You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Jem <je...@gmail.com> on 2007/01/31 07:55:01 UTC
Trouble implementing Custom Authentication Scheme
Hello
I'm having trouble creating a custom authentication scheme. The following
section advises that its possible, but doesn't suggest how:
http://ws.apache.org/axis2/1_1_1/http-transport.html#preemptive_auth
I've trawled both the axis2 and commons-httpclient code and believe the most
direct approach is:
AuthPolicy.registerAuthScheme(MyScheme.NAME, MyScheme.class);
Options options = new Options();
HttpTransportProperties.Authenticator auth = new
HttpTransportProperties.Authenticator();
auth.setUsername("username");
auth.setPassword("password");
auth.setAuthSchemes(Arrays.asList(new String[]{MyScheme.NAME}));
options.setProperty(HTTPConstants.AUTHENTICATE, auth);
ConfigurationContext configContext = ...
ClientStub service = ...
ServiceClient client = service._getServiceClient();
client.getOptions().setProperty(HTTPConstants.AUTHENTICATE, auth);
Wow, quite a lot of work!
But then execution gets to
org.apache.axis2.transport.http.AbstractHTTPSender#setAuthenticationInfo.
This method has the following comment:
/*
This will handle server Authentication, It could be either NTLM, Digest
or Basic Authentication.
Apart from that user can change the priory or add a custom
authentication scheme.
*/
But it actually doesn't let me add a custom authentication scheme, as the
following code snippet illustrates:
/* Customizing the priority Order */
List schemes = authenticator.getAuthSchemes();
if (schemes != null && schemes.size() > 0) {
List authPrefs = new ArrayList(3);
for (int i = 0; i < schemes.size(); i++) {
if (schemes.get(i) instanceof AuthPolicy) {
authPrefs.add(schemes.get(i));
continue;
}
String scheme = (String) schemes.get(i);
if (
HttpTransportProperties.Authenticator.BASIC.equals(scheme)) {
authPrefs.add(AuthPolicy.BASIC);
} else if (
HttpTransportProperties.Authenticator.NTLM.equals(scheme)) {
authPrefs.add(AuthPolicy.NTLM);
} else if (
HttpTransportProperties.Authenticator.DIGEST.equals(scheme)) {
authPrefs.add(AuthPolicy.DIGEST);
}
}
agent.getParams().setParameter(
AuthPolicy.AUTH_SCHEME_PRIORITY,
authPrefs);
}
My scheme comes through as a String identifier and isn't 'basic', 'ntlm' or
'digest'.
It is also not an instance of AuthPolicy. This being a rather strange
abstract class from commons-httpclient with only static methods. It keeps an
ordered list of authentication methods which Axis doesn't access (at least
in my execution thread anyway).
So I'm quite lost now. Has anyone successfully implemented a custom auth
scheme with Axis2 1.1.1? Can I get some pointers?
TIA
Jem
--
http://seine.vox.com/
How's the serenity?
Re: Trouble implementing Custom Authentication Scheme
Posted by Jem <je...@gmail.com>.
Further investigations:
The class that declares it can add user defined AuthSchemes does this:
String scheme = (String) schemes.get(i);
if (
HttpTransportProperties.Authenticator.BASIC.equals(scheme)) {
> authPrefs.add(AuthPolicy.BASIC);
> } else if (
> HttpTransportProperties.Authenticator.NTLM.equals(scheme)) {
> authPrefs.add(AuthPolicy.NTLM);
> } else if (
> HttpTransportProperties.Authenticator.DIGEST.equals(scheme)) {
> authPrefs.add(AuthPolicy.DIGEST);
> }
Strangely the statics in HttpTransportProperties.Authenticator are set like
this:
/* Default Auth Schems*/
public static final String NTLM = AuthPolicy.NTLM;
public static final String DIGEST = AuthPolicy.DIGEST;
public static final String BASIC = AuthPolicy.BASIC;
As long as these definitions don't change, the code block could be
refactored to:
String scheme = (String) schemes.get(i);
if (AuthPolicy.BASIC.equals(scheme) ||
AuthPolicy.NTLM.equals(scheme) || AuthPolicy.DIGEST.equals(scheme)) {
> authPrefs.add(scheme);
> }
But given that the class should allow the user to add their own scheme, we
can enhance the code to the magnificent:
authPrefs.add((String) schemes.get(i));
If this is acceptable, how do I go about issuing a patch?
Jem
On 1/31/07, Jem <je...@gmail.com> wrote:
>
> Hello
>
> I'm having trouble creating a custom authentication scheme. The following
> section advises that its possible, but doesn't suggest how:
> http://ws.apache.org/axis2/1_1_1/http-transport.html#preemptive_auth
>
> I've trawled both the axis2 and commons-httpclient code and believe the
> most direct approach is:
>
> AuthPolicy.registerAuthScheme (MyScheme.NAME, MyScheme.class);
> Options options = new Options();
> HttpTransportProperties.Authenticator auth = new
> HttpTransportProperties.Authenticator();
> auth.setUsername("username");
> auth.setPassword("password");
> auth.setAuthSchemes(Arrays.asList(new String[]{MyScheme.NAME}));
> options.setProperty(HTTPConstants.AUTHENTICATE, auth);
> ConfigurationContext configContext = ...
> ClientStub service = ...
> ServiceClient client = service._getServiceClient();
> client.getOptions().setProperty(HTTPConstants.AUTHENTICATE, auth);
>
> Wow, quite a lot of work!
>
> But then execution gets to
> org.apache.axis2.transport.http.AbstractHTTPSender#setAuthenticationInfo.
> This method has the following comment:
> /*
> This will handle server Authentication, It could be either NTLM,
> Digest or Basic Authentication.
> Apart from that user can change the priory or add a custom
> authentication scheme.
> */
>
> But it actually doesn't let me add a custom authentication scheme, as the
> following code snippet illustrates:
>
> /* Customizing the priority Order */
> List schemes = authenticator.getAuthSchemes();
> if (schemes != null && schemes.size() > 0) {
> List authPrefs = new ArrayList(3);
> for (int i = 0; i < schemes.size(); i++) {
> if (schemes.get(i) instanceof AuthPolicy) {
> authPrefs.add(schemes.get(i));
> continue;
> }
> String scheme = (String) schemes.get(i);
> if (
> HttpTransportProperties.Authenticator.BASIC.equals(scheme)) {
> authPrefs.add(AuthPolicy.BASIC);
> } else if (
> HttpTransportProperties.Authenticator.NTLM.equals(scheme)) {
> authPrefs.add(AuthPolicy.NTLM);
> } else if (
> HttpTransportProperties.Authenticator.DIGEST.equals(scheme)) {
> authPrefs.add(AuthPolicy.DIGEST);
> }
> }
> agent.getParams().setParameter(
> AuthPolicy.AUTH_SCHEME_PRIORITY,
> authPrefs);
> }
>
> My scheme comes through as a String identifier and isn't 'basic', 'ntlm'
> or 'digest'.
>
> It is also not an instance of AuthPolicy. This being a rather strange
> abstract class from commons-httpclient with only static methods. It keeps an
> ordered list of authentication methods which Axis doesn't access (at least
> in my execution thread anyway).
>
> So I'm quite lost now. Has anyone successfully implemented a custom auth
> scheme with Axis2 1.1.1? Can I get some pointers?
>
> TIA
> Jem
>
> --
> http://seine.vox.com/
> How's the serenity?
--
http://seine.vox.com/
How's the serenity?