You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2023/05/07 13:42:05 UTC
[httpcomponents-client] branch ntlm_spnego_deprecation created (now 613cd73ff)
This is an automated email from the ASF dual-hosted git repository.
olegk pushed a change to branch ntlm_spnego_deprecation
in repository https://gitbox.apache.org/repos/asf/httpcomponents-client.git
at 613cd73ff NTLM scheme deprecated and disabled by default
This branch includes the following new commits:
new 613cd73ff NTLM scheme deprecated and disabled by default
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
[httpcomponents-client] 01/01: NTLM scheme deprecated and disabled by default
Posted by ol...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
olegk pushed a commit to branch ntlm_spnego_deprecation
in repository https://gitbox.apache.org/repos/asf/httpcomponents-client.git
commit 613cd73ff878fbdca53c3fdf74fb8ea7692dbcd6
Author: Oleg Kalnichevski <ol...@apache.org>
AuthorDate: Sun May 7 15:39:08 2023 +0200
NTLM scheme deprecated and disabled by default
---
BUILDING.txt | 1 -
.../cache/TestByteArrayCacheEntrySerializer.java | 1 +
.../apache/hc/client5/http/fluent/Executor.java | 7 +-
httpclient5-testing/pom.xml | 5 -
.../win/WindowsNegotiateSchemeGetTokenFail.java | 48 ----
.../sync/TestClientAuthenticationFakeNTLM.java | 261 ------------------
.../hc/client5/testing/sync/TestSPNegoScheme.java | 1 +
.../testing/sync/TestWindowsNegotiateScheme.java | 94 -------
httpclient5-win/pom.xml | 107 --------
.../http/examples/client/win/ClientWinAuth.java | 70 -----
.../hc/client5/http/impl/win/WinHttpClients.java | 99 -------
.../http/impl/win/WindowsNTLMSchemeFactory.java | 68 -----
.../http/impl/win/WindowsNegotiateScheme.java | 294 ---------------------
.../impl/win/WindowsNegotiateSchemeFactory.java | 67 -----
.../hc/client5/http/impl/win/package-info.java | 35 ---
httpclient5-win/src/test/resources/log4j2.xml | 29 --
.../apache/hc/client5/http/auth/NTCredentials.java | 12 +-
.../hc/client5/http/auth/StandardAuthScheme.java | 4 +
.../http/impl/DefaultAuthenticationStrategy.java | 1 -
.../http/impl/async/H2AsyncClientBuilder.java | 2 -
.../http/impl/async/HttpAsyncClientBuilder.java | 2 -
.../hc/client5/http/impl/auth/NTLMEngine.java | 3 +
.../http/impl/auth/NTLMEngineException.java | 3 +
.../hc/client5/http/impl/auth/NTLMEngineImpl.java | 3 +
.../hc/client5/http/impl/auth/NTLMScheme.java | 16 +-
.../client5/http/impl/auth/NTLMSchemeFactory.java | 6 +
.../auth/SystemDefaultCredentialsProvider.java | 3 +-
.../http/impl/classic/HttpClientBuilder.java | 2 -
.../hc/client5/http/impl/classic/ProxyClient.java | 2 -
.../hc/client5/http/auth/TestCredentials.java | 1 +
.../hc/client5/http/config/TestRequestConfig.java | 4 +-
.../client5/http/examples/ClientConfiguration.java | 2 +-
.../http/impl/auth/TestAuthChallengeParser.java | 13 -
.../client5/http/impl/auth/TestBasicAuthCache.java | 8 -
.../http/impl/auth/TestHttpAuthenticator.java | 2 +-
.../client5/http/impl/auth/TestNTLMEngineImpl.java | 1 +
.../hc/client5/http/impl/auth/TestNTLMScheme.java | 1 +
.../http/impl/classic/TestProtocolExec.java | 10 +-
.../http/impl/classic/TestRedirectExec.java | 10 +-
pom.xml | 6 -
40 files changed, 69 insertions(+), 1235 deletions(-)
diff --git a/BUILDING.txt b/BUILDING.txt
index 4bc66fc8b..c84c79b6f 100644
--- a/BUILDING.txt
+++ b/BUILDING.txt
@@ -30,7 +30,6 @@ The JAR packages can be found in the target folders of their respective modules
httpclient5/target/httpclient5-<VERSION>.jar
httpclient5-cache/target/httpclient5-cache-<VERSION>.jar
httpclient5-fluent/target/httpclient5-fluent-<VERSION>.jar
-httpclient5-win/target/httpclient5-win-<VERSION>.jar
httpclient5-osgi/target/org.apache.httpcomponents.httpclient_<VERSION>.jar
where <VERSION> is the release version
diff --git a/httpclient5-cache/src/test/java/org/apache/hc/client5/http/impl/cache/TestByteArrayCacheEntrySerializer.java b/httpclient5-cache/src/test/java/org/apache/hc/client5/http/impl/cache/TestByteArrayCacheEntrySerializer.java
index 81cb9b37e..6e06f3c70 100644
--- a/httpclient5-cache/src/test/java/org/apache/hc/client5/http/impl/cache/TestByteArrayCacheEntrySerializer.java
+++ b/httpclient5-cache/src/test/java/org/apache/hc/client5/http/impl/cache/TestByteArrayCacheEntrySerializer.java
@@ -52,6 +52,7 @@ import org.apache.hc.core5.http.message.StatusLine;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
+@SuppressWarnings("deprecation")
public class TestByteArrayCacheEntrySerializer {
private ByteArrayCacheEntrySerializer impl;
diff --git a/httpclient5-fluent/src/main/java/org/apache/hc/client5/http/fluent/Executor.java b/httpclient5-fluent/src/main/java/org/apache/hc/client5/http/fluent/Executor.java
index 8dbe1b3b7..bdc49b0a7 100644
--- a/httpclient5-fluent/src/main/java/org/apache/hc/client5/http/fluent/Executor.java
+++ b/httpclient5-fluent/src/main/java/org/apache/hc/client5/http/fluent/Executor.java
@@ -33,7 +33,6 @@ import org.apache.hc.client5.http.auth.AuthCache;
import org.apache.hc.client5.http.auth.AuthScope;
import org.apache.hc.client5.http.auth.Credentials;
import org.apache.hc.client5.http.auth.CredentialsStore;
-import org.apache.hc.client5.http.auth.NTCredentials;
import org.apache.hc.client5.http.auth.UsernamePasswordCredentials;
import org.apache.hc.client5.http.config.ConnectionConfig;
import org.apache.hc.client5.http.cookie.CookieStore;
@@ -186,10 +185,14 @@ public class Executor {
return auth(host, new UsernamePasswordCredentials(username, password));
}
+ /**
+ * @deprecated Use {@link #auth(HttpHost, String, char[])}.
+ */
+ @Deprecated
public Executor auth(final HttpHost host,
final String username, final char[] password,
final String workstation, final String domain) {
- return auth(host, new NTCredentials(username, password, workstation, domain));
+ return auth(host, new org.apache.hc.client5.http.auth.NTCredentials(username, password, workstation, domain));
}
public Executor clearAuth() {
diff --git a/httpclient5-testing/pom.xml b/httpclient5-testing/pom.xml
index 46fd4ebaa..8a7012d79 100644
--- a/httpclient5-testing/pom.xml
+++ b/httpclient5-testing/pom.xml
@@ -77,11 +77,6 @@
<artifactId>httpclient5-fluent</artifactId>
<scope>test</scope>
</dependency>
- <dependency>
- <groupId>org.apache.httpcomponents.client5</groupId>
- <artifactId>httpclient5-win</artifactId>
- <scope>test</scope>
- </dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-params</artifactId>
diff --git a/httpclient5-testing/src/test/java/org/apache/hc/client5/http/impl/win/WindowsNegotiateSchemeGetTokenFail.java b/httpclient5-testing/src/test/java/org/apache/hc/client5/http/impl/win/WindowsNegotiateSchemeGetTokenFail.java
deleted file mode 100644
index 3a4926381..000000000
--- a/httpclient5-testing/src/test/java/org/apache/hc/client5/http/impl/win/WindowsNegotiateSchemeGetTokenFail.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-package org.apache.hc.client5.http.impl.win;
-
-import com.sun.jna.platform.win32.Sspi;
-import com.sun.jna.platform.win32.Win32Exception;
-import com.sun.jna.platform.win32.WinError;
-
-public final class WindowsNegotiateSchemeGetTokenFail extends WindowsNegotiateScheme {
-
- public WindowsNegotiateSchemeGetTokenFail(final String schemeName, final String servicePrincipalName) {
- super(schemeName, servicePrincipalName);
- }
-
- @Override
- String getToken(final Sspi.CtxtHandle continueCtx, final Sspi.SecBufferDesc continueToken, final String targetName) {
- dispose();
- /* We will rather throw SEC_E_TARGET_UNKNOWN because SEC_E_DOWNGRADE_DETECTED is not
- * available on Windows XP and this unit test always fails.
