You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2013/09/03 11:28:35 UTC
svn commit: r1519613 - in /httpcomponents/httpclient/trunk: ./ winauth-jni/
winauth-jni/src/ winauth-jni/src/main/ winauth-jni/src/main/java/
winauth-jni/src/main/java/org/ winauth-jni/src/main/java/org/apache/
winauth-jni/src/main/java/org/apache/http...
Author: olegk
Date: Tue Sep 3 09:28:34 2013
New Revision: 1519613
URL: http://svn.apache.org/r1519613
Log:
HTTPCLIENT-1394: Support for Native windows Negotiate/NTLM via JNA
Contributed by Ryan McKinley <ryan at apache.org>
Added:
httpcomponents/httpclient/trunk/winauth-jni/
httpcomponents/httpclient/trunk/winauth-jni/pom.xml (with props)
httpcomponents/httpclient/trunk/winauth-jni/src/
httpcomponents/httpclient/trunk/winauth-jni/src/main/
httpcomponents/httpclient/trunk/winauth-jni/src/main/java/
httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/
httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/
httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/
httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/
httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/
httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/
httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/CurrentWindowsCredentials.java (with props)
httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNTLMSchemeFactory.java (with props)
httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNegotiateScheme.java (with props)
httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNegotiateSchemeFactory.java (with props)
httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/package-info.java (with props)
Modified:
httpcomponents/httpclient/trunk/RELEASE_NOTES.txt
httpcomponents/httpclient/trunk/pom.xml
Modified: httpcomponents/httpclient/trunk/RELEASE_NOTES.txt
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/RELEASE_NOTES.txt?rev=1519613&r1=1519612&r2=1519613&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/RELEASE_NOTES.txt (original)
+++ httpcomponents/httpclient/trunk/RELEASE_NOTES.txt Tue Sep 3 09:28:34 2013
@@ -37,6 +37,9 @@ Changelog
* [HTTPCLIENT-1371] Weak ETag Validation is Useful On PUT With If-Match
Contributed by James Leigh <james at 3roundstones dot com>
+* [HTTPCLIENT-1394] Support for Native windows Negotiate/NTLM via JNA
+ Contributed by Ryan McKinley <ryan at apache.org>
+
* [HTTPCLIENT-1384] Expose CacheInvalidator interface.
Contributed by Nicolas Richeton <nicolas.richeton at free.fr>
Modified: httpcomponents/httpclient/trunk/pom.xml
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/pom.xml?rev=1519613&r1=1519612&r2=1519613&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/pom.xml (original)
+++ httpcomponents/httpclient/trunk/pom.xml Tue Sep 3 09:28:34 2013
@@ -74,6 +74,7 @@
<junit.version>4.9</junit.version>
<easymock.version>2.5.2</easymock.version>
<mockito.version>1.8.5</mockito.version>
+ <jna.version>4.0.0</jna.version>
<hc.stylecheck.version>1</hc.stylecheck.version>
<api.comparison.version>4.2</api.comparison.version>
</properties>
@@ -123,6 +124,16 @@
<version>${memcached.version}</version>
</dependency>
<dependency>
+ <groupId>net.java.dev.jna</groupId>
+ <artifactId>jna</artifactId>
+ <version>${jna.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>net.java.dev.jna</groupId>
+ <artifactId>jna-platform</artifactId>
+ <version>${jna.version}</version>
+ </dependency>
+ <dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>${junit.version}</version>
@@ -153,6 +164,7 @@
<module>httpclient</module>
<module>httpmime</module>
<module>httpclient-cache</module>
+ <module>winauth-jni</module>
<module>fluent-hc</module>
<module>httpclient-osgi</module>
</modules>
Added: httpcomponents/httpclient/trunk/winauth-jni/pom.xml
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/winauth-jni/pom.xml?rev=1519613&view=auto
==============================================================================
--- httpcomponents/httpclient/trunk/winauth-jni/pom.xml (added)
+++ httpcomponents/httpclient/trunk/winauth-jni/pom.xml Tue Sep 3 09:28:34 2013
@@ -0,0 +1,119 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ====================================================================
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+ ====================================================================
+
+ This software consists of voluntary contributions made by many
+ individuals on behalf of the Apache Software Foundation. For more
+ information on the Apache Software Foundation, please see
+ <http://www.apache.org />.
