You are viewing a plain text version of this content. The canonical link for it is here.
Posted to xmlrpc-dev@ws.apache.org by rh...@apache.org on 2003/01/29 01:46:39 UTC
cvs commit: xml-rpc/src/java/org/apache/xmlrpc/util HttpUtil.java
rhoegg 2003/01/28 16:46:38
Modified: src/java/org/apache/xmlrpc DefaultXmlRpcTransport.java
DefaultXmlRpcTransportFactory.java
LiteXmlRpcTransport.java XmlRpcClient.java
XmlRpcClientLite.java
Added: src/java/org/apache/xmlrpc/util HttpUtil.java
Log:
Refactored HTTP Basic Authentication handling in XmlRpcClient,
DefaultXmlRpcClient, and LiteXmlRpcClient. Added HttpUtil class to
encapsulate the ancoding of the authentication information.
Revision Changes Path
1.2 +16 -1 xml-rpc/src/java/org/apache/xmlrpc/DefaultXmlRpcTransport.java
Index: DefaultXmlRpcTransport.java
===================================================================
RCS file: /home/cvs/xml-rpc/src/java/org/apache/xmlrpc/DefaultXmlRpcTransport.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- DefaultXmlRpcTransport.java 5 Dec 2002 08:49:24 -0000 1.1
+++ DefaultXmlRpcTransport.java 29 Jan 2003 00:46:37 -0000 1.2
@@ -59,6 +59,7 @@
import java.io.IOException;
import java.net.URL;
import java.net.URLConnection;
+import org.apache.xmlrpc.util.HttpUtil;
/**
* Interface from XML-RPC to the default HTTP transport based on the
@@ -66,6 +67,7 @@
*
* @author <a href="mailto:hannes@apache.org">Hannes Wallnoefer</a>
* @author <a href="mailto:andrew@kungfoocoder.org">Andrew Evers</a>
+ * @author <a href="mailto:rhoegg@isisnetworks.net">Ryan Hoegg</a>
* @version $Id$
* @since 1.2
*/
@@ -78,6 +80,8 @@
* Create a new DefaultXmlRpcTransport with the specified URL and basic
* authorization string.
*
+ * @deprecated Use setBasicAuthentication instead of passing an encoded authentication String.
+ *
* @param url the url to POST XML-RPC requests to.
* @param auth the Base64 encoded HTTP Basic authentication value.
*/
@@ -117,5 +121,16 @@
out.flush();
out.close();
return con.getInputStream();
+ }
+
+ /**
+ * Sets Authentication for this client. This will be sent as Basic
+ * Authentication header to the server as described in
+ * <a href="http://www.ietf.org/rfc/rfc2617.txt">
+ * http://www.ietf.org/rfc/rfc2617.txt</a>.
+ */
+ public void setBasicAuthentication(String user, String password)
+ {
+ auth = HttpUtil.encodeBasicAuthentication(user, password);
}
}
1.2 +21 -4 xml-rpc/src/java/org/apache/xmlrpc/DefaultXmlRpcTransportFactory.java
Index: DefaultXmlRpcTransportFactory.java
===================================================================
RCS file: /home/cvs/xml-rpc/src/java/org/apache/xmlrpc/DefaultXmlRpcTransportFactory.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- DefaultXmlRpcTransportFactory.java 28 Jan 2003 10:34:36 -0000 1.1
+++ DefaultXmlRpcTransportFactory.java 29 Jan 2003 00:46:37 -0000 1.2
@@ -63,6 +63,7 @@
import java.util.Hashtable;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
+import org.apache.xmlrpc.util.HttpUtil;
/**
* Default XML-RPC transport factory, produces HTTP, HTTPS with SSL or TLS based on URI protocol.
@@ -158,12 +159,17 @@
public DefaultXmlRpcTransportFactory(URL url)
{
- this(url, null);
+ this.url = url;
}
-
+
+ /**
+ * Contructor taking a Base64 encoded Basic Authentication string.