- */
- throw new Win32Exception(WinError.SEC_E_TARGET_UNKNOWN);
- }
-
-}
diff --git a/httpclient5-testing/src/test/java/org/apache/hc/client5/testing/sync/TestClientAuthenticationFakeNTLM.java b/httpclient5-testing/src/test/java/org/apache/hc/client5/testing/sync/TestClientAuthenticationFakeNTLM.java
deleted file mode 100644
index 4c531408b..000000000
--- a/httpclient5-testing/src/test/java/org/apache/hc/client5/testing/sync/TestClientAuthenticationFakeNTLM.java
+++ /dev/null
@@ -1,261 +0,0 @@
-/*
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-package org.apache.hc.client5.testing.sync;
-
-import java.io.IOException;
-import java.util.function.Consumer;
-
-import org.apache.hc.client5.http.auth.CredentialsProvider;
-import org.apache.hc.client5.http.auth.NTCredentials;
-import org.apache.hc.client5.http.auth.StandardAuthScheme;
-import org.apache.hc.client5.http.classic.methods.HttpGet;
-import org.apache.hc.client5.http.impl.auth.CredentialsProviderBuilder;
-import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
-import org.apache.hc.client5.http.impl.classic.HttpClientBuilder;
-import org.apache.hc.client5.http.protocol.HttpClientContext;
-import org.apache.hc.client5.testing.sync.extension.TestClientResources;
-import org.apache.hc.core5.http.ClassicHttpRequest;
-import org.apache.hc.core5.http.ClassicHttpResponse;
-import org.apache.hc.core5.http.HttpException;
-import org.apache.hc.core5.http.HttpHeaders;
-import org.apache.hc.core5.http.HttpHost;
-import org.apache.hc.core5.http.HttpStatus;
-import org.apache.hc.core5.http.URIScheme;
-import org.apache.hc.core5.http.io.HttpRequestHandler;
-import org.apache.hc.core5.http.io.entity.EntityUtils;
-import org.apache.hc.core5.http.protocol.HttpContext;
-import org.apache.hc.core5.testing.classic.ClassicTestServer;
-import org.apache.hc.core5.util.Timeout;
-import org.junit.jupiter.api.Assertions;
-import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.extension.RegisterExtension;
-
-/**
- * Unit tests for some of the NTLM auth functionality..
- */
-public class TestClientAuthenticationFakeNTLM {
-
- public static final Timeout TIMEOUT = Timeout.ofMinutes(1);
-
- @RegisterExtension
- private TestClientResources testResources = new TestClientResources(URIScheme.HTTP, TIMEOUT);
-
- public ClassicTestServer startServer() throws IOException {
- return testResources.startServer(null, null, null);
- }
-
- public CloseableHttpClient startClient(final Consumer<HttpClientBuilder> clientCustomizer) {
- return testResources.startClient(clientCustomizer);
- }
-
- public CloseableHttpClient startClient() {
- return testResources.startClient(builder -> {});
- }
-
- public HttpHost targetHost() {
- return testResources.targetHost();
- }
-
- static class NtlmResponseHandler implements HttpRequestHandler {
-
- @Override
- public void handle(
- final ClassicHttpRequest request,
- final ClassicHttpResponse response,
- final HttpContext context) throws HttpException, IOException {
- response.setCode(HttpStatus.SC_UNAUTHORIZED);
- response.setHeader("Connection", "Keep-Alive");
- response.setHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.NTLM);
- }
- }
-
- @Test
- public void testNTLMAuthenticationFailure() throws Exception {
- final ClassicTestServer server = startServer();
- server.registerHandler("*", new NtlmResponseHandler());
- final HttpHost target = targetHost();
-
- final CredentialsProvider credsProvider = CredentialsProviderBuilder.create()
- .add(target, new NTCredentials("test", "test".toCharArray(), null, null))
- .build();
-
- final CloseableHttpClient client = startClient(builder -> builder
- .setDefaultCredentialsProvider(credsProvider)
- );
-
- final HttpContext context = HttpClientContext.create();
- final HttpGet httpget = new HttpGet("/");
-
- client.execute(target, httpget, context, response -> {
- EntityUtils.consume(response.getEntity());
- Assertions.assertEquals(HttpStatus.SC_UNAUTHORIZED, response.getCode());
- return null;
- });
- }
-
- static class NtlmType2MessageResponseHandler implements HttpRequestHandler {
-
- private final String authenticateHeaderValue;
-
- public NtlmType2MessageResponseHandler(final String type2Message) {
- this.authenticateHeaderValue = StandardAuthScheme.NTLM + " " + type2Message;
- }
-
- @Override
- public void handle(
- final ClassicHttpRequest request,
- final ClassicHttpResponse response,
- final HttpContext context) throws HttpException, IOException {
- response.setCode(HttpStatus.SC_UNAUTHORIZED);
- response.setHeader("Connection", "Keep-Alive");
- if (!request.containsHeader(HttpHeaders.AUTHORIZATION)) {
- response.setHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.NTLM);
- } else {
- response.setHeader(HttpHeaders.WWW_AUTHENTICATE, authenticateHeaderValue);
- }
- }
- }
-
- @Test
- public void testNTLMv1Type2Message() throws Exception {
- final ClassicTestServer server = startServer();
- server.registerHandler("*", new NtlmType2MessageResponseHandler("TlRMTVNTUAACAA" +
- "AADAAMADgAAAAzggLiASNFZ4mrze8AAAAAAAAAAAAAAAAAAAAABgBwFwAAAA9T" +
- "AGUAcgB2AGUAcgA="));
- final HttpHost target = targetHost();
-
- final CredentialsProvider credsProvider = CredentialsProviderBuilder.create()
- .add(target, new NTCredentials("test", "test".toCharArray(), null, null))
- .build();
-
- final CloseableHttpClient client = startClient(builder -> builder
- .setDefaultCredentialsProvider(credsProvider)
- );
-
- final HttpContext context = HttpClientContext.create();
- final HttpGet httpget = new HttpGet("/");
-
- client.execute(target, httpget, context, response -> {
- EntityUtils.consume(response.getEntity());
- Assertions.assertEquals(HttpStatus.SC_UNAUTHORIZED, response.getCode());
- return null;
- });
- }
-
- @Test
- public void testNTLMv2Type2Message() throws Exception {
- final ClassicTestServer server = startServer();
- server.registerHandler("*", new NtlmType2MessageResponseHandler("TlRMTVNTUAACAA" +
- "AADAAMADgAAAAzgoriASNFZ4mrze8AAAAAAAAAACQAJABEAAAABgBwFwAAAA9T" +
- "AGUAcgB2AGUAcgACAAwARABvAG0AYQBpAG4AAQAMAFMAZQByAHYAZQByAAAAAAA="));
- final HttpHost target = targetHost();
-
- final CredentialsProvider credsProvider = CredentialsProviderBuilder.create()
- .add(target, new NTCredentials("test", "test".toCharArray(), null, null))
- .build();
-
- final CloseableHttpClient client = startClient(builder -> builder
- .setDefaultCredentialsProvider(credsProvider)
- );
-
- final HttpContext context = HttpClientContext.create();
- final HttpGet httpget = new HttpGet("/");
-
- client.execute(target, httpget, context, response -> {
- EntityUtils.consume(response.getEntity());
- Assertions.assertEquals(HttpStatus.SC_UNAUTHORIZED, response.getCode());
- return null;
- });
- }
-
- static class NtlmType2MessageOnlyResponseHandler implements HttpRequestHandler {
-
- private final String authenticateHeaderValue;
-
- public NtlmType2MessageOnlyResponseHandler(final String type2Message) {
- this.authenticateHeaderValue = StandardAuthScheme.NTLM + " " + type2Message;
- }
-
- @Override
- public void handle(
- final ClassicHttpRequest request,
- final ClassicHttpResponse response,
- final HttpContext context) throws HttpException, IOException {
- response.setCode(HttpStatus.SC_UNAUTHORIZED);
- response.setHeader("Connection", "Keep-Alive");
- response.setHeader(HttpHeaders.WWW_AUTHENTICATE, authenticateHeaderValue);
- }
- }
-
- @Test
- public void testNTLMType2MessageOnlyAuthenticationFailure() throws Exception {
- final ClassicTestServer server = startServer();
- server.registerHandler("*", new NtlmType2MessageOnlyResponseHandler("TlRMTVNTUAACAA" +
- "AADAAMADgAAAAzggLiASNFZ4mrze8AAAAAAAAAAAAAAAAAAAAABgBwFwAAAA9T" +
- "AGUAcgB2AGUAcgA="));
- final HttpHost target = targetHost();
-
- final CloseableHttpClient client = startClient();
-
- final HttpClientContext context = HttpClientContext.create();
- context.setCredentialsProvider(CredentialsProviderBuilder.create()
- .add(target, new NTCredentials("test", "test".toCharArray(), null, null))
- .build());
- final HttpGet httpget = new HttpGet("/");
-
- client.execute(target, httpget, context, response -> {
- EntityUtils.consume(response.getEntity());
- Assertions.assertEquals(HttpStatus.SC_UNAUTHORIZED, response.getCode());
- return null;
- });
- }
-
- @Test
- public void testNTLMType2NonUnicodeMessageOnlyAuthenticationFailure() throws Exception {
- final ClassicTestServer server = startServer();
- server.registerHandler("*", new NtlmType2MessageOnlyResponseHandler("TlRMTVNTUAACAA" +
