You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by dk...@apache.org on 2009/03/10 15:45:10 UTC
svn commit: r752122 - in
/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http:
DigestAuthSupplier.java HTTPConduit.java HttpAuthSupplier.java
spring/HttpConduitBeanDefinitionParser.java
Author: dkulp
Date: Tue Mar 10 14:45:05 2009
New Revision: 752122
URL: http://svn.apache.org/viewvc?rev=752122&view=rev
Log:
[CXF-2100] Patch from Christof Harnischmacher applied
Modified:
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/DigestAuthSupplier.java
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthSupplier.java
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpConduitBeanDefinitionParser.java
Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/DigestAuthSupplier.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/DigestAuthSupplier.java?rev=752122&r1=752121&r2=752122&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/DigestAuthSupplier.java (original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/DigestAuthSupplier.java Tue Mar 10 14:45:05 2009
@@ -50,6 +50,15 @@
}
Map<URL, DigestInfo> authInfo = new ConcurrentHashMap<URL, DigestInfo>();
+
+ /**
+ * {@inheritDoc}
+ * With digest, the nonce could expire and thus a rechallenge will be issued.
+ * Thus, we need requests cached to be able to handle that
+ */
+ public boolean requiresRequestCaching() {
+ return true;
+ }
@Override
public String getAuthorizationForRealm(HTTPConduit conduit, URL currentURL,
@@ -105,20 +114,16 @@
}
private String getPassword(HTTPConduit conduit, Message message) {
- AuthorizationPolicy policy
- = (AuthorizationPolicy)message.getContextualProperty(AuthorizationPolicy.class.getName());
- if (policy == null) {
- policy = conduit.getAuthorization();
- }
- if (policy != null
- && (!policy.isSetAuthorizationType()
- || "Digest".equals(policy.getAuthorizationType()))) {
- return policy.getUserName();
- }
- return null;
+ AuthorizationPolicy policy = getPolicy(conduit, message);
+ return policy != null ? policy.getPassword() : null;
}
private String getUsername(HTTPConduit conduit, Message message) {
+ AuthorizationPolicy policy = getPolicy(conduit, message);
+ return policy != null ? policy.getUserName() : null;
+ }
+
+ private AuthorizationPolicy getPolicy(HTTPConduit conduit, Message message) {
AuthorizationPolicy policy
= (AuthorizationPolicy)message.getContextualProperty(AuthorizationPolicy.class.getName());
if (policy == null) {
@@ -127,12 +132,11 @@
if (policy != null
&& (!policy.isSetAuthorizationType()
|| "Digest".equals(policy.getAuthorizationType()))) {
- return policy.getPassword();
+ return policy;
}
return null;
}
-
class DigestInfo {
String qop;
String realm;
@@ -183,12 +187,17 @@
serverDigestValue = encode(digester.digest(serverDigestValue.getBytes("US-ASCII")));
StringBuilder builder = new StringBuilder("Digest ");
if (qop != null) {
- builder.append("qop=auth, ");
+ builder.append("qop=\"auth\", ");
}
builder.append("realm=\"")
- .append(realm).append("\", opaque=\"")
- .append(opaque)
- .append("\", nonce=\"")
+ .append(realm);
+
+ if (opaque != null) {
+ builder.append("\", opaque=\"")
+ .append(opaque);
+ }
+
+ builder.append("\", nonce=\"")
.append(nonce)
.append("\", uri=\"")
.append(uri)
Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java?rev=752122&r1=752121&r2=752122&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java (original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java Tue Mar 10 14:45:05 2009
@@ -531,18 +531,18 @@
if (authSupplier != null) {
String auth = authSupplier.getPreemptiveAuthorization(
this, currentURL, message);
- if (auth == null) {
+ if (auth == null || authSupplier.requiresRequestCaching()) {
needToCacheRequest = true;
isChunking = false;
- LOG.log(Level.INFO,
- "Auth Supplier, but no Premeptive User Pass."
+ LOG.log(Level.FINE,
+ "Auth Supplier, but no Premeptive User Pass or Digest auth (nonce may be stale)"
+ " We must cache request.");
}
message.put("AUTH_VALUE", auth);
}
if (getClient().isAutoRedirect()) {
needToCacheRequest = true;
- LOG.log(Level.INFO, "AutoRedirect is turned on.");
+ LOG.log(Level.FINE, "AutoRedirect is turned on.");
}
if (!connection.getRequestMethod().equals("GET")
&& getClient().isAllowChunking()) {
@@ -654,8 +654,8 @@
} catch (UntrustedURLConnectionIOException untrustedEx) {
// This cast covers HttpsURLConnection as well.
((HttpURLConnection)connection).disconnect();
- if (LOG.isLoggable(Level.INFO)) {
- LOG.log(Level.INFO, "Trust Decider "
+ if (LOG.isLoggable(Level.FINE)) {
+ LOG.log(Level.FINE, "Trust Decider "
+ trustDecider.getLogicalName()
+ " considers Conduit "
+ getConduitName()
@@ -954,7 +954,7 @@
private synchronized void releaseDecoupledDestination() {
if (--decoupledDestinationRefCount == 0) {
- LOG.log(Level.INFO, "shutting down decoupled destination");
+ LOG.log(Level.FINE, "shutting down decoupled destination");
decoupledDestination.shutdown();
//this way we can release the port of decoupled destination
@@ -1108,8 +1108,8 @@
if (authString != null) {
headers.put("Authorization",
createMutableList(authString));
- return;
}
+ return;
}
String userName = null;
String passwd = null;
@@ -2168,5 +2168,3 @@
}
}
-
-
Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthSupplier.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthSupplier.java?rev=752122&r1=752121&r2=752122&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthSupplier.java (original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HttpAuthSupplier.java Tue Mar 10 14:45:05 2009
@@ -78,6 +78,12 @@
return logicalName;
}
+ /**
+ * If the supplier requires the request to be cached to be resent, return true
+ */
+ public boolean requiresRequestCaching() {
+ return false;
+ }
/**
* The HTTPConduit makes a call to this method before connecting
Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpConduitBeanDefinitionParser.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpConduitBeanDefinitionParser.java?rev=752122&r1=752121&r2=752122&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpConduitBeanDefinitionParser.java (original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpConduitBeanDefinitionParser.java Tue Mar 10 14:45:05 2009
@@ -85,6 +85,8 @@
// Schema should require that no more than one each of these exist.
if ("trustDecider".equals(elementName)) {
mapBeanOrClassElement((Element)n, bean, MessageTrustDecider.class);
+ } else if ("authSupplier".equals(elementName)) {
+ mapBeanOrClassElement((Element)n, bean, HttpAuthSupplier.class);
} else if ("basicAuthSupplier".equals(elementName)) {
mapBeanOrClassElement((Element)n, bean, HttpAuthSupplier.class);
} else if ("tlsClientParameters".equals(elementName)) {