+ *
+ * @deprecated use setBasicAuthentication method instead
+ */
public DefaultXmlRpcTransportFactory(URL url, String auth)
{
- this.url = url;
+ this(url);
this.auth = auth;
}
@@ -188,6 +194,17 @@
return new DefaultXmlRpcTransport(url);
}
+ /**
+ * Sets Authentication for this client. This will be sent as Basic
+ * Authentication header to the server as described in
+ * <a href="http://www.ietf.org/rfc/rfc2617.txt">
+ * http://www.ietf.org/rfc/rfc2617.txt</a>.
+ */
+ public void setBasicAuthentication(String user, String password)
+ {
+ auth = HttpUtil.encodeBasicAuthentication(user, password);
+ }
+
public URL getURL()
{
return url;
1.2 +16 -3 xml-rpc/src/java/org/apache/xmlrpc/LiteXmlRpcTransport.java
Index: LiteXmlRpcTransport.java
===================================================================
RCS file: /home/cvs/xml-rpc/src/java/org/apache/xmlrpc/LiteXmlRpcTransport.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- LiteXmlRpcTransport.java 5 Dec 2002 08:49:24 -0000 1.1
+++ LiteXmlRpcTransport.java 29 Jan 2003 00:46:37 -0000 1.2
@@ -65,6 +65,7 @@
import java.util.Hashtable;
import java.util.Vector;
import java.util.StringTokenizer;
+import org.apache.xmlrpc.util.HttpUtil;
/**
* Interface from XML-RPC to a 'lite' HTTP implementation. This class will use
@@ -79,6 +80,7 @@
{
String hostname;
String host;
+ protected String auth = null;
int port;
String uri;
Socket socket = null;
@@ -220,9 +222,9 @@
output.write("Connection: Keep-Alive\r\n".getBytes());
}
output.write("Content-Type: text/xml\r\n".getBytes());
- if (XmlRpcClientLite.auth != null)
+ if (auth != null)
{
- output.write(("Authorization: Basic " + XmlRpcClientLite.auth + "\r\n")
+ output.write(("Authorization: Basic " + auth + "\r\n")
.getBytes());
}
output.write(("Content-Length: " + request.length)
@@ -286,6 +288,17 @@
while (line != null && ! line.equals(""))
;
return new ServerInputStream(input, contentLength);
+ }
+
+ /**
+ * Sets Authentication for this client. This will be sent as Basic
+ * Authentication header to the server as described in
+ * <a href="http://www.ietf.org/rfc/rfc2617.txt">
+ * http://www.ietf.org/rfc/rfc2617.txt</a>.
+ */
+ public void setBasicAuthentication(String user, String password)
+ {
+ auth = HttpUtil.encodeBasicAuthentication(user, password);
}
/**
1.17 +49 -14 xml-rpc/src/java/org/apache/xmlrpc/XmlRpcClient.java
Index: XmlRpcClient.java
===================================================================
RCS file: /home/cvs/xml-rpc/src/java/org/apache/xmlrpc/XmlRpcClient.java,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- XmlRpcClient.java 28 Jan 2003 10:34:36 -0000 1.16
+++ XmlRpcClient.java 29 Jan 2003 00:46:37 -0000 1.17
@@ -77,12 +77,16 @@
*
* @author <a href="mailto:hannes@apache.org">Hannes Wallnoefer</a>
* @author <a href="mailto:andrew@kungfoocoder.org">Andrew Evers</a>
+ * @author <a href="mailto:rhoegg@isisnetworks.net">Ryan Hoegg</a>
* @version $Id$
*/
public class XmlRpcClient implements XmlRpcHandler
{
protected URL url;
- private String auth;
+
+ // stored user and password for deprecated setBasicAuthentication method
+ private String storedUser;
+ private String storedPassword;
// pool of worker instances
protected Stack pool = new Stack();
@@ -144,18 +148,22 @@
* Authentication header to the server as described in
* <a href="http://www.ietf.org/rfc/rfc2617.txt">
* http://www.ietf.org/rfc/rfc2617.txt</a>.
+ *
+ * @deprecated Authentication is now handled by each XmlRpcTransport
+ * @see DefaultXmlRpcTransport
+ * @see LiteXmlRpcTransport
+ * @see CommonsXmlRpcTransport
*/
public void setBasicAuthentication(String user, String password)
{
- if (user == null || password == null)
- {
- auth = null;
- }
- else
- {
- auth = new String(Base64.encode((user + ':' + password)
- .getBytes())).trim();
- }
+ /*
+ * Store for use in execute(XmlRpcClientRequest, XmlRpcTransport) and
+ * XmlRpcClientWorker.execute(XmlRpcClientRequest, XmlRpcTransport)
+ *
+ * Will be unnecessary once this method is removed.