- "AABgAGADgAAAAyggLiASNFZ4mrze8AAAAAAAAAAAAAAAAAAAAABgBwFwAAAA9T" +
- "ZXJ2ZXI="));
- final HttpHost target = targetHost();
-
-
- final CloseableHttpClient client = startClient();
-
- final HttpClientContext context = HttpClientContext.create();
- context.setCredentialsProvider(CredentialsProviderBuilder.create()
- .add(target, new NTCredentials("test", "test".toCharArray(), null, null))
- .build());
- final HttpGet httpget = new HttpGet("/");
-
- client.execute(target, httpget, context, response -> {
- EntityUtils.consume(response.getEntity());
- Assertions.assertEquals(HttpStatus.SC_UNAUTHORIZED, response.getCode());
- return null;
- });
- }
-
-}
diff --git a/httpclient5-testing/src/test/java/org/apache/hc/client5/testing/sync/TestSPNegoScheme.java b/httpclient5-testing/src/test/java/org/apache/hc/client5/testing/sync/TestSPNegoScheme.java
index 16accd2bf..d29f67d5d 100644
--- a/httpclient5-testing/src/test/java/org/apache/hc/client5/testing/sync/TestSPNegoScheme.java
+++ b/httpclient5-testing/src/test/java/org/apache/hc/client5/testing/sync/TestSPNegoScheme.java
@@ -125,6 +125,7 @@ public class TestSPNegoScheme {
}
+ @SuppressWarnings("deprecation")
private static class UseJaasCredentials implements Credentials {
@Override
diff --git a/httpclient5-testing/src/test/java/org/apache/hc/client5/testing/sync/TestWindowsNegotiateScheme.java b/httpclient5-testing/src/test/java/org/apache/hc/client5/testing/sync/TestWindowsNegotiateScheme.java
deleted file mode 100644
index 8214b0f96..000000000
--- a/httpclient5-testing/src/test/java/org/apache/hc/client5/testing/sync/TestWindowsNegotiateScheme.java
+++ /dev/null
@@ -1,94 +0,0 @@
-/*
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-package org.apache.hc.client5.testing.sync;
-
-import static java.util.concurrent.TimeUnit.MILLISECONDS;
-
-import org.apache.hc.client5.http.auth.AuthSchemeFactory;
-import org.apache.hc.client5.http.auth.StandardAuthScheme;
-import org.apache.hc.client5.http.classic.methods.HttpGet;
-import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
-import org.apache.hc.client5.http.impl.win.WinHttpClients;
-import org.apache.hc.client5.http.impl.win.WindowsNegotiateSchemeGetTokenFail;
-import org.apache.hc.client5.testing.sync.extension.TestClientResources;
-import org.apache.hc.core5.http.HttpHeaders;
-import org.apache.hc.core5.http.HttpHost;
-import org.apache.hc.core5.http.HttpStatus;
-import org.apache.hc.core5.http.URIScheme;
-import org.apache.hc.core5.http.config.Registry;
-import org.apache.hc.core5.http.config.RegistryBuilder;
-import org.apache.hc.core5.http.io.entity.EntityUtils;
-import org.apache.hc.core5.testing.classic.ClassicTestServer;
-import org.apache.hc.core5.util.Timeout;
-import org.junit.jupiter.api.Assumptions;
-import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.extension.RegisterExtension;
-
-/**
- * Unit tests for Windows negotiate authentication.
- */
-public class TestWindowsNegotiateScheme {
-
- public static final Timeout TIMEOUT = Timeout.ofMinutes(1);
-
- @RegisterExtension
- private TestClientResources testResources = new TestClientResources(URIScheme.HTTP, TIMEOUT);
-
- @Test // this timeout (in ms) needs to be extended if you're actively debugging the code
- @org.junit.jupiter.api.Timeout(value = 30000, unit = MILLISECONDS)
- public void testNoInfiniteLoopOnSPNOutsideDomain() throws Exception {
- final ClassicTestServer server = testResources.startServer(null, null, null);
- server.registerHandler("/", (request, response, context) -> {
- response.addHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.SPNEGO);
- response.setCode(HttpStatus.SC_UNAUTHORIZED);
- });
- final HttpHost target = testResources.targetHost();
- Assumptions.assumeTrue(WinHttpClients.isWinAuthAvailable(), "Test can only be run on Windows");
-
- // HTTPCLIENT-1545
- // If a service principal name (SPN) from outside your Windows domain tree (e.g., HTTP/example.com) is used,
- // InitializeSecurityContext will return SEC_E_DOWNGRADE_DETECTED (decimal: -2146892976, hex: 0x80090350).
- // Because WindowsNegotiateScheme wasn't setting the completed state correctly when authentication fails,
- // HttpClient goes into an infinite loop, constantly retrying the negotiate authentication to kingdom
- // come. This error message, "The system detected a possible attempt to compromise security. Please ensure that
- // you can contact the server that authenticated you." is associated with SEC_E_DOWNGRADE_DETECTED.
-
- final Registry<AuthSchemeFactory> authSchemeRegistry = RegistryBuilder.<AuthSchemeFactory>create()
- .register(StandardAuthScheme.SPNEGO, context -> new WindowsNegotiateSchemeGetTokenFail(StandardAuthScheme.SPNEGO, "HTTP/example.com")).build();
-
- final CloseableHttpClient client = testResources.startClient(builder -> builder
- .setDefaultAuthSchemeRegistry(authSchemeRegistry)
- );
-
- final HttpGet httpGet = new HttpGet("/");
- client.execute(target, httpGet, response -> {
- EntityUtils.consume(response.getEntity());
- return null;
- });
- }
-
-}
diff --git a/httpclient5-win/pom.xml b/httpclient5-win/pom.xml
deleted file mode 100644
index 5ab28e4e2..000000000
--- a/httpclient5-win/pom.xml
+++ /dev/null
@@ -1,107 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- ====================================================================
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
- ====================================================================
-
- This software consists of voluntary contributions made by many
- individuals on behalf of the Apache Software Foundation. For more
- information on the Apache Software Foundation, please see
- <http://www.apache.org />.
- --><project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.apache.httpcomponents.client5</groupId>
- <artifactId>httpclient5-parent</artifactId>
- <version>5.2.2-SNAPSHOT</version>
- </parent>
- <artifactId>httpclient5-win</artifactId>
- <name>Apache HttpClient Windows features</name>
- <description>Apache HttpClient Windows specific functionality</description>
- <packaging>jar</packaging>
-
- <properties>
- <Automatic-Module-Name>org.apache.httpcomponents.client5.httpclient5.win</Automatic-Module-Name>
- </properties>
-
- <dependencies>
- <dependency>
- <groupId>org.apache.httpcomponents.client5</groupId>
- <artifactId>httpclient5</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.httpcomponents.client5</groupId>
- <artifactId>httpclient5</artifactId>
- <scope>test</scope>
- <classifier>tests</classifier>
- </dependency>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-api</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-core</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>net.java.dev.jna</groupId>
- <artifactId>jna</artifactId>
- <scope>compile</scope>
- </dependency>
- <dependency>
- <groupId>net.java.dev.jna</groupId>
- <artifactId>jna-platform</artifactId>
- </dependency>
- <dependency>
- <groupId>org.junit.jupiter</groupId>
- <artifactId>junit-jupiter-migrationsupport</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.hamcrest</groupId>
- <artifactId>hamcrest</artifactId>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
- <reporting>
- <plugins>
- <plugin>
- <artifactId>maven-project-info-reports-plugin</artifactId>
- <inherited>false</inherited>
- <reportSets>
- <reportSet>
- <reports>
- <report>index</report>
- <report>dependencies</report>
- <report>dependency-info</report>
- <report>summary</report>
- </reports>
- </reportSet>
- </reportSets>
- </plugin>
- </plugins>
- </reporting>
-
-</project>
\ No newline at end of file
diff --git a/httpclient5-win/src/examples/org/apache/hc/client5/http/examples/client/win/ClientWinAuth.java b/httpclient5-win/src/examples/org/apache/hc/client5/http/examples/client/win/ClientWinAuth.java
deleted file mode 100644
index eb08429ff..000000000
--- a/httpclient5-win/src/examples/org/apache/hc/client5/http/examples/client/win/ClientWinAuth.java
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.hc.client5.http.examples.client.win;
-
-import org.apache.hc.client5.http.classic.methods.HttpGet;
-import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
-import org.apache.hc.client5.http.impl.classic.CloseableHttpResponse;
-import org.apache.hc.client5.http.impl.win.WinHttpClients;
-import org.apache.hc.core5.http.io.entity.EntityUtils;
-
-/**
- * This example demonstrates how to create HttpClient pre-configured
- * with support for integrated Windows authentication.
