You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2016/06/03 19:21:15 UTC
svn commit: r1746747 - in
/httpcomponents/httpclient/branches/4.5.x/httpclient/src/main:
java-deprecated/org/apache/http/impl/auth/SpnegoTokenGenerator.java
java/org/apache/http/impl/auth/GGSSchemeBase.java
Author: olegk
Date: Fri Jun 3 19:21:14 2016
New Revision: 1746747
URL: http://svn.apache.org/viewvc?rev=1746747&view=rev
Log:
HTTPCLIENT-1736: do not request cred delegation by default when using Kerberos auth
Modified:
httpcomponents/httpclient/branches/4.5.x/httpclient/src/main/java-deprecated/org/apache/http/impl/auth/SpnegoTokenGenerator.java
httpcomponents/httpclient/branches/4.5.x/httpclient/src/main/java/org/apache/http/impl/auth/GGSSchemeBase.java
Modified: httpcomponents/httpclient/branches/4.5.x/httpclient/src/main/java-deprecated/org/apache/http/impl/auth/SpnegoTokenGenerator.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.5.x/httpclient/src/main/java-deprecated/org/apache/http/impl/auth/SpnegoTokenGenerator.java?rev=1746747&r1=1746746&r2=1746747&view=diff
==============================================================================
--- httpcomponents/httpclient/branches/4.5.x/httpclient/src/main/java-deprecated/org/apache/http/impl/auth/SpnegoTokenGenerator.java (original)
+++ httpcomponents/httpclient/branches/4.5.x/httpclient/src/main/java-deprecated/org/apache/http/impl/auth/SpnegoTokenGenerator.java Fri Jun 3 19:21:14 2016
@@ -37,7 +37,7 @@ import java.io.IOException;
* @since 4.1
*
* @deprecated (4.2) subclass {@link KerberosScheme} and override
- * {@link KerberosScheme#generateGSSToken(byte[], org.ietf.jgss.Oid, String)}
+ * {@link KerberosScheme#generateGSSToken(byte[], org.ietf.jgss.Oid, String, org.apache.http.auth.Credentials)}
*/
@Deprecated
public interface SpnegoTokenGenerator {
Modified: httpcomponents/httpclient/branches/4.5.x/httpclient/src/main/java/org/apache/http/impl/auth/GGSSchemeBase.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.5.x/httpclient/src/main/java/org/apache/http/impl/auth/GGSSchemeBase.java?rev=1746747&r1=1746746&r2=1746747&view=diff
==============================================================================
--- httpcomponents/httpclient/branches/4.5.x/httpclient/src/main/java/org/apache/http/impl/auth/GGSSchemeBase.java (original)
+++ httpcomponents/httpclient/branches/4.5.x/httpclient/src/main/java/org/apache/http/impl/auth/GGSSchemeBase.java Fri Jun 3 19:21:14 2016
@@ -111,10 +111,6 @@ public abstract class GGSSchemeBase exte
protected byte[] generateGSSToken(
final byte[] input, final Oid oid, final String authServer,
final Credentials credentials) throws GSSException {
- byte[] inputBuff = input;
- if (inputBuff == null) {
- inputBuff = new byte[0];
- }
final GSSManager manager = getManager();
final GSSName serverName = manager.createName("HTTP@" + authServer, GSSName.NT_HOSTBASED_SERVICE);
@@ -125,13 +121,24 @@ public abstract class GGSSchemeBase exte
gssCredential = null;
}
- final GSSContext gssContext = manager.createContext(
- serverName.canonicalize(oid), oid, gssCredential, GSSContext.DEFAULT_LIFETIME);
- gssContext.requestMutualAuth(true);
- gssContext.requestCredDeleg(true);
- return gssContext.initSecContext(inputBuff, 0, inputBuff.length);
+ final GSSContext gssContext = createGSSContext(manager, oid, serverName, gssCredential);
+ if (input != null) {
+ return gssContext.initSecContext(input, 0, input.length);
+ } else {
+ return gssContext.initSecContext(new byte[] {}, 0, 0);
+ }
}
+ GSSContext createGSSContext(
+ final GSSManager manager,
+ final Oid oid,
+ final GSSName serverName,
+ final GSSCredential gssCredential) throws GSSException {
+ final GSSContext gssContext = manager.createContext(serverName.canonicalize(oid), oid, gssCredential,
+ GSSContext.DEFAULT_LIFETIME);
+ gssContext.requestMutualAuth(true);
+ return gssContext;
+ }
/**
* @deprecated (4.4) Use {@link #generateToken(byte[], String, org.apache.http.auth.Credentials)}.
*/