You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by gc...@apache.org on 2015/08/27 02:00:56 UTC
svn commit: r1698037 - in /lucene/dev/branches/branch_5x/solr/solrj/src: java/org/apache/solr/client/solrj/impl/Krb5HttpClientConfigurer.java test/org/apache/solr/client/solrj/impl/HttpClientUtilTest.java

Author: gchanan
Date: Thu Aug 27 00:00:56 2015
New Revision: 1698037

URL: http://svn.apache.org/r1698037
Log:
SOLR-7950: Invalid auth scheme configuration of Http client when using Kerberos (SPNEGO)

Modified:
    lucene/dev/branches/branch_5x/solr/solrj/src/java/org/apache/solr/client/solrj/impl/Krb5HttpClientConfigurer.java
    lucene/dev/branches/branch_5x/solr/solrj/src/test/org/apache/solr/client/solrj/impl/HttpClientUtilTest.java

Modified: lucene/dev/branches/branch_5x/solr/solrj/src/java/org/apache/solr/client/solrj/impl/Krb5HttpClientConfigurer.java
URL: http://svn.apache.org/viewvc/lucene/dev/branches/branch_5x/solr/solrj/src/java/org/apache/solr/client/solrj/impl/Krb5HttpClientConfigurer.java?rev=1698037&r1=1698036&r2=1698037&view=diff
==============================================================================
--- lucene/dev/branches/branch_5x/solr/solrj/src/java/org/apache/solr/client/solrj/impl/Krb5HttpClientConfigurer.java (original)
+++ lucene/dev/branches/branch_5x/solr/solrj/src/java/org/apache/solr/client/solrj/impl/Krb5HttpClientConfigurer.java Thu Aug 27 00:00:56 2015
@@ -34,6 +34,7 @@ import org.apache.http.HttpRequest;
 import org.apache.http.HttpRequestInterceptor;
 import org.apache.http.auth.AuthScope;
 import org.apache.http.auth.Credentials;
+import org.apache.http.auth.AuthSchemeRegistry;
 import org.apache.http.impl.auth.SPNegoSchemeFactory;
 import org.apache.http.impl.client.DefaultHttpClient;
 import org.apache.http.protocol.HttpContext;
@@ -77,7 +78,10 @@ public class Krb5HttpClientConfigurer ex
         }
 
         javax.security.auth.login.Configuration.setConfiguration(jaasConfig);
-        httpClient.getAuthSchemes().register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true, false));
+        //Enable only SPNEGO authentication scheme.
+        AuthSchemeRegistry registry = new AuthSchemeRegistry();
+        registry.register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true, false));
+        httpClient.setAuthSchemes(registry);
         // Get the credentials from the JAAS configuration rather than here
         Credentials useJaasCreds = new Credentials() {
           public String getPassword() {

Modified: lucene/dev/branches/branch_5x/solr/solrj/src/test/org/apache/solr/client/solrj/impl/HttpClientUtilTest.java
URL: http://svn.apache.org/viewvc/lucene/dev/branches/branch_5x/solr/solrj/src/test/org/apache/solr/client/solrj/impl/HttpClientUtilTest.java?rev=1698037&r1=1698036&r2=1698037&view=diff
==============================================================================
--- lucene/dev/branches/branch_5x/solr/solrj/src/test/org/apache/solr/client/solrj/impl/HttpClientUtilTest.java (original)
+++ lucene/dev/branches/branch_5x/solr/solrj/src/test/org/apache/solr/client/solrj/impl/HttpClientUtilTest.java Thu Aug 27 00:00:56 2015
@@ -18,11 +18,13 @@ package org.apache.solr.client.solrj.imp
 
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
 
 import java.io.IOException;
 import java.util.concurrent.atomic.AtomicInteger;
 
 import org.apache.http.auth.AuthScope;
+import org.apache.http.client.config.AuthSchemes;
 import org.apache.http.client.HttpClient;
 import org.apache.http.client.params.ClientPNames;
 import org.apache.http.conn.ssl.AllowAllHostnameVerifier;
@@ -30,6 +32,7 @@ import org.apache.http.conn.ssl.BrowserC
 import org.apache.http.conn.ssl.SSLSocketFactory;
 import org.apache.http.conn.ssl.X509HostnameVerifier;
 import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.AbstractHttpClient;
 import org.apache.http.impl.client.DefaultHttpClient;
 import org.apache.http.impl.conn.PoolingClientConnectionManager;
 import org.apache.http.params.HttpConnectionParams;
@@ -73,7 +76,21 @@ public class HttpClientUtilTest {
       client.close();
     }
   }
-  
+
+  @Test
+  public void testAuthSchemeConfiguration() {
+    System.setProperty(Krb5HttpClientConfigurer.LOGIN_CONFIG_PROP, "test");
+    try {
+      HttpClientUtil.setConfigurer(new Krb5HttpClientConfigurer());
+      AbstractHttpClient client = (AbstractHttpClient)HttpClientUtil.createClient(null);
+      assertEquals(1, client.getAuthSchemes().getSchemeNames().size());
+      assertTrue(AuthSchemes.SPNEGO.equalsIgnoreCase(client.getAuthSchemes().getSchemeNames().get(0)));
+    } finally {
+      //Cleanup the system property.
+      System.clearProperty(Krb5HttpClientConfigurer.LOGIN_CONFIG_PROP);
+    }
+  }
+
   @Test
   public void testReplaceConfigurer() throws IOException{