- */
-public class ClientWinAuth {
-
- public final static void main(String[] args) throws Exception {
-
- if (!WinHttpClients.isWinAuthAvailable()) {
- System.out.println("Integrated Win auth is not supported!!!");
- }
-
- CloseableHttpClient httpclient = WinHttpClients.createDefault();
- // There is no need to provide user credentials
- // HttpClient will attempt to access current user security context through
- // Windows platform specific methods via JNI.
- try {
- HttpGet httpget = new HttpGet("http://winhost/");
-
- System.out.println("Executing request " + httpget.getMethod() + " " + httpget.getUri());
- CloseableHttpResponse response = httpclient.execute(httpget);
- try {
- System.out.println("----------------------------------------");
- System.out.println(response.getCode() + " " + response.getReasonPhrase());
- EntityUtils.consume(response.getEntity());
- } finally {
- response.close();
- }
- } finally {
- httpclient.close();
- }
- }
-
-}
-
diff --git a/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/WinHttpClients.java b/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/WinHttpClients.java
deleted file mode 100644
index c36511740..000000000
--- a/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/WinHttpClients.java
+++ /dev/null
@@ -1,99 +0,0 @@
-/*
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-package org.apache.hc.client5.http.impl.win;
-
-import java.util.Locale;
-
-import org.apache.hc.client5.http.auth.AuthSchemeFactory;
-import org.apache.hc.client5.http.auth.StandardAuthScheme;
-import org.apache.hc.client5.http.impl.auth.BasicSchemeFactory;
-import org.apache.hc.client5.http.impl.auth.BearerSchemeFactory;
-import org.apache.hc.client5.http.impl.auth.DigestSchemeFactory;
-import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
-import org.apache.hc.client5.http.impl.classic.HttpClientBuilder;
-import org.apache.hc.core5.http.config.Registry;
-import org.apache.hc.core5.http.config.RegistryBuilder;
-
-/**
- * Factory methods for {@link org.apache.hc.client5.http.impl.classic.CloseableHttpClient} instances configured to use integrated
- * Windows authentication by default.
- *
- * @since 4.4
- */
-public class WinHttpClients {
-
- private WinHttpClients() {
- super();
- }
-
- public static boolean isWinAuthAvailable() {
- String os = System.getProperty("os.name");
- os = os != null ? os.toLowerCase(Locale.ROOT) : null;
- return os != null && os.contains("windows");
- }
-
- private static HttpClientBuilder createBuilder() {
- if (isWinAuthAvailable()) {
- final Registry<AuthSchemeFactory> authSchemeRegistry = RegistryBuilder.<AuthSchemeFactory>create()
- .register(StandardAuthScheme.BASIC, BasicSchemeFactory.INSTANCE)
- .register(StandardAuthScheme.DIGEST, DigestSchemeFactory.INSTANCE)
- .register(StandardAuthScheme.BEARER, BearerSchemeFactory.INSTANCE)
- .register(StandardAuthScheme.NTLM, WindowsNTLMSchemeFactory.DEFAULT)
- .register(StandardAuthScheme.SPNEGO, WindowsNegotiateSchemeFactory.DEFAULT)
- .build();
- return HttpClientBuilder.create()
- .setDefaultAuthSchemeRegistry(authSchemeRegistry);
- }
- return HttpClientBuilder.create();
- }
-
- /**
- * Creates builder object for construction of custom
- * {@link CloseableHttpClient} instances.
- */
- public static HttpClientBuilder custom() {
- return createBuilder();
- }
-
- /**
- * Creates {@link CloseableHttpClient} instance with default
- * configuration.
- */
- public static CloseableHttpClient createDefault() {
- return createBuilder().build();
- }
-
- /**
- * Creates {@link CloseableHttpClient} instance with default
- * configuration based on system properties.
- */
- public static CloseableHttpClient createSystem() {
- return createBuilder().useSystemProperties().build();
- }
-
-
-}
diff --git a/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/WindowsNTLMSchemeFactory.java b/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/WindowsNTLMSchemeFactory.java
deleted file mode 100644
index b882eb1ea..000000000
--- a/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/WindowsNTLMSchemeFactory.java
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.hc.client5.http.impl.win;
-
-import org.apache.hc.client5.http.auth.AuthScheme;
-import org.apache.hc.client5.http.auth.AuthSchemeFactory;
-import org.apache.hc.client5.http.auth.StandardAuthScheme;
-import org.apache.hc.core5.annotation.Contract;
-import org.apache.hc.core5.annotation.Experimental;
-import org.apache.hc.core5.annotation.ThreadingBehavior;
-import org.apache.hc.core5.http.protocol.HttpContext;
-
-/**
- * {@link AuthSchemeFactory} implementation that creates and initializes
- * {@link WindowsNegotiateScheme} using JNA to implement NTLM
- *
- * @since 4.4
- */
-@Contract(threading = ThreadingBehavior.STATELESS)
-@Experimental
-public class WindowsNTLMSchemeFactory implements AuthSchemeFactory {
-
- /**
- * Singleton instance with a null name.
- */
- public static final WindowsNTLMSchemeFactory DEFAULT = new WindowsNTLMSchemeFactory(null);
-
- private final String servicePrincipalName;
-
- public WindowsNTLMSchemeFactory(final String servicePrincipalName) {
- super();
- this.servicePrincipalName = servicePrincipalName;
- }
-
- @Override
- public AuthScheme create(final HttpContext context) {
- return new WindowsNegotiateScheme(StandardAuthScheme.NTLM, servicePrincipalName);
- }
-
-}
-
-
-
diff --git a/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/WindowsNegotiateScheme.java b/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/WindowsNegotiateScheme.java
deleted file mode 100644
index da1a629ff..000000000
--- a/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/WindowsNegotiateScheme.java
+++ /dev/null
@@ -1,294 +0,0 @@
-/*
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-package org.apache.hc.client5.http.impl.win;
-
-import java.security.Principal;
-
-import org.apache.hc.client5.http.utils.Base64;
-import org.apache.hc.client5.http.RouteInfo;
-import org.apache.hc.client5.http.auth.AuthChallenge;
-import org.apache.hc.client5.http.auth.AuthScheme;
-import org.apache.hc.client5.http.auth.AuthenticationException;
-import org.apache.hc.client5.http.auth.BasicUserPrincipal;
-import org.apache.hc.client5.http.auth.ChallengeType;
-import org.apache.hc.client5.http.auth.CredentialsProvider;
-import org.apache.hc.client5.http.auth.MalformedChallengeException;
-import org.apache.hc.client5.http.auth.StandardAuthScheme;
-import org.apache.hc.client5.http.protocol.HttpClientContext;
-import org.apache.hc.core5.annotation.Experimental;
-import org.apache.hc.core5.http.HttpHost;
-import org.apache.hc.core5.http.HttpRequest;
-import org.apache.hc.core5.http.protocol.HttpContext;
-import org.apache.hc.core5.net.URIAuthority;
-import org.apache.hc.core5.util.Args;
-import org.apache.hc.core5.util.TextUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.sun.jna.platform.win32.Secur32;
-import com.sun.jna.platform.win32.Secur32Util;
-import com.sun.jna.platform.win32.Sspi;
-import com.sun.jna.platform.win32.Sspi.CredHandle;
-import com.sun.jna.platform.win32.Sspi.CtxtHandle;
-import com.sun.jna.platform.win32.Sspi.SecBufferDesc;
-import com.sun.jna.platform.win32.Sspi.TimeStamp;
-import com.sun.jna.platform.win32.SspiUtil.ManagedSecBufferDesc;
-import com.sun.jna.platform.win32.Win32Exception;
-import com.sun.jna.platform.win32.WinError;
-import com.sun.jna.ptr.IntByReference;
-
-/**
- * Auth scheme that makes use of JNA to implement Negotiate and NTLM on Windows Platforms.
- * <p>
- * This will delegate negotiation to the windows machine.