+ -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpcomponents-client</artifactId>
+ <version>4.3-beta3-SNAPSHOT</version>
+ </parent>
+ <artifactId>winauth-jni</artifactId>
+ <name>Windows Integrated Auth</name>
+ <description>
+ Windows Integrated Authentication for Apache HttpClient via JNI
+ </description>
+ <url>http://hc.apache.org/httpcomponents-client</url>
+ <packaging>jar</packaging>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpclient</artifactId>
+ <version>${project.version}</version>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
+ <groupId>net.java.dev.jna</groupId>
+ <artifactId>jna</artifactId>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
+ <groupId>net.java.dev.jna</groupId>
+ <artifactId>jna-platform</artifactId>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+
+ <reporting>
+ <plugins>
+
+ <plugin>
+ <artifactId>maven-javadoc-plugin</artifactId>
+ <version>${hc.javadoc.version}</version>
+ <configuration>
+ <!-- reduce console output. Can override with -Dquiet=false -->
+ <quiet>true</quiet>
+ <source>${maven.compiler.source}</source>
+ <links>
+ <link>http://download.oracle.com/javase/1.5.0/docs/api/</link>
+ <link>http://hc.apache.org/httpcomponents-core-ga/httpcore/apidocs/</link>
+ </links>
+ </configuration>
+ <reportSets>
+ <reportSet>
+ <reports>
+ <report>javadoc</report>
+ </reports>
+ </reportSet>
+ </reportSets>
+ </plugin>
+
+ <plugin>
+ <artifactId>maven-project-info-reports-plugin</artifactId>
+ <version>${hc.project-info.version}</version>
+ <inherited>false</inherited>
+ <reportSets>
+ <reportSet>
+ <reports>
+ <report>dependencies</report>
+ <report>dependency-info</report>
+ <report>summary</report>
+ </reports>
+ </reportSet>
+ </reportSets>
+ </plugin>
+
+ <plugin>
+ <artifactId>maven-jxr-plugin</artifactId>
+ <version>${hc.jxr.version}</version>
+ </plugin>
+
+ <plugin>
+ <artifactId>maven-surefire-report-plugin</artifactId>
+ <version>${hc.surefire-report.version}</version>
+ </plugin>
+
+ </plugins>
+ </reporting>
+
+</project>
Propchange: httpcomponents/httpclient/trunk/winauth-jni/pom.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: httpcomponents/httpclient/trunk/winauth-jni/pom.xml
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: httpcomponents/httpclient/trunk/winauth-jni/pom.xml
------------------------------------------------------------------------------
svn:mime-type = text/xml
Added: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/CurrentWindowsCredentials.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/CurrentWindowsCredentials.java?rev=1519613&view=auto
==============================================================================
--- httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/CurrentWindowsCredentials.java (added)
+++ httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/CurrentWindowsCredentials.java Tue Sep 3 09:28:34 2013
@@ -0,0 +1,108 @@
+/*
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation. For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.http.impl.auth.win;
+
+import java.io.Serializable;
+import java.security.Principal;
+
+import org.apache.http.annotation.Immutable;
+import org.apache.http.auth.Credentials;
+
+import com.sun.jna.platform.win32.Secur32Util;
+import com.sun.jna.platform.win32.Secur32.EXTENDED_NAME_FORMAT;
+
+/**
+ * Returns the current Windows user credentials
+ * <p/>
+ * EXPERIMENTAL
+ *
+ * @since 4.3
+ */
+@Immutable
+public class CurrentWindowsCredentials implements Credentials, Serializable, Principal {
+
+ private static final long serialVersionUID = 4361166468529298169L;
+
+ /**
+ * Get the SAM-compatible username of the currently logged-on user.
+ *
+ * @return String.
+ */
+ public static String getCurrentUsername() {
+ return Secur32Util.getUserNameEx(EXTENDED_NAME_FORMAT.NameSamCompatible);
+ }
+
+ private CurrentWindowsCredentials() {
+ }
+
+ private static class LazyHolder {
+ private static final CurrentWindowsCredentials INSTANCE = new CurrentWindowsCredentials();
+ }
+
+ public static CurrentWindowsCredentials get() {
+ return LazyHolder.INSTANCE;
+ }
+
+ public Principal getUserPrincipal() {
+ return this;
+ }
+
+ @Override
+ public int hashCode() {
+ return 245678; // always the same?
