Ported AuthPolicy and AuthScope from Commons HttpClient
git-svn-id: https://svn.apache.org/repos/asf/jakarta/httpcomponents/httpclient/trunk@527681 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
31d1001b23
commit
919eeb2933
|
@ -0,0 +1,191 @@
|
||||||
|
/*
|
||||||
|
* $HeadURL$
|
||||||
|
* $Revision$
|
||||||
|
* $Date$
|
||||||
|
*
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one or more
|
||||||
|
* contributor license agreements. See the NOTICE file distributed with
|
||||||
|
* this work for additional information regarding copyright ownership.
|
||||||
|
* The ASF licenses this file to You under the Apache License, Version 2.0
|
||||||
|
* (the "License"); you may not use this file except in compliance with
|
||||||
|
* the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This software consists of voluntary contributions made by many
|
||||||
|
* individuals on behalf of the Apache Software Foundation. For more
|
||||||
|
* information on the Apache Software Foundation, please see
|
||||||
|
* <http://www.apache.org/>.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.apache.http.auth;
|
||||||
|
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.HashMap;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
|
import org.apache.commons.logging.Log;
|
||||||
|
import org.apache.commons.logging.LogFactory;
|
||||||
|
import org.apache.http.impl.auth.BasicScheme;
|
||||||
|
import org.apache.http.impl.auth.DigestScheme;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Authentication policy class. The Authentication policy provides corresponding
|
||||||
|
* authentication scheme interfrace for a given type of authorization challenge.
|
||||||
|
* <p>The following specifications are provided:
|
||||||
|
* <ul>
|
||||||
|
* <li><tt>Basic</tt>: Basic authentication scheme as defined in RFC2617
|
||||||
|
* (considered inherently insecure, but most widely supported)
|
||||||
|
* <li><tt>Digest</tt>: Digest authentication scheme as defined in RFC2617
|
||||||
|
* <li><tt>NTLM</tt>: The NTLM scheme is a proprietary Microsoft Windows
|
||||||
|
* Authentication protocol (considered to be the most secure among
|
||||||
|
* currently supported authentication schemes)
|
||||||
|
* </ul>
|
||||||
|
*
|
||||||
|
* @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
|
||||||
|
*
|
||||||
|
* @version $Revision$
|
||||||
|
* @since 3.0
|
||||||
|
*/
|
||||||
|
public abstract class AuthPolicy {
|
||||||
|
|
||||||
|
private static final HashMap SCHEMES = new HashMap();
|
||||||
|
private static final ArrayList SCHEME_LIST = new ArrayList();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The key used to look up the list of IDs of supported {@link AuthScheme
|
||||||
|
* authentication schemes} in their order of preference. The scheme IDs are
|
||||||
|
* stored in a {@link java.util.Collection} as {@link java.lang.String}s.
|
||||||
|
*
|
||||||
|
* <p>
|
||||||
|
* If several schemes are returned in the <tt>WWW-Authenticate</tt>
|
||||||
|
* or <tt>Proxy-Authenticate</tt> header, this parameter defines which
|
||||||
|
* {@link AuthScheme authentication schemes} takes precedence over others.
|
||||||
|
* The first item in the collection represents the most preferred
|
||||||
|
* {@link AuthScheme authentication scheme}, the last item represents the ID
|
||||||
|
* of the least preferred one.
|
||||||
|
* </p>
|
||||||
|
*
|
||||||
|
* @see org.apache.commons.httpclient.params.DefaultHttpParams
|
||||||
|
*/
|
||||||
|
public static final String AUTH_SCHEME_PRIORITY = "http.auth.scheme-priority";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The NTLM scheme is a proprietary Microsoft Windows Authentication
|
||||||
|
* protocol (considered to be the most secure among currently supported
|
||||||
|
* authentication schemes).
|
||||||
|
*/
|
||||||
|
public static final String NTLM = "NTLM";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Digest authentication scheme as defined in RFC2617.