- * </p>
- *
- * @since 4.4
- */
-@Experimental
-public class WindowsNegotiateScheme implements AuthScheme {
-
- private static final Logger LOG = LoggerFactory.getLogger(WindowsNegotiateScheme.class);
-
- // NTLM or Negotiate
- private final String schemeName;
- private final String servicePrincipalName;
-
- private ChallengeType challengeType;
- private String challenge;
- private CredHandle clientCred;
- private CtxtHandle sspiContext;
- private boolean continueNeeded;
-
- WindowsNegotiateScheme(final String schemeName, final String servicePrincipalName) {
- super();
-
- this.schemeName = (schemeName == null) ? StandardAuthScheme.SPNEGO : schemeName;
- this.continueNeeded = true;
- this.servicePrincipalName = servicePrincipalName;
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("Created WindowsNegotiateScheme using {}", this.schemeName);
- }
- }
-
- public void dispose() {
- if (clientCred != null && !clientCred.isNull()) {
- final int rc = Secur32.INSTANCE.FreeCredentialsHandle(clientCred);
- if (WinError.SEC_E_OK != rc) {
- throw new Win32Exception(rc);
- }
- }
- if (sspiContext != null && !sspiContext.isNull()) {
- final int rc = Secur32.INSTANCE.DeleteSecurityContext(sspiContext);
- if (WinError.SEC_E_OK != rc) {
- throw new Win32Exception(rc);
- }
- }
- continueNeeded = true; // waiting
- clientCred = null;
- sspiContext = null;
- }
-
- @Override
- public String getName() {
- return schemeName;
- }
-
- @Override
- public boolean isConnectionBased() {
- return true;
- }
-
- @Override
- public String getRealm() {
- return null;
- }
-
- @Override
- public void processChallenge(
- final AuthChallenge authChallenge,
- final HttpContext context) throws MalformedChallengeException {
- Args.notNull(authChallenge, "AuthChallenge");
- challengeType = authChallenge.getChallengeType();
- challenge = authChallenge.getValue();
- if (TextUtils.isBlank(challenge)) {
- if (clientCred != null) {
- dispose(); // run cleanup first before throwing an exception otherwise can leak OS resources
- if (continueNeeded) {
- throw new IllegalStateException("Unexpected token");
- }
- }
- }
- }
-
- @Override
- public boolean isResponseReady(
- final HttpHost host,
- final CredentialsProvider credentialsProvider,
- final HttpContext context) throws AuthenticationException {
- return true;
- }
-
- /**
- * Get the SAM-compatible username of the currently logged-on user.
- *
- * @return String.
- */
- public static String getCurrentUsername() {
- return Secur32Util.getUserNameEx(Secur32.EXTENDED_NAME_FORMAT.NameSamCompatible);
- }
-
- @Override
- public Principal getPrincipal() {
- return new BasicUserPrincipal(getCurrentUsername());
- }
-
- @Override
- public String generateAuthResponse(
- final HttpHost host,
- final HttpRequest request,
- final HttpContext context) throws AuthenticationException {
-
- final HttpClientContext clientContext = HttpClientContext.adapt(context);
- final String response;
- if (clientCred == null) {
- // client credentials handle
- try {
- final String username = getCurrentUsername();
- final TimeStamp lifetime = new TimeStamp();
-
- clientCred = new CredHandle();
- final int rc = Secur32.INSTANCE.AcquireCredentialsHandle(username,
- schemeName, Sspi.SECPKG_CRED_OUTBOUND, null, null, null, null,
- clientCred, lifetime);
-
- if (WinError.SEC_E_OK != rc) {
- throw new Win32Exception(rc);
- }
-
- final String targetName = getServicePrincipalName(request, clientContext);
- response = getToken(null, null, targetName);
- } catch (final RuntimeException ex) {
- failAuthCleanup();
- if (ex instanceof Win32Exception) {
- throw new AuthenticationException("Authentication Failed", ex);
- }
- throw ex;
- }
- } else if (challenge == null || challenge.isEmpty()) {
- failAuthCleanup();
- throw new AuthenticationException("Authentication Failed");
- } else {
- try {
- final byte[] continueTokenBytes = Base64.decodeBase64(challenge);
- final SecBufferDesc continueTokenBuffer = new ManagedSecBufferDesc(
- Sspi.SECBUFFER_TOKEN, continueTokenBytes);
- final String targetName = getServicePrincipalName(request, clientContext);
- response = getToken(this.sspiContext, continueTokenBuffer, targetName);
- } catch (final RuntimeException ex) {
- failAuthCleanup();
- if (ex instanceof Win32Exception) {
- throw new AuthenticationException("Authentication Failed", ex);
- }
- throw ex;
- }
- }
- return schemeName + " " + response;
- }
-
- private void failAuthCleanup() {
- dispose();
- this.continueNeeded = false;
- }
-
- // Per RFC4559, the Service Principal Name should HTTP/<hostname>. However, <hostname>
- // can just be the host or the fully qualified name (e.g., see "Kerberos SPN generation"
- // at http://www.chromium.org/developers/design-documents/http-authentication). Here,
- // I've chosen to use the host that has been provided in HttpHost so that I don't incur
- // any additional DNS lookup cost.
- private String getServicePrincipalName(final HttpRequest request, final HttpClientContext clientContext) {
- String spn = null;
- if (this.servicePrincipalName != null) {
- spn = this.servicePrincipalName;
- } else if (challengeType == ChallengeType.PROXY) {
- final RouteInfo route = clientContext.getHttpRoute();
- if (route != null) {
- spn = "HTTP/" + route.getProxyHost().getHostName();
- }
- } else {
- final URIAuthority authority = request.getAuthority();
- if (authority != null) {
- spn = "HTTP/" + authority.getHostName();
- } else {
- final RouteInfo route = clientContext.getHttpRoute();
- if (route != null) {
- spn = "HTTP/" + route.getTargetHost().getHostName();
- }
- }
- }
- if (LOG.isDebugEnabled()) {
- LOG.debug("Using SPN: {}", spn);
- }
- return spn;
- }
-
- // See http://msdn.microsoft.com/en-us/library/windows/desktop/aa375506(v=vs.85).aspx
- String getToken(
- final CtxtHandle continueCtx,
- final SecBufferDesc continueToken,
- final String targetName) {
- final IntByReference attr = new IntByReference();
- final ManagedSecBufferDesc token = new ManagedSecBufferDesc(
- Sspi.SECBUFFER_TOKEN, Sspi.MAX_TOKEN_SIZE);
-
- sspiContext = new CtxtHandle();
- final int rc = Secur32.INSTANCE.InitializeSecurityContext(clientCred,
- continueCtx, targetName, Sspi.ISC_REQ_DELEGATE | Sspi.ISC_REQ_MUTUAL_AUTH, 0,
- Sspi.SECURITY_NATIVE_DREP, continueToken, 0, sspiContext, token,
- attr, null);
- switch (rc) {
- case WinError.SEC_I_CONTINUE_NEEDED:
- continueNeeded = true;
- break;
- case WinError.SEC_E_OK:
- dispose(); // Don't keep the context
- continueNeeded = false;
- break;
- default:
- dispose();
- throw new Win32Exception(rc);
- }
- return Base64.encodeBase64String(token.getBuffer(0).getBytes());
- }
-
- @Override
- public boolean isChallengeComplete() {
- return !continueNeeded;
- }
-
-}
diff --git a/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/WindowsNegotiateSchemeFactory.java b/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/WindowsNegotiateSchemeFactory.java
deleted file mode 100644
index f1b5c377c..000000000
--- a/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/WindowsNegotiateSchemeFactory.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.hc.client5.http.impl.win;
-
-import org.apache.hc.client5.http.auth.AuthScheme;
-import org.apache.hc.client5.http.auth.AuthSchemeFactory;
-import org.apache.hc.client5.http.auth.StandardAuthScheme;
-import org.apache.hc.core5.annotation.Contract;
-import org.apache.hc.core5.annotation.Experimental;
-import org.apache.hc.core5.annotation.ThreadingBehavior;
-import org.apache.hc.core5.http.protocol.HttpContext;
-
-/**
- * {@link AuthSchemeFactory} implementation that creates and initializes
- * {@link WindowsNegotiateScheme} using JNA to Negotiate credentials
- *
- * @since 4.4
- */
-@Contract(threading = ThreadingBehavior.STATELESS)
-@Experimental
-public class WindowsNegotiateSchemeFactory implements AuthSchemeFactory {
-
- /**
- * Singleton instance with a null name.
- */
- public static final WindowsNegotiateSchemeFactory DEFAULT = new WindowsNegotiateSchemeFactory(null);
-
- private final String servicePrincipalName;
-
- public WindowsNegotiateSchemeFactory(final String servicePrincipalName) {
- super();
- this.servicePrincipalName = servicePrincipalName;
- }
-
- @Override
- public AuthScheme create(final HttpContext context) {
- return new WindowsNegotiateScheme(StandardAuthScheme.SPNEGO, servicePrincipalName);
- }
-
-}
-
-
diff --git a/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/package-info.java b/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/package-info.java
deleted file mode 100644
index 50a103c99..000000000
--- a/httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/package-info.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-/**
- * Auth scheme that makes use of JNA to implement Negotiate and NTLM on Windows Platforms.
- * <p>
- * Please note this class is considered experimental and may be discontinued or removed
- * in the future.