+ }
+
+ @Override
+ public boolean equals(final Object o) {
+ if (this == o) return true;
+ if (o instanceof CurrentWindowsCredentials) {
+ return true;
+ }
+ return false;
+ }
+
+ @Override
+ public String toString() {
+ return getCurrentUsername();
+ }
+
+ /**
+ * Returns an empty password
+ */
+ public String getPassword() {
+ return "";
+ }
+
+ public String getName() {
+ return getCurrentUsername();
+ }
+
+}
+
+
+
Propchange: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/CurrentWindowsCredentials.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/CurrentWindowsCredentials.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/CurrentWindowsCredentials.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNTLMSchemeFactory.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNTLMSchemeFactory.java?rev=1519613&view=auto
==============================================================================
--- httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNTLMSchemeFactory.java (added)
+++ httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNTLMSchemeFactory.java Tue Sep 3 09:28:34 2013
@@ -0,0 +1,54 @@
+/*
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation. For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.http.impl.auth.win;
+
+import org.apache.http.annotation.Immutable;
+import org.apache.http.auth.AuthScheme;
+import org.apache.http.auth.AuthSchemeProvider;
+import org.apache.http.client.config.AuthSchemes;
+import org.apache.http.protocol.HttpContext;
+
+/**
+ * {@link AuthSchemeProvider} implementation that creates and initializes
+ * {@link WindowsNegotiateScheme} using JNA to implement NTLM
+ * <p/>
+ * EXPERIMENTAL
+ *
+ * @since 4.3
+ */
+@Immutable
+public class WindowsNTLMSchemeFactory implements AuthSchemeProvider {
+
+ public AuthScheme create(final HttpContext context) {
+ return new WindowsNegotiateScheme(AuthSchemes.NTLM);
+ }
+
+}
+
+
+
Propchange: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNTLMSchemeFactory.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNTLMSchemeFactory.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNTLMSchemeFactory.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNegotiateScheme.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNegotiateScheme.java?rev=1519613&view=auto
==============================================================================
--- httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNegotiateScheme.java (added)
+++ httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNegotiateScheme.java Tue Sep 3 09:28:34 2013
@@ -0,0 +1,263 @@
+/*
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation. For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+package org.apache.http.impl.auth.win;
+
+import java.util.Locale;
+
+import org.apache.commons.codec.binary.Base64;
+import org.apache.http.Header;
+import org.apache.http.HttpRequest;
+import org.apache.http.annotation.NotThreadSafe;
+import org.apache.http.auth.AUTH;
+import org.apache.http.auth.AuthenticationException;
+import org.apache.http.auth.Credentials;
+import org.apache.http.auth.InvalidCredentialsException;
+import org.apache.http.auth.MalformedChallengeException;
+import org.apache.http.client.config.AuthSchemes;
+import org.apache.http.impl.auth.AuthSchemeBase;
+import org.apache.http.message.BufferedHeader;
+import org.apache.http.protocol.HttpContext;
+import org.apache.http.util.CharArrayBuffer;
+
+import com.sun.jna.platform.win32.Secur32;
+import com.sun.jna.platform.win32.Sspi;
+import com.sun.jna.platform.win32.Sspi.CredHandle;
+import com.sun.jna.platform.win32.Sspi.CtxtHandle;
+import com.sun.jna.platform.win32.Sspi.SecBufferDesc;
+import com.sun.jna.platform.win32.Sspi.TimeStamp;
+import com.sun.jna.platform.win32.Win32Exception;
+import com.sun.jna.platform.win32.WinError;
+import com.sun.jna.ptr.IntByReference;
+
+/**
+ * Auth scheme that makes use of JNA to implement Negotiate & NTLM on Windows Platforms.
+ * <p/>
+ * This will delegate negotiation to the windows machine.
