You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by gc...@apache.org on 2015/08/27 02:00:56 UTC
svn commit: r1698037 - in /lucene/dev/branches/branch_5x/solr/solrj/src:
java/org/apache/solr/client/solrj/impl/Krb5HttpClientConfigurer.java
test/org/apache/solr/client/solrj/impl/HttpClientUtilTest.java
Author: gchanan
Date: Thu Aug 27 00:00:56 2015
New Revision: 1698037
URL: http://svn.apache.org/r1698037
Log:
SOLR-7950: Invalid auth scheme configuration of Http client when using Kerberos (SPNEGO)
Modified:
lucene/dev/branches/branch_5x/solr/solrj/src/java/org/apache/solr/client/solrj/impl/Krb5HttpClientConfigurer.java
lucene/dev/branches/branch_5x/solr/solrj/src/test/org/apache/solr/client/solrj/impl/HttpClientUtilTest.java
Modified: lucene/dev/branches/branch_5x/solr/solrj/src/java/org/apache/solr/client/solrj/impl/Krb5HttpClientConfigurer.java
URL: http://svn.apache.org/viewvc/lucene/dev/branches/branch_5x/solr/solrj/src/java/org/apache/solr/client/solrj/impl/Krb5HttpClientConfigurer.java?rev=1698037&r1=1698036&r2=1698037&view=diff
==============================================================================
--- lucene/dev/branches/branch_5x/solr/solrj/src/java/org/apache/solr/client/solrj/impl/Krb5HttpClientConfigurer.java (original)
+++ lucene/dev/branches/branch_5x/solr/solrj/src/java/org/apache/solr/client/solrj/impl/Krb5HttpClientConfigurer.java Thu Aug 27 00:00:56 2015
@@ -34,6 +34,7 @@ import org.apache.http.HttpRequest;
import org.apache.http.HttpRequestInterceptor;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.Credentials;
+import org.apache.http.auth.AuthSchemeRegistry;
import org.apache.http.impl.auth.SPNegoSchemeFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.protocol.HttpContext;
@@ -77,7 +78,10 @@ public class Krb5HttpClientConfigurer ex
}
javax.security.auth.login.Configuration.setConfiguration(jaasConfig);
- httpClient.getAuthSchemes().register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true, false));
+ //Enable only SPNEGO authentication scheme.
+ AuthSchemeRegistry registry = new AuthSchemeRegistry();
+ registry.register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true, false));
+ httpClient.setAuthSchemes(registry);
// Get the credentials from the JAAS configuration rather than here
Credentials useJaasCreds = new Credentials() {
public String getPassword() {
Modified: lucene/dev/branches/branch_5x/solr/solrj/src/test/org/apache/solr/client/solrj/impl/HttpClientUtilTest.java
URL: http://svn.apache.org/viewvc/lucene/dev/branches/branch_5x/solr/solrj/src/test/org/apache/solr/client/solrj/impl/HttpClientUtilTest.java?rev=1698037&r1=1698036&r2=1698037&view=diff
==============================================================================
--- lucene/dev/branches/branch_5x/solr/solrj/src/test/org/apache/solr/client/solrj/impl/HttpClientUtilTest.java (original)
+++ lucene/dev/branches/branch_5x/solr/solrj/src/test/org/apache/solr/client/solrj/impl/HttpClientUtilTest.java Thu Aug 27 00:00:56 2015
@@ -18,11 +18,13 @@ package org.apache.solr.client.solrj.imp
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
import java.io.IOException;
import java.util.concurrent.atomic.AtomicInteger;
import org.apache.http.auth.AuthScope;
+import org.apache.http.client.config.AuthSchemes;
import org.apache.http.client.HttpClient;
import org.apache.http.client.params.ClientPNames;
import org.apache.http.conn.ssl.AllowAllHostnameVerifier;
@@ -30,6 +32,7 @@ import org.apache.http.conn.ssl.BrowserC
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.AbstractHttpClient;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.PoolingClientConnectionManager;
import org.apache.http.params.HttpConnectionParams;
@@ -73,7 +76,21 @@ public class HttpClientUtilTest {
client.close();
}
}
-
+
+ @Test
+ public void testAuthSchemeConfiguration() {
+ System.setProperty(Krb5HttpClientConfigurer.LOGIN_CONFIG_PROP, "test");
+ try {
+ HttpClientUtil.setConfigurer(new Krb5HttpClientConfigurer());
+ AbstractHttpClient client = (AbstractHttpClient)HttpClientUtil.createClient(null);
+ assertEquals(1, client.getAuthSchemes().getSchemeNames().size());
+ assertTrue(AuthSchemes.SPNEGO.equalsIgnoreCase(client.getAuthSchemes().getSchemeNames().get(0)));
+ } finally {
+ //Cleanup the system property.
+ System.clearProperty(Krb5HttpClientConfigurer.LOGIN_CONFIG_PROP);
+ }
+ }
+
@Test
public void testReplaceConfigurer() throws IOException{