- * </p>
- */
-package org.apache.hc.client5.http.impl.win;
diff --git a/httpclient5-win/src/test/resources/log4j2.xml b/httpclient5-win/src/test/resources/log4j2.xml
deleted file mode 100644
index 0c9bfe241..000000000
--- a/httpclient5-win/src/test/resources/log4j2.xml
+++ /dev/null
@@ -1,29 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-<Configuration status="WARN" name="XMLConfigTest">
- <Appenders>
- <Console name="STDOUT">
- <PatternLayout pattern="%d %-5level [%t][%logger]%notEmpty{[%markerSimpleName]} %msg%n%xThrowable" />
- </Console>
- </Appenders>
- <Loggers>
- <Root level="WARN">
- <AppenderRef ref="STDOUT" />
- </Root>
- </Loggers>
-</Configuration>
\ No newline at end of file
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/auth/NTCredentials.java b/httpclient5/src/main/java/org/apache/hc/client5/http/auth/NTCredentials.java
index f2c41ee83..20a8ae11c 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/auth/NTCredentials.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/auth/NTCredentials.java
@@ -43,7 +43,14 @@ import org.apache.hc.core5.util.LangUtils;
* Windows specific attributes such as name of the domain the user belongs to.
*
* @since 4.0
+ *
+ * @deprecated Do not use. the NTLM authentication scheme is no longer supported.
+ * Consider using Basic or Bearer authentication with TLS instead.
+ *
+ * @see UsernamePasswordCredentials
+ * @see BearerToken
*/
+@Deprecated
@Contract(threading = ThreadingBehavior.IMMUTABLE)
public class NTCredentials implements Credentials, Serializable {
@@ -69,9 +76,7 @@ public class NTCredentials implements Credentials, Serializable {
* @param workstation The workstation the authentication request is originating from.
* Essentially, the computer name for this machine.
* @param domain The domain to authenticate within.
- * @deprecated (5.3) Use {@link #NTCredentials(char[], String, String, String)}
*/
- @Deprecated
public NTCredentials(
final String userName,
final char[] password,
@@ -89,9 +94,7 @@ public class NTCredentials implements Credentials, Serializable {
* Essentially, the computer name for this machine.
* @param domain The domain to authenticate within.
* @param netbiosDomain The netbios version of the domain name.
- @deprecated (5.3) Use {@link #NTCredentials(char[], String, String, String)}
*/
- @Deprecated
public NTCredentials(
final String userName,
final char[] password,
@@ -114,7 +117,6 @@ public class NTCredentials implements Credentials, Serializable {
* This constructor creates a new instance of NTCredentials, determining the workstation name at runtime
* using the {@link #getWorkstationName()} method. The workstation name will be converted to uppercase
* using the {@link java.util.Locale#ROOT} locale.
- * @since 5.3
*/
public NTCredentials(
final char[] password,
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/auth/StandardAuthScheme.java b/httpclient5/src/main/java/org/apache/hc/client5/http/auth/StandardAuthScheme.java
index b5994a91c..3ea46bdb2 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/auth/StandardAuthScheme.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/auth/StandardAuthScheme.java
@@ -57,7 +57,11 @@ public final class StandardAuthScheme {
/**
* The NTLM authentication scheme is a proprietary Microsoft Windows
* authentication protocol as defined in [MS-NLMP].
+ *
+ * @deprecated Do not use. the NTLM authentication scheme is no longer supported.
+ * Consider using Basic or Bearer authentication with TLS instead.
*/
+ @Deprecated
public static final String NTLM = "NTLM";
/**
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/DefaultAuthenticationStrategy.java b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/DefaultAuthenticationStrategy.java
index 64559c4ff..856b7459c 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/DefaultAuthenticationStrategy.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/DefaultAuthenticationStrategy.java
@@ -67,7 +67,6 @@ public class DefaultAuthenticationStrategy implements AuthenticationStrategy {
Collections.unmodifiableList(Arrays.asList(
StandardAuthScheme.SPNEGO,
StandardAuthScheme.KERBEROS,
- StandardAuthScheme.NTLM,
StandardAuthScheme.BEARER,
StandardAuthScheme.DIGEST,
StandardAuthScheme.BASIC));
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/async/H2AsyncClientBuilder.java b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/async/H2AsyncClientBuilder.java
index 5c594c7ad..e2ed2883e 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/async/H2AsyncClientBuilder.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/async/H2AsyncClientBuilder.java
@@ -61,7 +61,6 @@ import org.apache.hc.client5.http.impl.auth.BasicSchemeFactory;
import org.apache.hc.client5.http.impl.auth.BearerSchemeFactory;
import org.apache.hc.client5.http.impl.auth.DigestSchemeFactory;
import org.apache.hc.client5.http.impl.auth.KerberosSchemeFactory;
-import org.apache.hc.client5.http.impl.auth.NTLMSchemeFactory;
import org.apache.hc.client5.http.impl.auth.SPNegoSchemeFactory;
import org.apache.hc.client5.http.impl.auth.SystemDefaultCredentialsProvider;
import org.apache.hc.client5.http.impl.nio.MultihomeConnectionInitiator;
@@ -822,7 +821,6 @@ public class H2AsyncClientBuilder {
.register(StandardAuthScheme.BASIC, BasicSchemeFactory.INSTANCE)
.register(StandardAuthScheme.DIGEST, DigestSchemeFactory.INSTANCE)
.register(StandardAuthScheme.BEARER, BearerSchemeFactory.INSTANCE)
- .register(StandardAuthScheme.NTLM, NTLMSchemeFactory.INSTANCE)
.register(StandardAuthScheme.SPNEGO, SPNegoSchemeFactory.DEFAULT)
.register(StandardAuthScheme.KERBEROS, KerberosSchemeFactory.DEFAULT)
.build();
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/async/HttpAsyncClientBuilder.java b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/async/HttpAsyncClientBuilder.java
index c07b0b7e9..794145270 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/async/HttpAsyncClientBuilder.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/async/HttpAsyncClientBuilder.java
@@ -67,7 +67,6 @@ import org.apache.hc.client5.http.impl.auth.BasicSchemeFactory;
import org.apache.hc.client5.http.impl.auth.BearerSchemeFactory;
import org.apache.hc.client5.http.impl.auth.DigestSchemeFactory;
import org.apache.hc.client5.http.impl.auth.KerberosSchemeFactory;
-import org.apache.hc.client5.http.impl.auth.NTLMSchemeFactory;
import org.apache.hc.client5.http.impl.auth.SPNegoSchemeFactory;
import org.apache.hc.client5.http.impl.auth.SystemDefaultCredentialsProvider;
import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManagerBuilder;
@@ -1009,7 +1008,6 @@ public class HttpAsyncClientBuilder {
.register(StandardAuthScheme.BASIC, BasicSchemeFactory.INSTANCE)
.register(StandardAuthScheme.DIGEST, DigestSchemeFactory.INSTANCE)
.register(StandardAuthScheme.BEARER, BearerSchemeFactory.INSTANCE)
- .register(StandardAuthScheme.NTLM, NTLMSchemeFactory.INSTANCE)
.register(StandardAuthScheme.SPNEGO, SPNegoSchemeFactory.DEFAULT)
.register(StandardAuthScheme.KERBEROS, KerberosSchemeFactory.DEFAULT)
.build();
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMEngine.java b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMEngine.java
index a409046fe..e680435a8 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMEngine.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMEngine.java
@@ -32,7 +32,10 @@ package org.apache.hc.client5.http.impl.auth;
* Type2 challenge.
*
* @since 4.0
+ *
+ * @deprecated Do not use. the NTLM authentication scheme is no longer supported
*/
+@Deprecated
public interface NTLMEngine {
/**
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMEngineException.java b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMEngineException.java
index 9e4d906f2..fa812c457 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMEngineException.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMEngineException.java
@@ -32,7 +32,10 @@ import org.apache.hc.client5.http.auth.AuthenticationException;
* Signals NTLM protocol failure.
*
* @since 4.0
+ *
+ * @deprecated Do not use.
*/
+@Deprecated
public class NTLMEngineException extends AuthenticationException {
private static final long serialVersionUID = 6027981323731768824L;
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMEngineImpl.java b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMEngineImpl.java
index fa0548da0..99b3326ae 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMEngineImpl.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMEngineImpl.java
@@ -48,7 +48,10 @@ import org.apache.hc.client5.http.utils.ByteArrayBuilder;
* authentication protocol.
*
* @since 4.1
+ *
+ * @deprecated Do not use.
