You are viewing a plain text version of this content. The canonical link for it is here.

Posted to httpclient-users@hc.apache.org by purking wp <wp...@gmail.com> on 2011/09/19 15:11:52 UTC

HttpClient 4.1.2 can not customize authentication by use the method that mentioned in "HTTP authentication and execution context" section 4.6.

When i write some code dealing with unfuddle api, i need use the Http Baisc
authentication, so i search the HttpClient Document, then i found this:

   -

   *ClientContext.TARGET_AUTH_STATE='http.auth.target-scope': *
AuthState instance
   representing the actual target authentication state. The value of this
   attribute set in the local context takes precedence over the default one.
   -

   *ClientContext.PROXY_AUTH_STATE='http.auth.proxy-scope': *
AuthState instance
   representing the actual proxy authentication state. The value of this
   attribute set in the local context takes precedence over the default one.

 Is the means  i can make a HttpContext then set a AuthState object
with ClientContext.TARGET_AUTH_STATE
key, then it can override the default one that init in
DefaultRequestDirector constructor(line 305 ~ 306 in
DefaultRequestDirector.java)?

*But when i run this method:*
    @Test
    public void unfuddle() throws IOException {
        HttpContext context = new BasicHttpContext();
        AuthState auth = new AuthState();
        auth.setAuthScheme(new BasicScheme());
        auth.setCredentials(new UsernamePasswordCredentials("wyatt",
"XXXXXXXXX"));
        auth.setAuthScope(AuthScope.ANY);

        //context.setAttribute(ClientContext.PROXY_AUTH_STATE, auth);
        context.setAttribute(ClientContext.TARGET_AUTH_STATE, auth);

System.out.println(context.getAttribute(ClientContext.TARGET_AUTH_STATE));
        try {
            String html = HttpClientManager.getInstance().fetchHTML(new
HttpGet("https://lmate.unfuddle.com/api/v1/projects.xml"), context);
        } catch(Exception e) {
            System.out.println(e.getMessage());

System.out.println(context.getAttribute(ClientContext.TARGET_AUTH_STATE));
        }
//        System.out.println(html);
    }