+ */
+ storedUser = user;
+ storedPassword = password;
}
/**
@@ -169,7 +177,20 @@
public Object execute(String method, Vector params)
throws XmlRpcException, IOException
{
- return execute(new XmlRpcRequest(method, params));
+ /* Setting user and password on transport if setBasicAuthentication was
+ * used and there is no XmlRpcTransportFactory. As setBasicAuthentication
+ * is deprecated, this should be removed in a future version.
+ */
+ if ((storedUser != null) && (storedPassword != null) && (transportFactory == null))
+ {
+ DefaultXmlRpcTransport transport = createDefaultTransport();
+ transport.setBasicAuthentication(storedUser, storedPassword);
+ return execute(new XmlRpcRequest(method, params), transport);
+ }
+ else
+ {
+ return execute(new XmlRpcRequest(method, params));
+ }
}
public Object execute(XmlRpcClientRequest request)
@@ -201,7 +222,17 @@
public void executeAsync(String method, Vector params,
AsyncCallback callback)
{
- executeAsync(new XmlRpcRequest(method, params), callback);
+ XmlRpcRequest request = new XmlRpcRequest(method, params);
+ if ((storedUser != null) && (storedPassword != null) && (transportFactory == null))
+ {
+ DefaultXmlRpcTransport transport = createDefaultTransport();
+ transport.setBasicAuthentication(storedUser, storedPassword);
+ executeAsync(request, callback, transport);
+ }
+ else
+ {
+ executeAsync(request, callback);
+ }
}
public void executeAsync(XmlRpcClientRequest request,
@@ -419,9 +450,13 @@
{
if (transportFactory == null)
{
- return new DefaultXmlRpcTransport(url, auth);
+ return createDefaultTransport();
}
return transportFactory.createTransport();
+ }
+
+ private DefaultXmlRpcTransport createDefaultTransport() {
+ return new DefaultXmlRpcTransport(url);
}
/**
1.11 +1 -3 xml-rpc/src/java/org/apache/xmlrpc/XmlRpcClientLite.java
Index: XmlRpcClientLite.java
===================================================================
RCS file: /home/cvs/xml-rpc/src/java/org/apache/xmlrpc/XmlRpcClientLite.java,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- XmlRpcClientLite.java 5 Dec 2002 08:49:24 -0000 1.10
+++ XmlRpcClientLite.java 29 Jan 2003 00:46:37 -0000 1.11
@@ -71,8 +71,6 @@
*/
public class XmlRpcClientLite extends XmlRpcClient
{
- static String auth;
-
/**
* Construct a XML-RPC client with this URL.
*/
1.1 xml-rpc/src/java/org/apache/xmlrpc/util/HttpUtil.java
Index: HttpUtil.java
===================================================================
package org.apache.xmlrpc.util;
/*
* The Apache Software License, Version 1.1
*
*
* Copyright (c) 2001 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "XML-RPC" and "Apache Software Foundation" must
* not be used to endorse or promote products derived from this
* software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* nor may "Apache" appear in their name, without prior written
* permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
import org.apache.xmlrpc.Base64;
/**
* Provides utility functions useful in HTTP communications
*
* @author <a href="mailto:rhoegg@isisnetworks.net">Ryan Hoegg</a>
*/
public class HttpUtil
{
private HttpUtil()
{
// private because currently we only offer static methods.
}
public static String encodeBasicAuthentication(String user, String password)
{
String auth;
if (user == null || password == null)
{
auth = null;
}
else
{
auth = new String(Base64.encode((user + ':' + password)
.getBytes())).trim();
}
return auth;
}
}
Re: Authentication refactoring
Posted by Andrew Evers <an...@redwood.com>.
> I committed my authentication refactorings. They did not include any
> changes to the SunSSLTransportFactory, as it was too new for me to get
> comfortable with. (translation: I didn't take the time to understand it
> fully).