*/
+@Deprecated
final class NTLMEngineImpl implements NTLMEngine {
/** Unicode encoding */
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMScheme.java b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMScheme.java
index 9a529c8d4..c8f52c886 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMScheme.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMScheme.java
@@ -30,13 +30,12 @@ import java.security.Principal;
import org.apache.hc.client5.http.auth.AuthChallenge;
import org.apache.hc.client5.http.auth.AuthScheme;
-import org.apache.hc.client5.http.auth.StandardAuthScheme;
import org.apache.hc.client5.http.auth.AuthScope;
import org.apache.hc.client5.http.auth.AuthenticationException;
import org.apache.hc.client5.http.auth.Credentials;
import org.apache.hc.client5.http.auth.CredentialsProvider;
import org.apache.hc.client5.http.auth.MalformedChallengeException;
-import org.apache.hc.client5.http.auth.NTCredentials;
+import org.apache.hc.client5.http.auth.StandardAuthScheme;
import org.apache.hc.client5.http.protocol.HttpClientContext;
import org.apache.hc.core5.http.HttpHost;
import org.apache.hc.core5.http.HttpRequest;
@@ -50,7 +49,14 @@ import org.slf4j.LoggerFactory;
* and optimized for Windows platforms.
*
* @since 4.0
+ *
+ * @deprecated Do not use. the NTLM authentication scheme is no longer supported.
+ * Consider using Basic or Bearer authentication with TLS instead.
+ *
+ * @see BasicScheme
+ * @see BearerScheme
*/
+@Deprecated
public final class NTLMScheme implements AuthScheme {
private static final Logger LOG = LoggerFactory.getLogger(NTLMScheme.class);
@@ -68,7 +74,7 @@ public final class NTLMScheme implements AuthScheme {
private State state;
private String challenge;
- private NTCredentials credentials;
+ private org.apache.hc.client5.http.auth.NTCredentials credentials;
public NTLMScheme(final NTLMEngine engine) {
super();
@@ -134,8 +140,8 @@ public final class NTLMScheme implements AuthScheme {
final AuthScope authScope = new AuthScope(host, null, getName());
final Credentials credentials = credentialsProvider.getCredentials(
authScope, context);
- if (credentials instanceof NTCredentials) {
- this.credentials = (NTCredentials) credentials;
+ if (credentials instanceof org.apache.hc.client5.http.auth.NTCredentials) {
+ this.credentials = (org.apache.hc.client5.http.auth.NTCredentials) credentials;
return true;
}
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMSchemeFactory.java b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMSchemeFactory.java
index 66642a59c..be5f5a058 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMSchemeFactory.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/NTLMSchemeFactory.java
@@ -39,7 +39,13 @@ import org.apache.hc.core5.http.protocol.HttpContext;
* implementation.
*
* @since 4.1
+ * @deprecated Do not use. the NTLM authentication scheme is no longer supported.
+ * Consider using Basic or Bearer authentication with TLS instead.
+ *
+ * @see BasicSchemeFactory
+ * @see BearerSchemeFactory
*/
+@Deprecated
@Contract(threading = ThreadingBehavior.STATELESS)
public class NTLMSchemeFactory implements AuthSchemeFactory {
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/SystemDefaultCredentialsProvider.java b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/SystemDefaultCredentialsProvider.java
index 99add9f5c..125fed52f 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/SystemDefaultCredentialsProvider.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/SystemDefaultCredentialsProvider.java
@@ -37,8 +37,8 @@ import org.apache.hc.client5.http.auth.AuthScope;
import org.apache.hc.client5.http.auth.Credentials;
import org.apache.hc.client5.http.auth.CredentialsStore;
import org.apache.hc.client5.http.auth.NTCredentials;
-import org.apache.hc.client5.http.auth.UsernamePasswordCredentials;
import org.apache.hc.client5.http.auth.StandardAuthScheme;
+import org.apache.hc.client5.http.auth.UsernamePasswordCredentials;
import org.apache.hc.client5.http.protocol.HttpClientContext;
import org.apache.hc.core5.annotation.Contract;
import org.apache.hc.core5.annotation.ThreadingBehavior;
@@ -54,6 +54,7 @@ import org.apache.hc.core5.util.Args;
* @since 4.3
*/
@Contract(threading = ThreadingBehavior.SAFE)
+@SuppressWarnings("deprecation")
public class SystemDefaultCredentialsProvider implements CredentialsStore {
private final BasicCredentialsProvider internal;
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/classic/HttpClientBuilder.java b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/classic/HttpClientBuilder.java
index 6ec9e14d5..7f1844476 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/classic/HttpClientBuilder.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/classic/HttpClientBuilder.java
@@ -70,7 +70,6 @@ import org.apache.hc.client5.http.impl.auth.BasicSchemeFactory;
import org.apache.hc.client5.http.impl.auth.BearerSchemeFactory;
import org.apache.hc.client5.http.impl.auth.DigestSchemeFactory;
import org.apache.hc.client5.http.impl.auth.KerberosSchemeFactory;
-import org.apache.hc.client5.http.impl.auth.NTLMSchemeFactory;
import org.apache.hc.client5.http.impl.auth.SPNegoSchemeFactory;
import org.apache.hc.client5.http.impl.auth.SystemDefaultCredentialsProvider;
import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
@@ -966,7 +965,6 @@ public class HttpClientBuilder {
.register(StandardAuthScheme.BASIC, BasicSchemeFactory.INSTANCE)
.register(StandardAuthScheme.DIGEST, DigestSchemeFactory.INSTANCE)
.register(StandardAuthScheme.BEARER, BearerSchemeFactory.INSTANCE)
- .register(StandardAuthScheme.NTLM, NTLMSchemeFactory.INSTANCE)
.register(StandardAuthScheme.SPNEGO, SPNegoSchemeFactory.DEFAULT)
.register(StandardAuthScheme.KERBEROS, KerberosSchemeFactory.DEFAULT)
.build();
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/classic/ProxyClient.java b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/classic/ProxyClient.java
index 6bee9fa25..b86fcb8ed 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/classic/ProxyClient.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/classic/ProxyClient.java
@@ -49,7 +49,6 @@ import org.apache.hc.client5.http.impl.auth.BasicSchemeFactory;
import org.apache.hc.client5.http.impl.auth.DigestSchemeFactory;
import org.apache.hc.client5.http.impl.auth.HttpAuthenticator;
import org.apache.hc.client5.http.impl.auth.KerberosSchemeFactory;
-import org.apache.hc.client5.http.impl.auth.NTLMSchemeFactory;
import org.apache.hc.client5.http.impl.auth.SPNegoSchemeFactory;
import org.apache.hc.client5.http.impl.io.ManagedHttpClientConnectionFactory;
import org.apache.hc.client5.http.io.ManagedHttpClientConnection;
@@ -121,7 +120,6 @@ public class ProxyClient {
this.authSchemeRegistry = RegistryBuilder.<AuthSchemeFactory>create()
.register(StandardAuthScheme.BASIC, BasicSchemeFactory.INSTANCE)
.register(StandardAuthScheme.DIGEST, DigestSchemeFactory.INSTANCE)
- .register(StandardAuthScheme.NTLM, NTLMSchemeFactory.INSTANCE)
.register(StandardAuthScheme.SPNEGO, SPNegoSchemeFactory.DEFAULT)
.register(StandardAuthScheme.KERBEROS, KerberosSchemeFactory.DEFAULT)
.build();
diff --git a/httpclient5/src/test/java/org/apache/hc/client5/http/auth/TestCredentials.java b/httpclient5/src/test/java/org/apache/hc/client5/http/auth/TestCredentials.java
index db33bf2a9..ee7df8940 100644
--- a/httpclient5/src/test/java/org/apache/hc/client5/http/auth/TestCredentials.java
+++ b/httpclient5/src/test/java/org/apache/hc/client5/http/auth/TestCredentials.java
@@ -35,6 +35,7 @@ import java.io.ObjectOutputStream;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
+@SuppressWarnings("deprecation")
public class TestCredentials {
@Test
diff --git a/httpclient5/src/test/java/org/apache/hc/client5/http/config/TestRequestConfig.java b/httpclient5/src/test/java/org/apache/hc/client5/http/config/TestRequestConfig.java
index dec3480a6..8eeea8c31 100644
--- a/httpclient5/src/test/java/org/apache/hc/client5/http/config/TestRequestConfig.java
+++ b/httpclient5/src/test/java/org/apache/hc/client5/http/config/TestRequestConfig.java
@@ -70,7 +70,7 @@ public class TestRequestConfig {
.setCircularRedirectsAllowed(true)
.setMaxRedirects(100)
.setCookieSpec(StandardCookieSpec.STRICT)
- .setTargetPreferredAuthSchemes(Collections.singletonList(StandardAuthScheme.NTLM))
+ .setTargetPreferredAuthSchemes(Collections.singletonList(StandardAuthScheme.BEARER))
.setProxyPreferredAuthSchemes(Collections.singletonList(StandardAuthScheme.DIGEST))
.setContentCompressionEnabled(false)
.build();
@@ -82,7 +82,7 @@ public class TestRequestConfig {
Assertions.assertTrue(config.isCircularRedirectsAllowed());
Assertions.assertEquals(100, config.getMaxRedirects());
