You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by dk...@apache.org on 2012/05/31 22:17:39 UTC
svn commit: r1344889 - in /cxf/trunk:
rt/transports/http/src/main/java/org/apache/cxf/transport/http/
rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/
systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/
Author: dkulp
Date: Thu May 31 20:17:38 2012
New Revision: 1344889
URL: http://svn.apache.org/viewvc?rev=1344889&view=rev
Log:
[CXF-4353] Don't use the auth stuff for the proxy-auth
Consume the intput stream so a single connection can be used.
Added:
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/JettyDigestAuthTest.java (with props)
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/jettyDigestServer.xml (with props)
Modified:
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DigestAuthSupplier.java
Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java?rev=1344889&r1=1344888&r2=1344889&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java (original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java Thu May 31 20:17:38 2012
@@ -1087,9 +1087,21 @@ public class HTTPConduit
// authentication not possible => we give up
return connection;
}
+ try {
+ //try and consume any content so that the connection might be reusable
+ InputStream ins = connection.getErrorStream();
+ if (ins == null) {
+ ins = connection.getInputStream();
+ }
+ if (ins != null) {
+ IOUtils.consume(ins);
+ ins.close();
+ }
+ } catch (Throwable t) {
+ //ignore
+ }
new Headers(message).setAuthorization(authorizationToken);
cookies.writeToMessageHeaders(message);
- connection.disconnect();
return retransmit(currentURL, message, cachedStream);
}
Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DigestAuthSupplier.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DigestAuthSupplier.java?rev=1344889&r1=1344888&r2=1344889&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DigestAuthSupplier.java (original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DigestAuthSupplier.java Thu May 31 20:17:38 2012
@@ -61,10 +61,13 @@ public class DigestAuthSupplier implemen
return true;
}
- public String getAuthorization(AuthorizationPolicy authPolicy,
+ public String getAuthorization(AuthorizationPolicy authPolicy,
URL currentURL,
Message message,
String fullHeader) {
+ if (authPolicy.getUserName() == null && authPolicy.getPassword() == null) {
+ return null;
+ }
URI currentURI = URI.create(currentURL.toString());
if (fullHeader == null) {
DigestInfo di = authInfo.get(currentURI);
Added: cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/JettyDigestAuthTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/JettyDigestAuthTest.java?rev=1344889&view=auto
==============================================================================
--- cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/JettyDigestAuthTest.java (added)
+++ cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/JettyDigestAuthTest.java Thu May 31 20:17:38 2012
@@ -0,0 +1,140 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.http_jetty;
+
+import java.net.URL;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+import javax.xml.ws.BindingProvider;
+import javax.xml.ws.Endpoint;
+import javax.xml.ws.WebServiceException;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.helpers.CastUtils;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.interceptor.LoggingInInterceptor;
+import org.apache.cxf.interceptor.LoggingOutInterceptor;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.phase.AbstractPhaseInterceptor;
+import org.apache.cxf.phase.Phase;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+import org.apache.cxf.testutil.common.AbstractClientServerTestBase;
+import org.apache.cxf.transport.http.HTTPConduit;
+import org.apache.cxf.transport.http.auth.DigestAuthSupplier;
+import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
+import org.apache.hello_world_soap_http.Greeter;
+import org.apache.hello_world_soap_http.SOAPService;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+/**
+ * Tests thread pool config.