+ * <p/>
+ * EXPERIMENTAL
+ *
+ * @since 4.3
+ */
+@NotThreadSafe
+public class WindowsNegotiateScheme extends AuthSchemeBase {
+
+ public static boolean isAvaliable() {
+ String os = System.getProperty("os.name");
+ os = os != null ? os.toLowerCase(Locale.US) : null;
+ if (os != null && os.contains("windows")) {
+ try {
+ return Sspi.MAX_TOKEN_SIZE > 0;
+ } catch (Exception ignore) { // Likely ClassNotFound
+ return false;
+ }
+ }
+ return false;
+ }
+
+ // NTLM or Negotiate
+ private final String scheme;
+
+ private CredHandle clientCred;
+ private CtxtHandle sppicontext;
+ private boolean continueNeeded;
+ private String challenge;
+
+ public WindowsNegotiateScheme(final String scheme) {
+ super();
+
+ this.scheme = (scheme == null) ? AuthSchemes.SPNEGO : scheme;
+ this.challenge = null;
+ this.continueNeeded = true;
+ }
+
+ public void dispose() {
+ if (clientCred != null && !clientCred.isNull()) {
+ final int rc = Secur32.INSTANCE.FreeCredentialsHandle(clientCred);
+ if (WinError.SEC_E_OK != rc) {
+ throw new Win32Exception(rc);
+ }
+ }
+ if (sppicontext != null && !sppicontext.isNull()) {
+ final int rc = Secur32.INSTANCE.DeleteSecurityContext(sppicontext);
+ if (WinError.SEC_E_OK != rc) {
+ throw new Win32Exception(rc);
+ }
+ }
+ continueNeeded = true; // waiting
+ clientCred = null;
+ sppicontext = null;
+ }
+
+ @Override
+ public void finalize() throws Throwable {
+ dispose();
+ super.finalize();
+ }
+
+ public String getSchemeName() {
+ return scheme;
+ }
+
+ // String parameters not supported
+ public String getParameter(final String name) {
+ return null;
+ }
+
+ // NTLM/Negotiate do not support authentication realms
+ public String getRealm() {
+ return null;
+ }
+
+ public boolean isConnectionBased() {
+ return true;
+ }
+
+
+ @Override
+ protected void parseChallenge(
+ final CharArrayBuffer buffer,
+ final int beginIndex,
+ final int endIndex) throws MalformedChallengeException {
+ this.challenge = buffer.substringTrimmed(beginIndex, endIndex);
+
+ if (this.challenge.length() == 0) {
+ if (clientCred != null) {
+ if (continueNeeded) {
+ throw new RuntimeException("Unexpected token");
+ }
+ dispose();
+ }
+ }
+ }
+
+ @Override
+ public Header authenticate(
+ final Credentials credentials,
+ final HttpRequest request,
+ final HttpContext context) throws AuthenticationException {
+
+ final String response;
+ if (clientCred == null) {
+ // ?? We don't use the credentials, should we allow anything?
+ if (!(credentials instanceof CurrentWindowsCredentials)) {
+ throw new InvalidCredentialsException(
+ "Credentials cannot be used for " + getSchemeName() + " authentication: "
+ + credentials.getClass().getName());
+ }
+
+ // client credentials handle
+ try {
+ final String username = CurrentWindowsCredentials.getCurrentUsername();
+ final TimeStamp lifetime = new TimeStamp();
+
+ clientCred = new CredHandle();
+ final int rc = Secur32.INSTANCE.AcquireCredentialsHandle(username,
+ scheme, Sspi.SECPKG_CRED_OUTBOUND, null, null, null, null,
+ clientCred, lifetime);
+
+ if (WinError.SEC_E_OK != rc) {
+ throw new Win32Exception(rc);
+ }
+
+ response = getToken(null, null, username);
+ } catch (Throwable t) {
+ dispose();
+ throw new AuthenticationException("Authentication Failed", t);
+ }
+ } else if (this.challenge == null || this.challenge.length() == 0) {
+ dispose();
+ throw new AuthenticationException("Authentication Failed");
+ } else {
+ try {
+ final byte[] continueTokenBytes = Base64.decodeBase64(this.challenge);
+ final SecBufferDesc continueTokenBuffer = new SecBufferDesc(
+ Sspi.SECBUFFER_TOKEN, continueTokenBytes);
+ response = getToken(this.sppicontext, continueTokenBuffer, "localhost");
+ } catch (Throwable t) {
+ dispose();
+ throw new AuthenticationException("Authentication Failed", t);
+ }
+ }
+
+ final CharArrayBuffer buffer = new CharArrayBuffer(scheme.length() + 30);
+ if (isProxy()) {
+ buffer.append(AUTH.PROXY_AUTH_RESP);
+ } else {
+ buffer.append(AUTH.WWW_AUTH_RESP);
+ }
+ buffer.append(": ");
+ buffer.append(scheme); // NTLM or Negotiate
+ buffer.append(" ");
+ buffer.append(response);
+ return new BufferedHeader(buffer);
+ }
+
+ /**