I get the Log:
*auth scope [<any realm>]; credentials set [true]  --- the one set by me.*
2011-09-19 20:59:27,357 [main] DEBUG
org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager  - Get
connection: HttpRoute[{s}->https://lmate.unfuddle.com], timeout = 1860000
2011-09-19 20:59:27,360 [main] DEBUG
org.apache.http.impl.conn.tsccm.ConnPoolByRoute  - [HttpRoute[{s}->
https://lmate.unfuddle.com]] total kept alive: 0, total issued: 0, total
allocated: 0 out of 200
2011-09-19 20:59:27,361 [main] DEBUG
org.apache.http.impl.conn.tsccm.ConnPoolByRoute  - No free connections
[HttpRoute[{s}->https://lmate.unfuddle.com]][null]
2011-09-19 20:59:27,361 [main] DEBUG
org.apache.http.impl.conn.tsccm.ConnPoolByRoute  - Available capacity: 30
out of 30 [HttpRoute[{s}->https://lmate.unfuddle.com]][null]
2011-09-19 20:59:27,362 [main] DEBUG
org.apache.http.impl.conn.tsccm.ConnPoolByRoute  - Creating new connection
[HttpRoute[{s}->https://lmate.unfuddle.com]]
2011-09-19 20:59:27,890 [main] DEBUG
org.apache.http.impl.conn.DefaultClientConnectionOperator  - Connecting to
lmate.unfuddle.com:443
2011-09-19 20:59:29,544 [main] DEBUG
org.apache.http.client.protocol.RequestAddCookies  - CookieSpec selected:
compatibility
2011-09-19 20:59:29,550 [main] DEBUG
org.apache.http.client.protocol.RequestAuthCache  - Auth cache not set in
the context
2011-09-19 20:59:29,550 [main] DEBUG
org.apache.http.impl.client.ContentEncodingHttpClient  - Attempt 1 to
execute request
2011-09-19 20:59:29,550 [main] DEBUG
org.apache.http.impl.conn.DefaultClientConnection  - Sending request: GET
/api/v1/projects.xml HTTP/1.1
2011-09-19 20:59:29,552 [main] DEBUG org.apache.http.headers  - >> GET
/api/v1/projects.xml HTTP/1.1
2011-09-19 20:59:29,552 [main] DEBUG org.apache.http.headers  - >> Host:
lmate.unfuddle.com
2011-09-19 20:59:29,552 [main] DEBUG org.apache.http.headers  - >>
Connection: Keep-Alive
2011-09-19 20:59:29,552 [main] DEBUG org.apache.http.headers  - >>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; he; rv:1.9.2.3)
Gecko/20100401 Firefox/3.6.3
2011-09-19 20:59:29,553 [main] DEBUG org.apache.http.headers  - >>
Accept-Encoding: gzip,deflate
2011-09-19 20:59:29,981 [main] DEBUG
org.apache.http.impl.conn.DefaultClientConnection  - Receiving response:
HTTP/1.1 401 Authorization Required
2011-09-19 20:59:29,982 [main] DEBUG org.apache.http.headers  - << HTTP/1.1
401 Authorization Required
2011-09-19 20:59:29,982 [main] DEBUG org.apache.http.headers  - << Server:
nginx/1.0.5
2011-09-19 20:59:29,982 [main] DEBUG org.apache.http.headers  - << Date:
Mon, 19 Sep 2011 12:59:29 GMT
2011-09-19 20:59:29,982 [main] DEBUG org.apache.http.headers  - <<
Content-Type: text/html; charset=utf-8
2011-09-19 20:59:29,982 [main] DEBUG org.apache.http.headers  - <<
Connection: keep-alive
2011-09-19 20:59:29,983 [main] DEBUG org.apache.http.headers  - <<
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 3.0.8
2011-09-19 20:59:29,983 [main] DEBUG org.apache.http.headers  - <<
WWW-Authenticate: Basic realm="Unfuddle API"
2011-09-19 20:59:29,983 [main] DEBUG org.apache.http.headers  - << Vary:
Accept-Encoding
2011-09-19 20:59:29,983 [main] DEBUG org.apache.http.headers  - <<
Content-Encoding: gzip
2011-09-19 20:59:29,983 [main] DEBUG org.apache.http.headers  - <<
Cache-Control: no-cache
...[cookie]
2011-09-19 20:59:29,986 [main] DEBUG org.apache.http.headers  - <<
Content-Length: 47
2011-09-19 20:59:29,986 [main] DEBUG org.apache.http.headers  - << Status:
401
...
2011-09-19 20:59:30,010 [main] DEBUG
org.apache.http.impl.client.ContentEncodingHttpClient  - Target requested
authentication
2011-09-19 20:59:30,010 [main] DEBUG
org.apache.http.impl.client.DefaultTargetAuthenticationHandler  -
Authentication schemes in the order of preference: [negotiate, NTLM, Digest,
Basic]
2011-09-19 20:59:30,010 [main] DEBUG
org.apache.http.impl.client.DefaultTargetAuthenticationHandler  - Challenge
for negotiate authentication scheme not available
2011-09-19 20:59:30,011 [main] DEBUG
org.apache.http.impl.client.DefaultTargetAuthenticationHandler  - Challenge
for NTLM authentication scheme not available
2011-09-19 20:59:30,011 [main] DEBUG
org.apache.http.impl.client.DefaultTargetAuthenticationHandler  - Challenge
for Digest authentication scheme not available
2011-09-19 20:59:30,011 [main] DEBUG
org.apache.http.impl.client.DefaultTargetAuthenticationHandler  - Basic
authentication scheme selected
2011-09-19 20:59:30,012 [main] DEBUG
org.apache.http.impl.client.ContentEncodingHttpClient  - Authorization
challenge processed
2011-09-19 20:59:30,012 [main] DEBUG
org.apache.http.impl.client.ContentEncodingHttpClient  - Authentication
scope: BASIC 'Unfuddle API'@lmate.unfuddle.com:443
2011-09-19 20:59:30,013 [main] DEBUG
org.apache.http.impl.client.ContentEncodingHttpClient  - Credentials not
found
2011-09-19 20:59:30,016 [main] DEBUG
org.apache.http.impl.conn.DefaultClientConnection  - Connection shut down
2011-09-19 20:59:30,016 [main] DEBUG
org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager  - Released
connection is not reusable.
2011-09-19 20:59:30,017 [main] DEBUG
org.apache.http.impl.conn.tsccm.ConnPoolByRoute  - Releasing connection
[HttpRoute[{s}->https://lmate.unfuddle.com]][null]
2011-09-19 20:59:30,017 [main] DEBUG
org.apache.http.impl.conn.tsccm.ConnPoolByRoute  - Notifying no-one, there
are no waiting threads
Authorization Required
*auth scope [BASIC 'Unfuddle API'@lmate.unfuddle.com:443]; credentials set
[false]  ----- the one override by **DefaultRequestDirector*


Is the AuthState object i set into HttpContext should override the
default AuthState
object?



盘巍
Wyatt Pan

Re: HttpClient 4.1.2 can not customize authentication by use the method that mentioned in "HTTP authentication and execution context" section 4.6.

Posted by Oleg Kalnichevski <ol...@apache.org>.

On Mon, 2011-09-19 at 21:11 +0800, purking wp wrote:
> When i write some code dealing with unfuddle api, i need use the Http Baisc
> authentication, so i search the HttpClient Document, then i found this:
> 
>    -
> 
>    *ClientContext.TARGET_AUTH_STATE='http.auth.target-scope': *
> AuthState instance
>    representing the actual target authentication state. The value of this
>    attribute set in the local context takes precedence over the default one.
>    -
> 
>    *ClientContext.PROXY_AUTH_STATE='http.auth.proxy-scope': *
> AuthState instance
>    representing the actual proxy authentication state. The value of this
>    attribute set in the local context takes precedence over the default one.
> 
>  Is the means  i can make a HttpContext then set a AuthState object
> with ClientContext.TARGET_AUTH_STATE
> key, then it can override the default one that init in
> DefaultRequestDirector constructor(line 305 ~ 306 in
> DefaultRequestDirector.java)?
> 

...


> Is the AuthState object i set into HttpContext should override the
> default AuthState
> object?
> 

The documentation is unfortunately wrong. One can still modify the auth
state from a protocol interceptor, though. 

Feel free to raise a JIRA for this issue.

Oleg



---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org