|
||||||
|
*/
|
||||||
|
public static final String DIGEST = "Digest";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Basic authentication scheme as defined in RFC2617 (considered inherently
|
||||||
|
* insecure, but most widely supported)
|
||||||
|
*/
|
||||||
|
public static final String BASIC = "Basic";
|
||||||
|
|
||||||
|
static {
|
||||||
|
// AuthPolicy.registerAuthScheme(NTLM, NTLMScheme.class);
|
||||||
|
AuthPolicy.registerAuthScheme(DIGEST, DigestScheme.class);
|
||||||
|
AuthPolicy.registerAuthScheme(BASIC, BasicScheme.class);
|
||||||
|
}
|
||||||
|
|
||||||
|
/** Log object. */
|
||||||
|
protected static final Log LOG = LogFactory.getLog(AuthPolicy.class);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Registers a class implementing an {@link AuthScheme authentication scheme} with
|
||||||
|
* the given identifier. If a class with the given ID already exists it will be overridden.
|
||||||
|
* This ID is the same one used to retrieve the {@link AuthScheme authentication scheme}
|
||||||
|
* from {@link #getAuthScheme(String)}.
|
||||||
|
*
|
||||||
|
* <p>
|
||||||
|
* Please note that custom authentication preferences, if used, need to be updated accordingly
|
||||||
|
* for the new {@link AuthScheme authentication scheme} to take effect.
|
||||||
|
* </p>
|
||||||
|
*
|
||||||
|
* @param id the identifier for this scheme
|
||||||
|
* @param clazz the class to register
|
||||||
|
*
|
||||||
|
* @see #getAuthScheme(String)
|
||||||
|
* @see #AUTH_SCHEME_PRIORITY
|
||||||
|
*/
|
||||||
|
public static synchronized void registerAuthScheme(final String id, Class clazz) {
|
||||||
|
if (id == null) {
|
||||||
|
throw new IllegalArgumentException("Id may not be null");
|
||||||
|
}
|
||||||
|
if (clazz == null) {
|
||||||
|
throw new IllegalArgumentException("Authentication scheme class may not be null");
|
||||||
|
}
|
||||||
|
SCHEMES.put(id.toLowerCase(), clazz);
|
||||||
|
SCHEME_LIST.add(id.toLowerCase());
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Unregisters the class implementing an {@link AuthScheme authentication scheme} with
|
||||||
|
* the given ID.
|
||||||
|
*
|
||||||
|
* @param id the ID of the class to unregister
|
||||||
|
*/
|
||||||
|
public static synchronized void unregisterAuthScheme(final String id) {
|
||||||
|
if (id == null) {
|
||||||
|
throw new IllegalArgumentException("Id may not be null");
|
||||||
|
}
|
||||||
|
SCHEMES.remove(id.toLowerCase());
|
||||||
|
SCHEME_LIST.remove(id.toLowerCase());
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Gets the {@link AuthScheme authentication scheme} with the given ID.
|
||||||
|
*
|
||||||
|
* @param id the {@link AuthScheme authentication scheme} ID
|
||||||
|
*
|
||||||
|
* @return {@link AuthScheme authentication scheme}
|
||||||
|
*
|
||||||
|
* @throws IllegalStateException if a scheme with the ID cannot be found
|
||||||
|
*/
|
||||||
|
public static synchronized AuthScheme getAuthScheme(final String id)
|
||||||
|
throws IllegalStateException {
|
||||||
|
|
||||||
|
if (id == null) {
|
||||||
|
throw new IllegalArgumentException("Id may not be null");
|
||||||
|
}
|
||||||
|
Class clazz = (Class)SCHEMES.get(id.toLowerCase());
|
||||||
|
if (clazz != null) {
|
||||||
|
try {
|
||||||
|
return (AuthScheme)clazz.newInstance();
|
||||||
|
} catch (Exception e) {
|
||||||
|
LOG.error("Error initializing authentication scheme: " + id, e);
|
||||||
|
throw new IllegalStateException(id +
|
||||||
|
" authentication scheme implemented by " +
|
||||||
|
clazz.getName() + " could not be initialized");
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
throw new IllegalStateException("Unsupported authentication scheme " + id);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns a list containing all registered {@link AuthScheme authentication
|
||||||
|
* schemes} in their default order.