+ * @see http://msdn.microsoft.com/en-us/library/windows/desktop/aa375506(v=vs.85).aspx
+ */
+ private String getToken(
+ final CtxtHandle continueCtx,
+ final SecBufferDesc continueToken,
+ final String targetName) {
+ final IntByReference attr = new IntByReference();
+ final SecBufferDesc token = new SecBufferDesc(
+ Sspi.SECBUFFER_TOKEN, Sspi.MAX_TOKEN_SIZE);
+
+ sppicontext = new CtxtHandle();
+ final int rc = Secur32.INSTANCE.InitializeSecurityContext(clientCred,
+ continueCtx, targetName, Sspi.ISC_REQ_CONNECTION, 0,
+ Sspi.SECURITY_NATIVE_DREP, continueToken, 0, sppicontext, token,
+ attr, null);
+ switch (rc) {
+ case WinError.SEC_I_CONTINUE_NEEDED:
+ continueNeeded = true;
+ break;
+ case WinError.SEC_E_OK:
+ dispose(); // Don't keep the context
+ continueNeeded = false;
+ break;
+ default:
+ dispose();
+ throw new Win32Exception(rc);
+ }
+ return Base64.encodeBase64String(token.getBytes());
+ }
+
+ public boolean isComplete() {
+ return !continueNeeded;
+ }
+
+ @Deprecated
+ public Header authenticate(
+ final Credentials credentials,
+ final HttpRequest request) throws AuthenticationException {
+ return authenticate(credentials, request, null);
+ }
+
+}
+
+
Propchange: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNegotiateScheme.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNegotiateScheme.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNegotiateScheme.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNegotiateSchemeFactory.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNegotiateSchemeFactory.java?rev=1519613&view=auto
==============================================================================
--- httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNegotiateSchemeFactory.java (added)
+++ httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNegotiateSchemeFactory.java Tue Sep 3 09:28:34 2013
@@ -0,0 +1,53 @@
+/*
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation. For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.http.impl.auth.win;
+
+import org.apache.http.annotation.Immutable;
+import org.apache.http.auth.AuthScheme;
+import org.apache.http.auth.AuthSchemeProvider;
+import org.apache.http.client.config.AuthSchemes;
+import org.apache.http.protocol.HttpContext;
+
+/**
+ * {@link AuthSchemeProvider} implementation that creates and initializes
+ * {@link WindowsNegotiateScheme} using JNA to Negotiate credentials
+ * <p/>
+ * EXPERIMENTAL
+ *
+ * @since 4.3
+ */
+@Immutable
+public class WindowsNegotiateSchemeFactory implements AuthSchemeProvider {
+
+ public AuthScheme create(final HttpContext context) {
+ return new WindowsNegotiateScheme(AuthSchemes.SPNEGO);
+ }
+
+}
+
+
Propchange: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNegotiateSchemeFactory.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNegotiateSchemeFactory.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/WindowsNegotiateSchemeFactory.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/package-info.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/package-info.java?rev=1519613&view=auto
==============================================================================
--- httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/package-info.java (added)
+++ httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/package-info.java Tue Sep 3 09:28:34 2013
@@ -0,0 +1,34 @@
+/*
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation. For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+/**
+ * Auth scheme that makes use of JNA to implement Negotiate & NTLM on Windows Platforms.
+ * <p/>
+ * Please note this class is considered experimental and may be discontinued or removed
+ * in the future.
+ */
+package org.apache.http.impl.auth.win;
Propchange: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/package-info.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/package-info.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: httpcomponents/httpclient/trunk/winauth-jni/src/main/java/org/apache/http/impl/auth/win/package-info.java
------------------------------------------------------------------------------
svn:mime-type = text/plain