It's a bit 'magic' due to the way Sun decided to do a few things ;) It's
all setting static variables (how very object-oriented we all cry).
> The gist of it is that setBasicAuthentication on XmlRpcClient has been
> deprecated. I added a setBasicAuthentication method on
> DefaultXmlRpcTransport and LiteXmlRpcTransport. I also made some
> modifications to execute(String, Vector) and executeAsync(String,
> Vector, AsyncCallback) so that existing users of
> XmlRpcClient.setBasicAuthentication aren't unpleasantly surprised.
The stuff on the transports themselves will work, however the changes
to the transport factory won't. I've just extended the properties concept
for transport factories so that it is possible to set a property on an
already
created factory (although the factory may ignore or veto the change). This
will let it work as long as new factories co-operate.
I should probably add getProperty(), getProperties() and removeProperty()
as well, but these are of much less use.
If you use the DefaultXmlRpcTransportFactory then properties are
set for both the http:// and https:// transports when setProperty is
called.
Andrew.
Re: Authentication refactoring
Posted by Andrew Evers <an...@redwood.com>.
> I committed my authentication refactorings. They did not include any
> changes to the SunSSLTransportFactory, as it was too new for me to get
> comfortable with. (translation: I didn't take the time to understand it
> fully).
It's a bit 'magic' due to the way Sun decided to do a few things ;) It's
all setting static variables (how very object-oriented we all cry).
> The gist of it is that setBasicAuthentication on XmlRpcClient has been
> deprecated. I added a setBasicAuthentication method on
> DefaultXmlRpcTransport and LiteXmlRpcTransport. I also made some
> modifications to execute(String, Vector) and executeAsync(String,
> Vector, AsyncCallback) so that existing users of
> XmlRpcClient.setBasicAuthentication aren't unpleasantly surprised.
The stuff on the transports themselves will work, however the changes
to the transport factory won't. I've just extended the properties concept
for transport factories so that it is possible to set a property on an
already
created factory (although the factory may ignore or veto the change). This
will let it work as long as new factories co-operate.
I should probably add getProperty(), getProperties() and removeProperty()
as well, but these are of much less use.
If you use the DefaultXmlRpcTransportFactory then properties are
set for both the http:// and https:// transports when setProperty is
called.
Andrew.
Authentication refactoring
Posted by Ryan Hoegg <rh...@isisnetworks.net>.
I committed my authentication refactorings. They did not include any
changes to the SunSSLTransportFactory, as it was too new for me to get
comfortable with. (translation: I didn't take the time to understand it
fully).
The gist of it is that setBasicAuthentication on XmlRpcClient has been
deprecated. I added a setBasicAuthentication method on
DefaultXmlRpcTransport and LiteXmlRpcTransport. I also made some
modifications to execute(String, Vector) and executeAsync(String,
Vector, AsyncCallback) so that existing users of
XmlRpcClient.setBasicAuthentication aren't unpleasantly surprised.
As I mentioned in an earlier e-mail and the javadoc, the credentials
passed to XmlRpcClient.setBasicAuthentication are only used in the
versions of execute and executeAsync that were around in 1.1. They are
discarded in all other overloads.
--
Ryan Hoegg
ISIS Networks
http://www.isisnetworks.net
Authentication refactoring
Posted by Ryan Hoegg <rh...@isisnetworks.net>.
I committed my authentication refactorings. They did not include any
changes to the SunSSLTransportFactory, as it was too new for me to get
comfortable with. (translation: I didn't take the time to understand it
fully).
The gist of it is that setBasicAuthentication on XmlRpcClient has been
deprecated. I added a setBasicAuthentication method on
DefaultXmlRpcTransport and LiteXmlRpcTransport. I also made some
modifications to execute(String, Vector) and executeAsync(String,
Vector, AsyncCallback) so that existing users of
XmlRpcClient.setBasicAuthentication aren't unpleasantly surprised.
As I mentioned in an earlier e-mail and the javadoc, the credentials
passed to XmlRpcClient.setBasicAuthentication are only used in the
versions of execute and executeAsync that were around in 1.1. They are
discarded in all other overloads.
--
Ryan Hoegg
ISIS Networks
http://www.isisnetworks.net