Author: rvesse
Date: Fri Jun 28 17:55:57 2013
New Revision: 1497861
URL: http://svn.apache.org/r1497861
Log:
Allow PreemptiveBasicAuthenticator to do preemptive standard/proxy auth as
required (JENA-480)
Fix up other log4j properties files to include Apache HTTP settings
Modified:
jena/trunk/jena-arq/log4j.properties
jena/trunk/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/PreemptiveBasicAuthenticator.java
jena/trunk/jena-arq/src/test/resources/log4j-testing.properties
jena/trunk/jena-arq/src/test/resources/log4j.properties
Modified: jena/trunk/jena-arq/log4j.properties
URL:
http://svn.apache.org/viewvc/jena/trunk/jena-arq/log4j.properties?rev=1497861&r1=1497860&r2=1497861&view=diff
==============================================================================
--- jena/trunk/jena-arq/log4j.properties (original)
+++ jena/trunk/jena-arq/log4j.properties Fri Jun 28 17:55:57 2013
@@ -16,3 +16,7 @@ log4j.logger.org.apache.jena.riot=INFO
# Joseki server
log4j.logger.org.joseki=INFO
+
+# Apache Commons HTTP
+# May be useful to turn up to DEBUG if debugging HTTP communication issues
+log4j.logger.org.apache.http=WARN
Modified:
jena/trunk/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/PreemptiveBasicAuthenticator.java
URL:
http://svn.apache.org/viewvc/jena/trunk/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/PreemptiveBasicAuthenticator.java?rev=1497861&r1=1497860&r2=1497861&view=diff
==============================================================================
---
jena/trunk/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/PreemptiveBasicAuthenticator.java
(original)
+++
jena/trunk/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/PreemptiveBasicAuthenticator.java
Fri Jun 28 17:55:57 2013
@@ -20,6 +20,7 @@ package org.apache.jena.atlas.web.auth;
import java.net.URI;
import org.apache.http.HttpHost;
+import org.apache.http.auth.ChallengeState;
import org.apache.http.client.AuthCache;
import org.apache.http.client.protocol.ClientContext;
import org.apache.http.impl.auth.BasicScheme;
@@ -29,32 +30,61 @@ import org.apache.http.protocol.HttpCont
/**
* A decorator for other authenticators that may be used to enable preemptive
- * basic authentication. Note that preemptive basic authentication is less
- * secure because it can expose credentials to servers that do not require
them.
- *
+ * basic authentication.
+ * <p>
+ * It is <strong>important</strong> to note that preemptive basic
authentication
+ * is less secure because it can expose credentials to servers that do not
+ * require them.
+ * </p>
+ * <p>
+ * Doing preemptive authentication requires knowing in advance whether you will
+ * be doing standard or proxy authentication i.e. whether the remote server
will
+ * challenge with 401 or 407. If you need both you can take advantage of this
+ * being a decorator and simply layer multiple instances of this.
+ * </p>
*/
public class PreemptiveBasicAuthenticator implements HttpAuthenticator {
-
+
private HttpAuthenticator authenticator;
-
+ private boolean isProxy = false;
+
/**
* Creates a new decorator over the given authenticator
- * @param authenticator Authenticator to decorate
+ *
+ * @param authenticator
+ * Authenticator to decorate
*/
public PreemptiveBasicAuthenticator(HttpAuthenticator authenticator) {
- if (authenticator == null) throw new IllegalArgumentException("Must
provide an authenticator to decorate");
+ this(authenticator, false);
+ }
+
+ /**
+ * Creates a new decorator over the given authenticator
+ *
+ * @param authenticator
+ * Authenticator to decorate
+ * @param forProxy
+ * Whether preemptive authentication is for a proxy
+ */
+ public PreemptiveBasicAuthenticator(HttpAuthenticator authenticator,
boolean forProxy) {
+ if (authenticator == null)
+ throw new IllegalArgumentException("Must provide an authenticator
to decorate");
this.authenticator = authenticator;
}
@Override
public void apply(AbstractHttpClient client, HttpContext httpContext, URI
target) {
this.authenticator.apply(client, httpContext, target);
-
+
// Enable preemptive basic authentication
- AuthCache authCache = new BasicAuthCache();
- BasicScheme basicAuth = new BasicScheme();
+ // For nice layering we need to respect existing auth cache if present
+ AuthCache authCache = (AuthCache)
httpContext.getAttribute(ClientContext.AUTH_CACHE);
+ if (authCache == null)
+ authCache = new BasicAuthCache();
+ BasicScheme basicAuth = new BasicScheme(this.isProxy ?
ChallengeState.PROXY : ChallengeState.TARGET);
+ // TODO It is possible that this overwrites existing cached
credentials so potentially not ideal.
authCache.put(new HttpHost(target.getHost(), target.getPort()),
basicAuth);
- httpContext.setAttribute(ClientContext.AUTH_CACHE, authCache);
+ httpContext.setAttribute(ClientContext.AUTH_CACHE, authCache);
}
}
Modified: jena/trunk/jena-arq/src/test/resources/log4j-testing.properties
URL:
http://svn.apache.org/viewvc/jena/trunk/jena-arq/src/test/resources/log4j-testing.properties?rev=1497861&r1=1497860&r2=1497861&view=diff
==============================================================================
--- jena/trunk/jena-arq/src/test/resources/log4j-testing.properties (original)
+++ jena/trunk/jena-arq/src/test/resources/log4j-testing.properties Fri Jun 28
17:55:57 2013
@@ -15,4 +15,5 @@ log4j.logger.org.openjena=WARN
log4j.logger.org.openjena.riot=INFO
# Apache Commons HTTP
+# May be useful to switch to DEBUG if aiming to debug any HTTP communication
issues
log4j.logger.org.apache.http=WARN
Modified: jena/trunk/jena-arq/src/test/resources/log4j.properties
URL:
http://svn.apache.org/viewvc/jena/trunk/jena-arq/src/test/resources/log4j.properties?rev=1497861&r1=1497860&r2=1497861&view=diff
==============================================================================
--- jena/trunk/jena-arq/src/test/resources/log4j.properties (original)
+++ jena/trunk/jena-arq/src/test/resources/log4j.properties Fri Jun 28 17:55:57
2013
@@ -15,4 +15,5 @@ log4j.logger.org.openjena=WARN
log4j.logger.org.openjena.riot=INFO
# Apache Commons HTTP
+# May be useful to turn up to DEBUG if debugging HTTP communication issues
log4j.logger.org.apache.http=WARN