+ */
+
+public class JettyDigestAuthTest extends AbstractClientServerTestBase {
+ private static final String PORT = allocatePort(JettyDigestAuthTest.class);
+ private static final String ADDRESS = "http://localhost:" + PORT + "/SoapContext/SoapPort";
+ private static final QName SERVICE_NAME =
+ new QName("http://apache.org/hello_world_soap_http", "SOAPServiceAddressing");
+
+ private Greeter greeter;
+
+
+ public static class JettyDigestServer extends AbstractBusTestServerBase {
+ Endpoint ep;
+
+ protected void run() {
+ String configurationFile = "jettyDigestServer.xml";
+ URL configure =
+ JettyBasicAuthServer.class.getResource(configurationFile);
+ Bus bus = new SpringBusFactory().createBus(configure, true);
+ bus.getInInterceptors().add(new LoggingInInterceptor());
+ bus.getOutInterceptors().add(new LoggingOutInterceptor());
+ SpringBusFactory.setDefaultBus(bus);
+ setBus(bus);
+
+ GreeterImpl implementor = new GreeterImpl();
+ ep = Endpoint.publish(ADDRESS, implementor);
+ }
+
+ public void tearDown() throws Exception {
+ if (ep != null) {
+ ep.stop();
+ ep = null;
+ }
+ }
+ }
+
+
+ @BeforeClass
+ public static void startServers() throws Exception {
+ assertTrue("server did not launch correctly",
+ launchServer(JettyDigestServer.class, true));
+ }
+
+ @Before
+ public void setUp() throws Exception {
+ URL wsdl = getClass().getResource("/wsdl/hello_world.wsdl");
+ greeter = new SOAPService(wsdl, SERVICE_NAME).getPort(Greeter.class);
+ BindingProvider bp = (BindingProvider)greeter;
+ ClientProxy.getClient(greeter).getInInterceptors().add(new LoggingInInterceptor());
+ ClientProxy.getClient(greeter).getOutInterceptors().add(new LoggingOutInterceptor());
+ bp.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
+ ADDRESS);
+ bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "ffang");
+ bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "pswd");
+ HTTPConduit cond = (HTTPConduit)ClientProxy.getClient(greeter).getConduit();
+ cond.setAuthSupplier(new DigestAuthSupplier());
+
+ HTTPClientPolicy client = new HTTPClientPolicy();
+ ClientProxy.getClient(greeter).getOutInterceptors()
+ .add(new AbstractPhaseInterceptor<Message>(Phase.PRE_STREAM_ENDING) {
+
+ public void handleMessage(Message message) throws Fault {
+ Map<String, ?> headers = CastUtils.cast((Map<?, ?>)message.get(Message.PROTOCOL_HEADERS));
+ if (headers.containsKey("Proxy-Authorization")) {
+ throw new RuntimeException("Should not have Proxy-Authorization");
+ }
+ }
+ });
+ client.setAllowChunking(false);
+ cond.setClient(client);
+ }
+
+ @Test
+ public void testBasicAuth() throws Exception {
+ assertEquals("Hello Alice", greeter.greetMe("Alice"));
+ assertEquals("Hello Bob", greeter.greetMe("Bob"));
+
+ try {
+ BindingProvider bp = (BindingProvider)greeter;
+ bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "blah");
+ bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "foo");
+ greeter.greetMe("Alice");
+ fail("Password was wrong, should have failed");
+ } catch (WebServiceException wse) {
+ //ignore - expected
+ }
+ }
+}
Propchange: cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/JettyDigestAuthTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/JettyDigestAuthTest.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Added: cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/jettyDigestServer.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/jettyDigestServer.xml?rev=1344889&view=auto
==============================================================================
--- cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/jettyDigestServer.xml (added)
+++ cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/jettyDigestServer.xml Thu May 31 20:17:38 2012
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xsi:schemaLocation="
+http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <httpj:engine-factory bus="cxf">
+ <httpj:engine port="${testutil.ports.JettyDigestAuthTest}">
+ <httpj:handlers>
+ <bean class="org.eclipse.jetty.security.ConstraintSecurityHandler">
+ <property name="loginService" ref="securityLoginService" />
+ <property name="authMethod" value="DIGEST"/>
+ <property name="constraintMappings">
+ <list>
+ <ref bean="securityConstraintMapping" />
+ </list>
+ </property>
+ </bean>
+ </httpj:handlers>
+ </httpj:engine>
+ </httpj:engine-factory>
+
+ <bean id="securityLoginService" class="org.eclipse.jetty.security.HashLoginService">
+ <property name="name" value="WSRealm" />
+ <property name="config" value="src/test/java/org/apache/cxf/systest/http_jetty/jetty-realm.properties" />
+ </bean>
+
+ <bean id="securityConstraint" class="org.eclipse.jetty.http.security.Constraint">
+ <property name="name" value="DIGEST" />
+ <property name="roles" value="admin" />
+ <property name="authenticate" value="true" />
+ </bean>
+
+ <bean id="securityConstraintMapping" class="org.eclipse.jetty.security.ConstraintMapping">
+ <property name="constraint" ref="securityConstraint" />
+ <property name="pathSpec" value="/*" />
+ </bean>
+</beans>
+
Propchange: cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/jettyDigestServer.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/jettyDigestServer.xml
------------------------------------------------------------------------------
svn:keywords = Rev Date
Propchange: cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/jettyDigestServer.xml
------------------------------------------------------------------------------
svn:mime-type = text/xml