You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by Jean-Philippe Steinmetz <ca...@gmail.com> on 2010/03/12 01:45:13 UTC
Custom AuthScheme
Hello everyone,
I'm currently working with httpclient 4.1.alpha1 and am trying to create a
custom authorization scheme. I've got the scheme all coded up but i'm having
trouble actually getting it to execute with the client.
Here's how I am registering the scheme/creds to the client.
httpclient.getAuthSchemes().register("CUSTOM", new CustomSchemeFactory());
List<String> authpref = new ArrayList<String>();
authpref.add("CUSTOM");
httpclient.getParams().setParameter(AuthPNames.TARGET_AUTH_PREF, authpref);
httpclient.getCredentialsProvider().setCredentials(AuthScope.ANY, new
UsernamePasswordCredentials(username, password));
I have System.out messages all throughout my code including in the
SchemeFactory.newInstance function and i'm not getting any output when I
run. I can also confirm this even with a debugger. So what exactly am I
doing wrong here?
Also, is it possible to spit out the request, in it's entirety, right before
it's actually sent to the server? It would be greatly helpful in debugging
communication with the server.
Cheers,
Jean-Philippe Steinmetz
Re: Custom AuthScheme
Posted by Jean-Philippe Steinmetz <ca...@gmail.com>.
Understandable although in our case we don't use the scheme to
actually talk with Amazon. We've implemented the scheme in both client
and server form as our sole means of auth since it is easy, stateless,
very secure and doesn't require SSL overhead.
Just food for thouught. I'll create a JIRA ticket.
Cheers,
Jean-Philippe
On Mar 13, 2010, at 1:40 AM, Oleg Kalnichevski <ol...@apache.org> wrote:
> On Fri, 2010-03-12 at 13:25 -0800, Jean-Philippe Steinmetz wrote:
>> The implementation only depends on commons-codec and httpclient.
>> That's it!
>> =)
>>
>
> Jean-Philippe
>
> This certainly makes things easier.
>
> I am not sure a vendor specific auth scheme, which none of the actual
> project committers is able to support, should belong to the HttpClient
> proper, but we can certainly accept your code into the contrib (source
> only) package. If that is okay with you please feel free to go ahead
> and
> create a JIRA ticket for your contribution and attach the source
> code to
> it.
>
> Cheers
>
> Oleg
>
>
>> On Fri, Mar 12, 2010 at 12:12 PM, Oleg Kalnichevski
>> <ol...@apache.org>wrote:
>>
>>> Jean-Philippe Steinmetz wrote:
>>>
>>>> Hi Oleg,
>>>>
>>>> Thank you for your response. I realized my issue last night with
>>>> my scheme
>>>> not implementing challenge. I've been developing an
>>>> implementation of
>>>> Amazon
>>>> S3 authentication which requires no challenge. I didn't realize
>>>> that there
>>>> was a difference until I started reading more carefully about
>>>> preemptive
>>>> auth schemes. By setting up my scheme as preemptive I was able to
>>>> get it
>>>> to
>>>> work.
>>>>
>>>> On a side note if the project is interested in having an Amazon
>>>> S3 auth
>>>> implementation I'd be happy to submit it.
>>>>
>>>>
>>> Hi Jean-Philippe
>>>
>>> Does Amazon S3 auth implementation depend on any third party
>>> libraries, and
>>> if so, what license they are covered by?
>>>
>>> Oleg
>>>
>>>
>>> ---
>>> ------------------------------------------------------------------
>>> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
>>> For additional commands, e-mail: httpclient-users-help@hc.apache.org
>>>
>>>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org
Re: Custom AuthScheme
Posted by Oleg Kalnichevski <ol...@apache.org>.
On Fri, 2010-03-12 at 13:25 -0800, Jean-Philippe Steinmetz wrote:
> The implementation only depends on commons-codec and httpclient. That's it!
> =)
>
Jean-Philippe
This certainly makes things easier.
I am not sure a vendor specific auth scheme, which none of the actual
project committers is able to support, should belong to the HttpClient
proper, but we can certainly accept your code into the contrib (source
only) package. If that is okay with you please feel free to go ahead and
create a JIRA ticket for your contribution and attach the source code to
it.
Cheers
Oleg
> On Fri, Mar 12, 2010 at 12:12 PM, Oleg Kalnichevski <ol...@apache.org>wrote:
>
> > Jean-Philippe Steinmetz wrote:
> >
> >> Hi Oleg,
> >>
> >> Thank you for your response. I realized my issue last night with my scheme
> >> not implementing challenge. I've been developing an implementation of
> >> Amazon
> >> S3 authentication which requires no challenge. I didn't realize that there
> >> was a difference until I started reading more carefully about preemptive
> >> auth schemes. By setting up my scheme as preemptive I was able to get it
> >> to
> >> work.
> >>
> >> On a side note if the project is interested in having an Amazon S3 auth
> >> implementation I'd be happy to submit it.
> >>
> >>
> > Hi Jean-Philippe
> >
> > Does Amazon S3 auth implementation depend on any third party libraries, and
> > if so, what license they are covered by?
> >
> > Oleg
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> > For additional commands, e-mail: httpclient-users-help@hc.apache.org
> >
> >
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org
Re: Custom AuthScheme
Posted by Jean-Philippe Steinmetz <ca...@gmail.com>.
The implementation only depends on commons-codec and httpclient. That's it!