|
||||||
|
*
|
||||||
|
* @return {@link AuthScheme authentication scheme}
|
||||||
|
*/
|
||||||
|
public static synchronized List getDefaultAuthPrefs() {
|
||||||
|
return (List)SCHEME_LIST.clone();
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,305 @@
|
||||||
|
/*
|
||||||
|
* $HeadURL$
|
||||||
|
* $Revision$
|
||||||
|
* $Date$
|
||||||
|
*
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one or more
|
||||||
|
* contributor license agreements. See the NOTICE file distributed with
|
||||||
|
* this work for additional information regarding copyright ownership.
|
||||||
|
* The ASF licenses this file to You under the Apache License, Version 2.0
|
||||||
|
* (the "License"); you may not use this file except in compliance with
|
||||||
|
* the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This software consists of voluntary contributions made by many
|
||||||
|
* individuals on behalf of the Apache Software Foundation. For more
|
||||||
|
* information on the Apache Software Foundation, please see
|
||||||
|
* <http://www.apache.org/>.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.apache.http.auth;
|
||||||
|
|
||||||
|
import org.apache.http.util.LangUtils;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The class represents an authentication scope consisting of a host name,
|
||||||
|
* a port number, a realm name and an authentication scheme name which
|
||||||
|
* {@link org.apache.commons.httpclient.Credentials} apply to.
|
||||||
|
*
|
||||||
|
* @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
|
||||||
|
* @author <a href="mailto:adrian@intencha.com">Adrian Sutton</a>
|
||||||
|
*
|
||||||
|
* @since 3.0
|
||||||
|
*/
|
||||||
|
public class AuthScope {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The <tt>null</tt> value represents any host. In the future versions of
|
||||||
|
* HttpClient the use of this parameter will be discontinued.
|
||||||
|
*/
|
||||||
|
public static final String ANY_HOST = null;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The <tt>-1</tt> value represents any port.
|
||||||
|
*/
|
||||||
|
public static final int ANY_PORT = -1;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The <tt>null</tt> value represents any realm.
|
||||||
|
*/
|
||||||
|
public static final String ANY_REALM = null;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The <tt>null</tt> value represents any authentication scheme.
|
||||||
|
*/
|
||||||
|
public static final String ANY_SCHEME = null;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Default scope matching any host, port, realm and authentication scheme.
|
||||||
|
* In the future versions of HttpClient the use of this parameter will be
|
||||||
|
* discontinued.
|
||||||
|
*/
|
||||||
|
public static final AuthScope ANY = new AuthScope(ANY_HOST, ANY_PORT, ANY_REALM, ANY_SCHEME);
|
||||||
|
|
||||||
|
/** The authentication scheme the credentials apply to. */
|
||||||
|
private String scheme = null;
|
||||||
|
|
||||||
|
/** The realm the credentials apply to. */
|
||||||
|
private String realm = null;
|
||||||
|
|
||||||
|
/** The host the credentials apply to. */
|
||||||
|
private String host = null;
|
||||||
|
|
||||||
|
/** The port the credentials apply to. */
|
||||||
|
private int port = -1;
|
||||||
|
|
||||||
|
/** Creates a new credentials scope for the given
|
||||||
|
* <tt>host</tt>, <tt>port</tt>, <tt>realm</tt>, and
|
||||||
|
* <tt>authentication scheme</tt>.
|
||||||
|
*
|
||||||
|
* @param host the host the credentials apply to. May be set
|
||||||
|
* to <tt>null</tt> if credenticals are applicable to
|
||||||
|
* any host.
