthPolicy.registerAuthScheme(DIGEST, DigestScheme.class);
AuthPolicy.registerAuthScheme(BASIC, BasicScheme.class);
}
/** Log object. */
protected static final Log LOG = LogFactory.getLog(AuthPolicy.class);
/**
* Registers a class implementing an {@link AuthScheme authentication scheme} with
* the given identifier. If a class with the given ID already exists it will be overridden.
* This ID is the same one used to retrieve the {@link AuthScheme authentication scheme}
* from {@link #getAuthScheme(String)}.
*
* <p>
* Please note that custom authentication preferences, if used, need to be updated accordingly
* for the new {@link AuthScheme authentication scheme} to take effect.
* </p>
*
* @param id the identifier for this scheme
* @param clazz the class to register
*
* @see #getAuthScheme(String)
* @see #AUTH_SCHEME_PRIORITY
*/
public static synchronized void registerAuthScheme(final String id, Class clazz) {
if (id == null) {
throw new IllegalArgumentException("Id may not be null");
}
if (clazz == null) {
throw new IllegalArgumentException("Authentication scheme class may not be null");
}
SCHEMES.put(id.toLowerCase(), clazz);
SCHEME_LIST.add(id.toLowerCase());
}
/**
* Unregisters the class implementing an {@link AuthScheme authentication scheme} with
* the given ID.
*
* @param id the ID of the class to unregister
*/
public static synchronized void unregisterAuthScheme(final String id) {
if (id == null) {
throw new IllegalArgumentException("Id may not be null");
}
SCHEMES.remove(id.toLowerCase());
SCHEME_LIST.remove(id.toLowerCase());
}
/**
* Gets the {@link AuthScheme authentication scheme} with the given ID.
*
* @param id the {@link AuthScheme authentication scheme} ID
*
* @return {@link AuthScheme authentication scheme}
*
* @throws IllegalStateException if a scheme with the ID cannot be found
*/
public static synchronized AuthScheme getAuthScheme(final String id)
throws IllegalStateException {
if (id == null) {
throw new IllegalArgumentException("Id may not be null");
}
Class clazz = (Class)SCHEMES.get(id.toLowerCase());
if (clazz != null) {
try {
return (AuthScheme)clazz.newInstance();
} catch (Exception e) {
LOG.error("Error initializing authentication scheme: " + id, e);
throw new IllegalStateException(id +
" authentication scheme implemented by " +
clazz.getName() + " could not be initialized");
}
} else {
throw new IllegalStateException("Unsupported authentication scheme " + id);
}
}
/**
* Returns a list containing all registered {@link AuthScheme authentication
* schemes} in their default order.
*
* @return {@link AuthScheme authentication scheme}
*/
public static synchronized List getDefaultAuthPrefs() {
return (List)SCHEME_LIST.clone();
}
}

View File

@ -0,0 +1,305 @@
/*
* $HeadURL$
* $Revision$
* $Date$
*
* ====================================================================
*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
*/
package org.apache.http.auth;
import org.apache.http.util.LangUtils;
/**
* The class represents an authentication scope consisting of a host name,
* a port number, a realm name and an authentication scheme name which
* {@link org.apache.commons.httpclient.Credentials} apply to.
*
* @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
* @author <a href="mailto:adrian@intencha.com">Adrian Sutton</a>
*
* @since 3.0
*/
public class AuthScope {
/**
* The <tt>null</tt> value represents any host. In the future versions of
* HttpClient the use of this parameter will be discontinued.
*/
public static final String ANY_HOST = null;
/**
* The <tt>-1</tt> value represents any port.
*/
public static final int ANY_PORT = -1;
/**
* The <tt>null</tt> value represents any realm.
*/
public static final String ANY_REALM = null;
/**
* The <tt>null</tt> value represents any authentication scheme.
*/
public static final String ANY_SCHEME = null;
/**
* Default scope matching any host, port, realm and authentication scheme.
* In the future versions of HttpClient the use of this parameter will be
* discontinued.
*/
public static final AuthScope ANY = new AuthScope(ANY_HOST, ANY_PORT, ANY_REALM, ANY_SCHEME);
/** The authentication scheme the credentials apply to. */
private String scheme = null;
/** The realm the credentials apply to. */
private String realm = null;
/** The host the credentials apply to. */
private String host = null;
/** The port the credentials apply to. */
private int port = -1;
/** Creates a new credentials scope for the given
* <tt>host</tt>, <tt>port</tt>, <tt>realm</tt>, and
* <tt>authentication scheme</tt>.
*
* @param host the host the credentials apply to. May be set
* to <tt>null</tt> if credenticals are applicable to
* any host.
* @param port the port the credentials apply to. May be set
* to negative value if credenticals are applicable to
* any port.
* @param realm the realm the credentials apply to. May be set
* to <tt>null</tt> if credenticals are applicable to
* any realm.
