You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@commons.apache.org by ol...@apache.org on 2003/12/10 21:44:38 UTC
cvs commit: jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth AuthScheme.java
olegk 2003/12/10 12:44:38
Modified: httpclient/src/java/org/apache/commons/httpclient Tag:
HTTPCLIENT_2_0_BRANCH HttpMethodBase.java
httpclient/src/java/org/apache/commons/httpclient/auth Tag:
HTTPCLIENT_2_0_BRANCH AuthScheme.java
Log:
PR: #24352 (NTLM Proxy and basic host authorization)
The bug turned out to be nastier than I initially thought. Another (and hopefully the final) take at fixing it
Contributed by Oleg Kalnichevski
Reviewed By Michael Becke
Revision Changes Path
No revision
No revision
1.159.2.19 +30 -10 jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodBase.java
Index: HttpMethodBase.java
===================================================================
RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodBase.java,v
retrieving revision 1.159.2.18
retrieving revision 1.159.2.19
diff -u -r1.159.2.18 -r1.159.2.19
--- HttpMethodBase.java 3 Nov 2003 23:21:08 -0000 1.159.2.18
+++ HttpMethodBase.java 10 Dec 2003 20:44:37 -0000 1.159.2.19
@@ -75,6 +75,7 @@
import org.apache.commons.httpclient.auth.AuthenticationException;
import org.apache.commons.httpclient.auth.HttpAuthenticator;
import org.apache.commons.httpclient.auth.MalformedChallengeException;
+import org.apache.commons.httpclient.auth.NTLMScheme;
import org.apache.commons.httpclient.cookie.CookiePolicy;
import org.apache.commons.httpclient.cookie.CookieSpec;
import org.apache.commons.httpclient.cookie.MalformedCookieException;
@@ -178,12 +179,18 @@
/** Response trailer headers, if any. */
private HeaderGroup responseTrailerHeaders = new HeaderGroup();
+ /** Authentication scheme used to authenticate againt the target server */
+ private AuthScheme authScheme = null;
+
/** Realms this method tried to authenticate to */
private Set realms = null;
/** Actual authentication realm */
private String realm = null;
+ /** Authentication scheme used to authenticate againt the proxy server */
+ private AuthScheme proxyAuthScheme = null;
+
/** Proxy Realms this method tried to authenticate to */
private Set proxyRealms = null;
@@ -1191,6 +1198,9 @@
//invalidate the list of authentication attempts
this.realms.clear();
//remove exisitng authentication headers
+ if (this.proxyAuthScheme instanceof NTLMScheme) {
+ removeRequestHeader(HttpAuthenticator.PROXY_AUTH_RESP);
+ }
removeRequestHeader(HttpAuthenticator.WWW_AUTH_RESP);
//update the current location with the redirect location.
//avoiding use of URL.getPath() and URL.getQuery() to keep
@@ -1300,7 +1310,9 @@
path = null;
followRedirects = false;
doAuthentication = true;
+ authScheme = null;
realm = null;
+ proxyAuthScheme = null;
proxyRealm = null;
queryString = null;
getRequestHeaderGroup().clear();
@@ -1413,8 +1425,8 @@
HttpAuthenticator.WWW_AUTH);
if (challenges.length > 0) {
try {
- AuthScheme authscheme = HttpAuthenticator.selectAuthScheme(challenges);
- HttpAuthenticator.authenticate(authscheme, this, conn, state);
+ this.authScheme = HttpAuthenticator.selectAuthScheme(challenges);
+ HttpAuthenticator.authenticate(this.authScheme, this, conn, state);
} catch (HttpException e) {
// log and move on
if (LOG.isErrorEnabled()) {
@@ -1581,8 +1593,8 @@
HttpAuthenticator.PROXY_AUTH);
if (challenges.length > 0) {
try {
- AuthScheme authscheme = HttpAuthenticator.selectAuthScheme(challenges);
- HttpAuthenticator.authenticateProxy(authscheme, this, conn, state);
+ this.proxyAuthScheme = HttpAuthenticator.selectAuthScheme(challenges);
+ HttpAuthenticator.authenticateProxy(this.proxyAuthScheme, this, conn, state);
} catch (HttpException e) {
// log and move on
if (LOG.isErrorEnabled()) {
@@ -2475,6 +2487,12 @@
LOG.trace("enter HttpMethodBase.processAuthenticationResponse("
+ "HttpState, HttpConnection)");
+ if (this.proxyAuthScheme instanceof NTLMScheme) {
+ removeRequestHeader(HttpAuthenticator.PROXY_AUTH_RESP);
+ }
+ if (this.authScheme instanceof NTLMScheme) {
+ removeRequestHeader(HttpAuthenticator.WWW_AUTH_RESP);
+ }
int statusCode = statusLine.getStatusCode();
// handle authentication required
Header[] challenges = null;
@@ -2535,20 +2553,22 @@
realmsUsed.add(realm);
}
- removeRequestHeader(HttpAuthenticator.WWW_AUTH_RESP);
- removeRequestHeader(HttpAuthenticator.PROXY_AUTH_RESP);
try {
//remove preemptive header and reauthenticate
switch (statusCode) {
case HttpStatus.SC_UNAUTHORIZED:
+ removeRequestHeader(HttpAuthenticator.WWW_AUTH_RESP);
authenticated = HttpAuthenticator.authenticate(
authscheme, this, conn, state);
this.realm = authscheme.getRealm();
+ this.authScheme = authscheme;
break;
case HttpStatus.SC_PROXY_AUTHENTICATION_REQUIRED:
+ removeRequestHeader(HttpAuthenticator.PROXY_AUTH_RESP);
authenticated = HttpAuthenticator.authenticateProxy(
authscheme, this, conn, state);
this.proxyRealm = authscheme.getRealm();
+ this.proxyAuthScheme = authscheme;
break;
}
} catch (AuthenticationException e) {
No revision
No revision
1.4.2.1 +4 -4 jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/AuthScheme.java
Index: AuthScheme.java
===================================================================
RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/AuthScheme.java,v
retrieving revision 1.4
retrieving revision 1.4.2.1
diff -u -r1.4 -r1.4.2.1
--- AuthScheme.java 22 Apr 2003 17:00:25 -0000 1.4
+++ AuthScheme.java 10 Dec 2003 20:44:38 -0000 1.4.2.1
@@ -83,7 +83,7 @@
* </p>
* <p>
* Authentication schemes may ignore method name and URI parameters
- * if they are relevant for the given authentication mechanism
+ * if they are not relevant for the given authentication mechanism
* </p>
*
* @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org