Assertions.assertEquals(StandardCookieSpec.STRICT, config.getCookieSpec());
- Assertions.assertEquals(Collections.singletonList(StandardAuthScheme.NTLM), config.getTargetPreferredAuthSchemes());
+ Assertions.assertEquals(Collections.singletonList(StandardAuthScheme.BEARER), config.getTargetPreferredAuthSchemes());
Assertions.assertEquals(Collections.singletonList(StandardAuthScheme.DIGEST), config.getProxyPreferredAuthSchemes());
Assertions.assertFalse(config.isContentCompressionEnabled());
}
diff --git a/httpclient5/src/test/java/org/apache/hc/client5/http/examples/ClientConfiguration.java b/httpclient5/src/test/java/org/apache/hc/client5/http/examples/ClientConfiguration.java
index fd49162de..a6103bd0e 100644
--- a/httpclient5/src/test/java/org/apache/hc/client5/http/examples/ClientConfiguration.java
+++ b/httpclient5/src/test/java/org/apache/hc/client5/http/examples/ClientConfiguration.java
@@ -210,7 +210,7 @@ public class ClientConfiguration {
final RequestConfig defaultRequestConfig = RequestConfig.custom()
.setCookieSpec(StandardCookieSpec.STRICT)
.setExpectContinueEnabled(true)
- .setTargetPreferredAuthSchemes(Arrays.asList(StandardAuthScheme.NTLM, StandardAuthScheme.DIGEST))
+ .setTargetPreferredAuthSchemes(Arrays.asList(StandardAuthScheme.DIGEST))
.setProxyPreferredAuthSchemes(Collections.singletonList(StandardAuthScheme.BASIC))
.build();
diff --git a/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestAuthChallengeParser.java b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestAuthChallengeParser.java
index 9c5041000..cda0d57dd 100644
--- a/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestAuthChallengeParser.java
+++ b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestAuthChallengeParser.java
@@ -315,19 +315,6 @@ public class TestAuthChallengeParser {
assertThat(params1.get(1), NameValuePairMatcher.equals("blah", null));
}
- @Test
- public void testParseEmptyNTLMAuthChallenge() throws Exception {
- final CharArrayBuffer buffer = new CharArrayBuffer(64);
- buffer.append(StandardAuthScheme.NTLM);
- final ParserCursor cursor = new ParserCursor(0, buffer.length());
- final List<AuthChallenge> challenges = parser.parse(ChallengeType.TARGET, buffer, cursor);
- Assertions.assertNotNull(challenges);
- Assertions.assertEquals(1, challenges.size());
- final AuthChallenge challenge1 = challenges.get(0);
- Assertions.assertEquals(StandardAuthScheme.NTLM, challenge1.getSchemeName());
- Assertions.assertNull(challenge1.getValue());
- }
-
@Test
public void testParseParameterAndToken68AuthChallengeMix() throws Exception {
final CharArrayBuffer buffer = new CharArrayBuffer(64);
diff --git a/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestBasicAuthCache.java b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestBasicAuthCache.java
index 12e44b7c8..f529be590 100644
--- a/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestBasicAuthCache.java
+++ b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestBasicAuthCache.java
@@ -66,12 +66,4 @@ public class TestBasicAuthCache {
Assertions.assertNull(cache.get(new HttpHost("localhost", 80)));
}
- @Test
- public void testStoreNonSerializable() throws Exception {
- final BasicAuthCache cache = new BasicAuthCache();
- final AuthScheme authScheme = new NTLMScheme();
- cache.put(new HttpHost("localhost", 80), authScheme);
- Assertions.assertNull(cache.get(new HttpHost("localhost", 80)));
- }
-
}
diff --git a/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestHttpAuthenticator.java b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestHttpAuthenticator.java
index 3bd5786e0..c97b40088 100644
--- a/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestHttpAuthenticator.java
+++ b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestHttpAuthenticator.java
@@ -94,7 +94,7 @@ public class TestHttpAuthenticator {
this.authSchemeRegistry = RegistryBuilder.<AuthSchemeFactory>create()
.register(StandardAuthScheme.BASIC, BasicSchemeFactory.INSTANCE)
.register(StandardAuthScheme.DIGEST, DigestSchemeFactory.INSTANCE)
- .register(StandardAuthScheme.NTLM, NTLMSchemeFactory.INSTANCE).build();
+ .build();
this.context.setAttribute(HttpClientContext.AUTHSCHEME_REGISTRY, this.authSchemeRegistry);
this.httpAuthenticator = new HttpAuthenticator();
}
diff --git a/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestNTLMEngineImpl.java b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestNTLMEngineImpl.java
index 02ce6e9bb..76dea6396 100644
--- a/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestNTLMEngineImpl.java
+++ b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestNTLMEngineImpl.java
@@ -35,6 +35,7 @@ import java.util.Random;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
+@SuppressWarnings("deprecation")
public class TestNTLMEngineImpl {
@Test
diff --git a/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestNTLMScheme.java b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestNTLMScheme.java
index cc884bc7c..6c545a4eb 100644
--- a/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestNTLMScheme.java
+++ b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestNTLMScheme.java
@@ -37,6 +37,7 @@ import org.junit.jupiter.api.Test;
/**
* Unit tests for {@link NTLMScheme}.
*/
+@SuppressWarnings("deprecation")
public class TestNTLMScheme {
@Test
diff --git a/httpclient5/src/test/java/org/apache/hc/client5/http/impl/classic/TestProtocolExec.java b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/classic/TestProtocolExec.java
index e3846018d..71350020f 100644
--- a/httpclient5/src/test/java/org/apache/hc/client5/http/impl/classic/TestProtocolExec.java
+++ b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/classic/TestProtocolExec.java
@@ -45,7 +45,6 @@ import org.apache.hc.client5.http.classic.methods.HttpPost;
import org.apache.hc.client5.http.entity.EntityBuilder;
import org.apache.hc.client5.http.impl.auth.BasicScheme;
import org.apache.hc.client5.http.impl.auth.CredentialsProviderBuilder;
-import org.apache.hc.client5.http.impl.auth.NTLMScheme;
import org.apache.hc.client5.http.protocol.HttpClientContext;
import org.apache.hc.core5.http.ClassicHttpRequest;
import org.apache.hc.core5.http.ClassicHttpResponse;
@@ -209,7 +208,14 @@ public class TestProtocolExec {
final AuthExchange authExchange = new AuthExchange();
authExchange.setState(AuthExchange.State.SUCCESS);
- authExchange.select(new NTLMScheme());
+ authExchange.select(new BasicScheme() {
+
+ @Override
+ public boolean isConnectionBased() {
+ return true;
+ }
+
+ });
context.setAuthExchange(target, authExchange);
context.setCredentialsProvider(CredentialsProviderBuilder.create()
diff --git a/httpclient5/src/test/java/org/apache/hc/client5/http/impl/classic/TestRedirectExec.java b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/classic/TestRedirectExec.java
index 5d426372f..a59ca241f 100644
--- a/httpclient5/src/test/java/org/apache/hc/client5/http/impl/classic/TestRedirectExec.java
+++ b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/classic/TestRedirectExec.java
@@ -44,7 +44,6 @@ import org.apache.hc.client5.http.config.RequestConfig;
import org.apache.hc.client5.http.entity.EntityBuilder;
import org.apache.hc.client5.http.impl.DefaultRedirectStrategy;
import org.apache.hc.client5.http.impl.auth.BasicScheme;
-import org.apache.hc.client5.http.impl.auth.NTLMScheme;
import org.apache.hc.client5.http.protocol.HttpClientContext;
import org.apache.hc.client5.http.protocol.RedirectLocations;
import org.apache.hc.client5.http.protocol.RedirectStrategy;
@@ -187,7 +186,14 @@ public class TestRedirectExec {
targetAuthExchange.select(new BasicScheme());
final AuthExchange proxyAuthExchange = new AuthExchange();
proxyAuthExchange.setState(AuthExchange.State.SUCCESS);
- proxyAuthExchange.select(new NTLMScheme());
+ proxyAuthExchange.select(new BasicScheme() {
+
+ @Override
+ public boolean isConnectionBased() {
+ return true;
+ }
+
+ });
context.setAuthExchange(target, targetAuthExchange);
context.setAuthExchange(proxy, proxyAuthExchange);
diff --git a/pom.xml b/pom.xml
index 8c8b46ea6..b134039a6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -123,11 +123,6 @@
<artifactId>httpclient5-fluent</artifactId>
<version>${project.version}</version>
</dependency>
- <dependency>
- <groupId>org.apache.httpcomponents.client5</groupId>
- <artifactId>httpclient5-win</artifactId>
- <version>${project.version}</version>
- </dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
@@ -205,7 +200,6 @@
<module>httpclient5</module>
<module>httpclient5-fluent</module>
<module>httpclient5-cache</module>
- <module>httpclient5-win</module>
<module>httpclient5-testing</module>
</modules>