=)
On Fri, Mar 12, 2010 at 12:12 PM, Oleg Kalnichevski <ol...@apache.org>wrote:
> Jean-Philippe Steinmetz wrote:
>
>> Hi Oleg,
>>
>> Thank you for your response. I realized my issue last night with my scheme
>> not implementing challenge. I've been developing an implementation of
>> Amazon
>> S3 authentication which requires no challenge. I didn't realize that there
>> was a difference until I started reading more carefully about preemptive
>> auth schemes. By setting up my scheme as preemptive I was able to get it
>> to
>> work.
>>
>> On a side note if the project is interested in having an Amazon S3 auth
>> implementation I'd be happy to submit it.
>>
>>
> Hi Jean-Philippe
>
> Does Amazon S3 auth implementation depend on any third party libraries, and
> if so, what license they are covered by?
>
> Oleg
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
>
>
Re: Custom AuthScheme
Posted by Oleg Kalnichevski <ol...@apache.org>.
Jean-Philippe Steinmetz wrote:
> Hi Oleg,
>
> Thank you for your response. I realized my issue last night with my scheme
> not implementing challenge. I've been developing an implementation of Amazon
> S3 authentication which requires no challenge. I didn't realize that there
> was a difference until I started reading more carefully about preemptive
> auth schemes. By setting up my scheme as preemptive I was able to get it to
> work.
>
> On a side note if the project is interested in having an Amazon S3 auth
> implementation I'd be happy to submit it.
>
Hi Jean-Philippe
Does Amazon S3 auth implementation depend on any third party libraries,
and if so, what license they are covered by?
Oleg
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org
Re: Custom AuthScheme
Posted by Jean-Philippe Steinmetz <ca...@gmail.com>.
Hi Oleg,
Thank you for your response. I realized my issue last night with my scheme
not implementing challenge. I've been developing an implementation of Amazon
S3 authentication which requires no challenge. I didn't realize that there
was a difference until I started reading more carefully about preemptive
auth schemes. By setting up my scheme as preemptive I was able to get it to
work.
On a side note if the project is interested in having an Amazon S3 auth
implementation I'd be happy to submit it.
Jean-Philippe
On Fri, Mar 12, 2010 at 10:34 AM, Oleg Kalnichevski <ol...@apache.org>wrote:
> Jean-Philippe Steinmetz wrote:
>
>> Hello everyone,
>>
>> I'm currently working with httpclient 4.1.alpha1 and am trying to create a
>> custom authorization scheme. I've got the scheme all coded up but i'm
>> having
>> trouble actually getting it to execute with the client.
>>
>> Here's how I am registering the scheme/creds to the client.
>>
>> httpclient.getAuthSchemes().register("CUSTOM", new CustomSchemeFactory());
>> List<String> authpref = new ArrayList<String>();
>> authpref.add("CUSTOM");
>> httpclient.getParams().setParameter(AuthPNames.TARGET_AUTH_PREF,
>> authpref);
>> httpclient.getCredentialsProvider().setCredentials(AuthScope.ANY, new
>> UsernamePasswordCredentials(username, password));
>>
>> I have System.out messages all throughout my code including in the
>> SchemeFactory.newInstance function and i'm not getting any output when I
>> run. I can also confirm this even with a debugger. So what exactly am I
>> doing wrong here?
>>
>>
> I see nothing wrong with your code. However, if the server does not
> challenge the client with a auth request that includes CUSTOM scheme, the
> client-side auth scheme will never get executed.
>
>
>
> Also, is it possible to spit out the request, in it's entirety, right
>> before
>> it's actually sent to the server? It would be greatly helpful in debugging
>> communication with the server.
>>
>>
> Certainly. See http://hc.apache.org/httpcomponents-client/logging.html
>
> Oleg
>
>
> Cheers,
>>
>> Jean-Philippe Steinmetz
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
>
>
Re: Custom AuthScheme
Posted by Oleg Kalnichevski <ol...@apache.org>.
Jean-Philippe Steinmetz wrote:
> Hello everyone,
>
> I'm currently working with httpclient 4.1.alpha1 and am trying to create a
> custom authorization scheme. I've got the scheme all coded up but i'm having
> trouble actually getting it to execute with the client.
>
> Here's how I am registering the scheme/creds to the client.
>
> httpclient.getAuthSchemes().register("CUSTOM", new CustomSchemeFactory());
> List<String> authpref = new ArrayList<String>();
> authpref.add("CUSTOM");
> httpclient.getParams().setParameter(AuthPNames.TARGET_AUTH_PREF, authpref);
> httpclient.getCredentialsProvider().setCredentials(AuthScope.ANY, new
> UsernamePasswordCredentials(username, password));
>
> I have System.out messages all throughout my code including in the
> SchemeFactory.newInstance function and i'm not getting any output when I
> run. I can also confirm this even with a debugger. So what exactly am I
> doing wrong here?
>
I see nothing wrong with your code. However, if the server does not
challenge the client with a auth request that includes CUSTOM scheme,
the client-side auth scheme will never get executed.
> Also, is it possible to spit out the request, in it's entirety, right before
> it's actually sent to the server? It would be greatly helpful in debugging
> communication with the server.
>
Certainly. See http://hc.apache.org/httpcomponents-client/logging.html
Oleg
> Cheers,
>
> Jean-Philippe Steinmetz
>
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org