|
||||||
|
* @param port the port the credentials apply to. May be set
|
||||||
|
* to negative value if credenticals are applicable to
|
||||||
|
* any port.
|
||||||
|
* @param realm the realm the credentials apply to. May be set
|
||||||
|
* to <tt>null</tt> if credenticals are applicable to
|
||||||
|
* any realm.
|
||||||
|
* @param scheme the authentication scheme the credentials apply to.
|
||||||
|
* May be set to <tt>null</tt> if credenticals are applicable to
|
||||||
|
* any authentication scheme.
|
||||||
|
*
|
||||||
|
* @since 3.0
|
||||||
|
*/
|
||||||
|
public AuthScope(final String host, int port,
|
||||||
|
final String realm, final String scheme)
|
||||||
|
{
|
||||||
|
this.host = (host == null) ? ANY_HOST: host.toLowerCase();
|
||||||
|
this.port = (port < 0) ? ANY_PORT: port;
|
||||||
|
this.realm = (realm == null) ? ANY_REALM: realm;
|
||||||
|
this.scheme = (scheme == null) ? ANY_SCHEME: scheme.toUpperCase();;
|
||||||
|
}
|
||||||
|
|
||||||
|
/** Creates a new credentials scope for the given
|
||||||
|
* <tt>host</tt>, <tt>port</tt>, <tt>realm</tt>, and any
|
||||||
|
* authentication scheme.
|
||||||
|
*
|
||||||
|
* @param host the host the credentials apply to. May be set
|
||||||
|
* to <tt>null</tt> if credenticals are applicable to
|
||||||
|
* any host.
|
||||||
|
* @param port the port the credentials apply to. May be set
|
||||||
|
* to negative value if credenticals are applicable to
|
||||||
|
* any port.
|
||||||
|
* @param realm the realm the credentials apply to. May be set
|
||||||
|
* to <tt>null</tt> if credenticals are applicable to
|
||||||
|
* any realm.
|
||||||
|
*
|
||||||
|
* @since 3.0
|
||||||
|
*/
|
||||||
|
public AuthScope(final String host, int port, final String realm) {
|
||||||
|
this(host, port, realm, ANY_SCHEME);
|
||||||
|
}
|
||||||
|
|
||||||
|
/** Creates a new credentials scope for the given
|
||||||
|
* <tt>host</tt>, <tt>port</tt>, any realm name, and any
|
||||||
|
* authentication scheme.
|
||||||
|
*
|
||||||
|
* @param host the host the credentials apply to. May be set
|
||||||
|
* to <tt>null</tt> if credenticals are applicable to
|
||||||
|
* any host.
|
||||||
|
* @param port the port the credentials apply to. May be set
|
||||||
|
* to negative value if credenticals are applicable to
|
||||||
|
* any port.
|
||||||
|
*
|
||||||
|
* @since 3.0
|
||||||
|
*/
|
||||||
|
public AuthScope(final String host, int port) {
|
||||||
|
this(host, port, ANY_REALM, ANY_SCHEME);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates a copy of the given credentials scope.
|
||||||
|
*
|
||||||
|
* @since 3.0
|
||||||
|
*/
|
||||||
|
public AuthScope(final AuthScope authscope) {
|
||||||
|
super();
|
||||||
|
if (authscope == null) {
|
||||||
|
throw new IllegalArgumentException("Scope may not be null");
|
||||||
|
}
|
||||||
|
this.host = authscope.getHost();
|
||||||
|
this.port = authscope.getPort();
|
||||||
|
this.realm = authscope.getRealm();
|
||||||
|
this.scheme = authscope.getScheme();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return the host
|
||||||
|
*
|
||||||
|
* @since 3.0
|
||||||
|
*/
|
||||||
|
public String getHost() {
|
||||||
|
return this.host;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return the port
|
||||||
|
*
|
||||||
|
* @since 3.0
|
||||||
|
*/
|
||||||
|
public int getPort() {
|
||||||
|
return this.port;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return the realm name
|
||||||
|
*
|
||||||
|
* @since 3.0
|
||||||
|
*/
|
||||||
|
public String getRealm() {
|
||||||
|
return this.realm;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return the scheme type
|
||||||
|
*
|
||||||
|
* @since 3.0
|
||||||
|
*/
|
||||||
|
public String getScheme() {
|
||||||
|
return this.scheme;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Tests if the authentication scopes match.