* @param scheme the authentication scheme the credentials apply to.
* May be set to <tt>null</tt> if credenticals are applicable to
* any authentication scheme.
*
* @since 3.0
*/
public AuthScope(final String host, int port,
final String realm, final String scheme)
{
this.host = (host == null) ? ANY_HOST: host.toLowerCase();
this.port = (port < 0) ? ANY_PORT: port;
this.realm = (realm == null) ? ANY_REALM: realm;
this.scheme = (scheme == null) ? ANY_SCHEME: scheme.toUpperCase();;
}
/** Creates a new credentials scope for the given
* <tt>host</tt>, <tt>port</tt>, <tt>realm</tt>, and any
* authentication scheme.
*
* @param host the host the credentials apply to. May be set
* to <tt>null</tt> if credenticals are applicable to
* any host.
* @param port the port the credentials apply to. May be set
* to negative value if credenticals are applicable to
* any port.
* @param realm the realm the credentials apply to. May be set
* to <tt>null</tt> if credenticals are applicable to
* any realm.
*
* @since 3.0
*/
public AuthScope(final String host, int port, final String realm) {
this(host, port, realm, ANY_SCHEME);
}
/** Creates a new credentials scope for the given
* <tt>host</tt>, <tt>port</tt>, any realm name, and any
* authentication scheme.
*
* @param host the host the credentials apply to. May be set
* to <tt>null</tt> if credenticals are applicable to
* any host.
* @param port the port the credentials apply to. May be set
* to negative value if credenticals are applicable to
* any port.
*
* @since 3.0
*/
public AuthScope(final String host, int port) {
this(host, port, ANY_REALM, ANY_SCHEME);
}
/**
* Creates a copy of the given credentials scope.
*
* @since 3.0
*/
public AuthScope(final AuthScope authscope) {
super();
if (authscope == null) {
throw new IllegalArgumentException("Scope may not be null");
}
this.host = authscope.getHost();
this.port = authscope.getPort();
this.realm = authscope.getRealm();
this.scheme = authscope.getScheme();
}
/**
* @return the host
*
* @since 3.0
*/
public String getHost() {
return this.host;
}
/**
* @return the port
*
* @since 3.0
*/
public int getPort() {
return this.port;
}
/**
* @return the realm name
*
* @since 3.0
*/
public String getRealm() {
return this.realm;
}
/**
* @return the scheme type
*
* @since 3.0
*/
public String getScheme() {
return this.scheme;
}
/**
* Tests if the authentication scopes match.
*
* @return the match factor. Negative value signifies no match.
* Non-negative signifies a match. The greater the returned value
* the closer the match.
*
* @since 3.0
*/
public int match(final AuthScope that) {
int factor = 0;
if (LangUtils.equals(this.scheme, that.scheme)) {
factor += 1;
} else {
if (this.scheme != ANY_SCHEME && that.scheme != ANY_SCHEME) {
return -1;
}
}
if (LangUtils.equals(this.realm, that.realm)) {
factor += 2;
} else {
if (this.realm != ANY_REALM && that.realm != ANY_REALM) {
return -1;
}
}
if (this.port == that.port) {
factor += 4;
} else {
if (this.port != ANY_PORT && that.port != ANY_PORT) {
return -1;
}
}
if (LangUtils.equals(this.host, that.host)) {
factor += 8;
} else {
if (this.host != ANY_HOST && that.host != ANY_HOST) {
return -1;
}
}
return factor;
}
/**
* @see java.lang.Object#equals(Object)
*/
public boolean equals(Object o) {
if (o == null) {
return false;
}
if (o == this) {
return true;
}
if (!(o instanceof AuthScope)) {
return super.equals(o);
}
AuthScope that = (AuthScope) o;
return
LangUtils.equals(this.host, that.host)
&& this.port == that.port
&& LangUtils.equals(this.realm, that.realm)
&& LangUtils.equals(this.scheme, that.scheme);
}
/**
* @see java.lang.Object#toString()
*/
public String toString() {
StringBuffer buffer = new StringBuffer();
if (this.scheme != null) {
buffer.append(this.scheme.toUpperCase());
buffer.append(' ');
}
if (this.realm != null) {
buffer.append('\'');
buffer.append(this.realm);
buffer.append('\'');
} else {
buffer.append("<any realm>");
}
if (this.host != null) {
buffer.append('@');
buffer.append(this.host);
if (this.port >= 0) {
buffer.append(':');
buffer.append(this.port);
}
}
return buffer.toString();
}
/**
* @see java.lang.Object#hashCode()
*/
public int hashCode() {
int hash = LangUtils.HASH_SEED;
hash = LangUtils.hashCode(hash, this.host);
hash = LangUtils.hashCode(hash, this.port);
hash = LangUtils.hashCode(hash, this.realm);
hash = LangUtils.hashCode(hash, this.scheme);
return hash;
}
}