You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@commons.apache.org by ol...@apache.org on 2003/12/10 22:37:42 UTC
cvs commit: jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth AuthPolicy.java
olegk 2003/12/10 13:37:42
Modified: httpclient/src/java/org/apache/commons/httpclient
HttpMethodBase.java
Added: httpclient/src/java/org/apache/commons/httpclient/auth
AuthPolicy.java
Log:
Forgot to add new file prior to committing stuff (as always). *sigh*
Changelog:
* Another attempt at fixing NTLM proxy + basic host authentication (R: #24352)
* Plug-in mechanism for authentication modules
* AuthModule interface implementing authentication modules can now be
instantiated using default (parameter-less) constructor
* Authentication modules can now retain limited state information (the state is
retained within the lifetime of the method director)
* Authentication scheme selection routine can be easily parameterized
* Yet another massive refactoring of HttpMethodDirector
Contributed by Oleg Kalnichevski
Reviewed By Michael Becke
Revision Changes Path
1.192 +6 -4 jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodBase.java
Index: HttpMethodBase.java
===================================================================
RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodBase.java,v
retrieving revision 1.191
retrieving revision 1.192
diff -u -r1.191 -r1.192
--- HttpMethodBase.java 10 Dec 2003 21:04:13 -0000 1.191
+++ HttpMethodBase.java 10 Dec 2003 21:37:41 -0000 1.192
@@ -2061,6 +2061,8 @@
}
/**
+ * @deprecated no longer used
+ *
* Returns proxy authentication realm, if it has been used during authentication process.
* Otherwise returns <tt>null</tt>.
*
1.1 jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/AuthPolicy.java
Index: AuthPolicy.java
===================================================================
/*
* $Header: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/AuthPolicy.java,v 1.1 2003/12/10 21:37:42 olegk Exp $
* $Revision: 1.1 $
* $Date: 2003/12/10 21:37:42 $
*
* ====================================================================
*
* The Apache Software License, Version 1.1
*
* Copyright (c) 2002-2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution, if
* any, must include the following acknowlegement:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowlegement may appear in the software itself,
* if and wherever such third-party acknowlegements normally appear.
*
* 4. The names "The Jakarta Project", "Commons", and "Apache Software
* Foundation" must not be used to endorse or promote products derived
* from this software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache"
* nor may "Apache" appear in their names without prior written
* permission of the Apache Group.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
* [Additional notices, if required by prior licensing conditions]
*
*/
package org.apache.commons.httpclient.auth;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
/**
* Authentication policy class. The Authentication policy provides corresponding
* authentication scheme interfrace for a given type of authorization challenge.
* <p>The following specifications are provided:
* <ul>
* <li><tt>Basic</tt>: Basic authentication scheme as defined in RFC2617
* (considered inherently insecure, but most widely supported)
* <li><tt>Digest</tt>: Digest authentication scheme as defined in RFC2617
* <li><tt>NTLM</tt>: The NTLM scheme is a proprietary Microsoft Windows
* Authentication protocol (considered to be the most secure among
* currently supported authentication schemes)
* </ul>
*
* @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
*
* @version $Revision: 1.1 $
* @since 2.1
*/
public abstract class AuthPolicy {
private static Map SCHEMES = Collections.synchronizedMap(new HashMap());
/**
* The NTLM scheme is a proprietary Microsoft Windows Authentication
* protocol (considered to be the most secure among currently supported
* authentication schemes).
*/
public static final String NTLM = "NTLM";
/**
* Digest authentication scheme as defined in RFC2617.
*/
public static final String DIGEST = "Digest";
/**
* Basic authentication scheme as defined in RFC2617 (considered inherently
* insecure, but most widely supported)
*/
public static final String BASIC = "Basic";
static {
AuthPolicy.registerAuthScheme(BASIC, BasicScheme.class);
AuthPolicy.registerAuthScheme(DIGEST, DigestScheme.class);
AuthPolicy.registerAuthScheme(NTLM, NTLMScheme.class);
}
/** Log object. */
protected static final Log LOG = LogFactory.getLog(AuthPolicy.class);
/**
* Registers a class implementing an {@link AuthScheme authentication scheme} with
* the given identifier. If a class with the given ID already exists it will be overridden.
* This ID is the same one used to retrieve the {@link AuthScheme authentication scheme}
* from {@link #getAuthScheme(String)}.
*
* @param id the identifier for this scheme
* @param clazz the class to register
*
* @see #getAuthScheme(String)
*/
public static void registerAuthScheme(final String id, Class clazz) {
if (id == null) {
throw new IllegalArgumentException("Id may not be null");
}
if (clazz == null) {
throw new IllegalArgumentException("Authentication scheme class may not be null");
}
SCHEMES.put(id.toLowerCase(), clazz);
}
/**
* Unregisters the class implementing an {@link AuthScheme authentication scheme} with
* the given ID.
*
* @param id the ID of the class to unregister
*/
public static void unregisterAuthScheme(final String id) {
if (id == null) {
throw new IllegalArgumentException("Id may not be null");
}
SCHEMES.remove(id.toLowerCase());
}
/**
* Gets the {@link AuthScheme authentication scheme} with the given ID.
*
* @param id the {@link AuthScheme authentication scheme} ID
*
* @return {@link AuthScheme authentication scheme}
*
* @throws IllegalStateException if a scheme with the ID cannot be found
*/
public static AuthScheme getAuthScheme(final String id)
throws IllegalStateException {
if (id == null) {
throw new IllegalArgumentException("Id may not be null");
}
Class clazz = (Class)SCHEMES.get(id.toLowerCase());
if (clazz != null) {
try {
return (AuthScheme)clazz.newInstance();
} catch (Exception e) {
LOG.error("Error initializing authentication scheme: " + id, e);
throw new IllegalStateException(id +
" authentication scheme implemented by " +
clazz.getName() + " could not be initialized");
}
} else {
throw new IllegalStateException("Unsupported authentication scheme " + id);
}
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org