|
||||||
|
*
|
||||||
|
* @return the match factor. Negative value signifies no match.
|
||||||
|
* Non-negative signifies a match. The greater the returned value
|
||||||
|
* the closer the match.
|
||||||
|
*
|
||||||
|
* @since 3.0
|
||||||
|
*/
|
||||||
|
public int match(final AuthScope that) {
|
||||||
|
int factor = 0;
|
||||||
|
if (LangUtils.equals(this.scheme, that.scheme)) {
|
||||||
|
factor += 1;
|
||||||
|
} else {
|
||||||
|
if (this.scheme != ANY_SCHEME && that.scheme != ANY_SCHEME) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (LangUtils.equals(this.realm, that.realm)) {
|
||||||
|
factor += 2;
|
||||||
|
} else {
|
||||||
|
if (this.realm != ANY_REALM && that.realm != ANY_REALM) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (this.port == that.port) {
|
||||||
|
factor += 4;
|
||||||
|
} else {
|
||||||
|
if (this.port != ANY_PORT && that.port != ANY_PORT) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (LangUtils.equals(this.host, that.host)) {
|
||||||
|
factor += 8;
|
||||||
|
} else {
|
||||||
|
if (this.host != ANY_HOST && that.host != ANY_HOST) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return factor;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see java.lang.Object#equals(Object)
|
||||||
|
*/
|
||||||
|
public boolean equals(Object o) {
|
||||||
|
if (o == null) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (o == this) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
if (!(o instanceof AuthScope)) {
|
||||||
|
return super.equals(o);
|
||||||
|
}
|
||||||
|
AuthScope that = (AuthScope) o;
|
||||||
|
return
|
||||||
|
LangUtils.equals(this.host, that.host)
|
||||||
|
&& this.port == that.port
|
||||||
|
&& LangUtils.equals(this.realm, that.realm)
|
||||||
|
&& LangUtils.equals(this.scheme, that.scheme);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see java.lang.Object#toString()
|
||||||
|
*/
|
||||||
|
public String toString() {
|
||||||
|
StringBuffer buffer = new StringBuffer();
|
||||||
|
if (this.scheme != null) {
|
||||||
|
buffer.append(this.scheme.toUpperCase());
|
||||||
|
buffer.append(' ');
|
||||||
|
}
|
||||||
|
if (this.realm != null) {
|
||||||
|
buffer.append('\'');
|
||||||
|
buffer.append(this.realm);
|
||||||
|
buffer.append('\'');
|
||||||
|
} else {
|
||||||
|
buffer.append("<any realm>");
|
||||||
|
}
|
||||||
|
if (this.host != null) {
|
||||||
|
buffer.append('@');
|
||||||
|
buffer.append(this.host);
|
||||||
|
if (this.port >= 0) {
|
||||||
|
buffer.append(':');
|
||||||
|
buffer.append(this.port);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return buffer.toString();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see java.lang.Object#hashCode()
|
||||||
|
*/
|
||||||
|
public int hashCode() {
|
||||||
|
int hash = LangUtils.HASH_SEED;
|
||||||
|
hash = LangUtils.hashCode(hash, this.host);
|
||||||
|
hash = LangUtils.hashCode(hash, this.port);
|
||||||
|
hash = LangUtils.hashCode(hash, this.realm);
|
||||||
|
hash = LangUtils.hashCode(hash, this.scheme);
|
||||||
|
return hash;
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue