FCREPO-576: Moving away from deprecated HttpCommons Client API
Project: http://git-wip-us.apache.org/repos/asf/jena/repo Commit: http://git-wip-us.apache.org/repos/asf/jena/commit/2e8fc564 Tree: http://git-wip-us.apache.org/repos/asf/jena/tree/2e8fc564 Diff: http://git-wip-us.apache.org/repos/asf/jena/diff/2e8fc564 Branch: refs/heads/master Commit: 2e8fc564b349f5b2314d8db8e15c1afb0bdbf2dc Parents: 8210456 Author: ajs6f <aj...@virginia.edu> Authored: Wed Jul 6 16:42:05 2016 -0400 Committer: ajs6f <aj...@virginia.edu> Committed: Thu Oct 13 16:07:46 2016 -0400 ---------------------------------------------------------------------- .../auth/AbstractCredentialsAuthenticator.java | 114 ------ .../web/auth/AbstractScopedAuthenticator.java | 151 -------- .../atlas/web/auth/ApacheModAuthFormLogin.java | 49 --- .../atlas/web/auth/DelegatingAuthenticator.java | 89 ----- .../apache/jena/atlas/web/auth/FormLogin.java | 120 ------ .../jena/atlas/web/auth/FormsAuthenticator.java | 202 ----------- .../jena/atlas/web/auth/HttpAuthenticator.java | 69 ---- .../web/auth/PreemptiveBasicAuthenticator.java | 109 ------ .../atlas/web/auth/ScopedAuthenticator.java | 101 ------ .../atlas/web/auth/ScopedNTAuthenticator.java | 137 ------- .../atlas/web/auth/ServiceAuthenticator.java | 129 ------- .../atlas/web/auth/SimpleAuthenticator.java | 78 ---- .../atlas/web/auth/SimpleNTAuthenticator.java | 71 ---- .../jena/query/DatasetAccessorFactory.java | 10 +- .../jena/query/QueryExecutionFactory.java | 48 +-- .../java/org/apache/jena/riot/web/HttpOp.java | 361 ++++--------------- .../jena/sparql/engine/http/HttpQuery.java | 132 ++----- .../sparql/engine/http/QueryEngineHTTP.java | 83 ++--- .../apache/jena/sparql/engine/http/Service.java | 20 +- .../jena/sparql/modify/UpdateProcessRemote.java | 15 +- .../sparql/modify/UpdateProcessRemoteBase.java | 72 ++-- .../sparql/modify/UpdateProcessRemoteForm.java | 17 +- .../org/apache/jena/sparql/util/Context.java | 7 +- .../jena/update/UpdateExecutionFactory.java | 52 +-- .../jena/web/DatasetGraphAccessorHTTP.java | 51 +-- .../jena/sparql/engine/http/TestService.java | 32 +- .../java/org/apache/jena/fuseki/TestAuth.java | 126 +++---- 27 files changed, 323 insertions(+), 2122 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/jena/blob/2e8fc564/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/AbstractCredentialsAuthenticator.java ---------------------------------------------------------------------- diff --git a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/AbstractCredentialsAuthenticator.java b/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/AbstractCredentialsAuthenticator.java deleted file mode 100644 index daa3fef..0000000 --- a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/AbstractCredentialsAuthenticator.java +++ /dev/null @@ -1,114 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.jena.atlas.web.auth; - -import java.net.URI; - -import org.apache.http.HttpHost; -import org.apache.http.auth.AuthScope; -import org.apache.http.auth.Credentials; -import org.apache.http.auth.UsernamePasswordCredentials; -import org.apache.http.client.CredentialsProvider; -import org.apache.http.impl.client.AbstractHttpClient; -import org.apache.http.impl.client.BasicCredentialsProvider; -import org.apache.http.protocol.HttpContext; - -/** - * Abstract authenticator that uses user name and password credentials - * - */ -public abstract class AbstractCredentialsAuthenticator implements HttpAuthenticator { - - @Override - public void apply(AbstractHttpClient client, HttpContext context, URI target) { - // At least a user name is required or no authentication will be done - if (!this.hasUserName(target)) - return; - - // Be careful to scope credentials to the specific URI so that - // HttpClient won't try and send them to other servers - HttpHost host = new HttpHost(target.getHost(), target.getPort()); - CredentialsProvider provider = new BasicCredentialsProvider(); - - provider.setCredentials(new AuthScope(host), this.createCredentials(target)); - - client.setCredentialsProvider(provider); - } - - @Override - public void invalidate() { - // Does nothing by default - } - - /** - * Creates the credentials used to authenticate - * <p> - * This default implementation simply returns a - * {@link UsernamePasswordCredentials} instance, derived implementations may - * need to override this - * </p> - * - * @param target - * Target URI - * @return Credentials - */ - protected Credentials createCredentials(URI target) { - String user = this.getUserName(target); - char[] password = this.getPassword(target); - return password != null ? new UsernamePasswordCredentials(user, new String(password)) : new UsernamePasswordCredentials( - user, ""); - } - - /** - * Gets whether there is a user name available for the target URI - * - * @param target - * Target - * @return True if a user name is available, false otherwise - */ - protected abstract boolean hasUserName(URI target); - - /** - * Gets the user name for the target URI - * - * @param target - * Target - * @return User name or null if none available - */ - protected abstract String getUserName(URI target); - - /** - * Gets whether there is a password available for the target URI - * - * @param target - * Target - * @return True if a password is available, false otherwise - */ - protected abstract boolean hasPassword(URI target); - - /** - * Gets the password for the target URI - * - * @param target - * Target - * @return Password or null if none available - */ - protected abstract char[] getPassword(URI target); - -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/jena/blob/2e8fc564/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/AbstractScopedAuthenticator.java ---------------------------------------------------------------------- diff --git a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/AbstractScopedAuthenticator.java b/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/AbstractScopedAuthenticator.java deleted file mode 100644 index c3892f0..0000000 --- a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/AbstractScopedAuthenticator.java +++ /dev/null @@ -1,151 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.jena.atlas.web.auth; - -import java.net.URI; -import java.net.URISyntaxException; - -/** - * <p> - * An abstract helper for authenticators which scope credentials to URIs - * </p> - * <h3>Credentials Scope</h3> - * <p> - * Note that credentials are not necessarily considered to be exclusively scoped - * to the exact URI rather they are scoped to any URI derived from the given - * URI. For example if you declared credentials for {@code http://example.org} - * they would also apply to {@code http://example.org/some/path/}. When - * determining credentials the longest match applies, so in the previous example - * you could define different credentials for the two URIs and URIs derived from - * {@code http://example.org/some/path/} would prefer the credentials for that - * URI over those for {@code http://example.org} - * </p> - * <p> - * Implementations that wish to follow the above scoping policy should make use - * of the findCredentials method - * </p> - * - * @param <T> - * Type used to store credential information - */ -public abstract class AbstractScopedAuthenticator<T> extends AbstractCredentialsAuthenticator { - - @Override - protected final String getUserName(URI target) { - return getUserNameFromCredentials(this.findCredentials(target)); - } - - @Override - protected final char[] getPassword(URI target) { - return getPasswordFromCredentials(this.findCredentials(target)); - } - - @Override - protected final boolean hasUserName(URI target) { - return this.getUserName(target) != null; - } - - @Override - protected final boolean hasPassword(URI target) { - return this.getPassword(target) != null; - } - - /** - * Gets the credentials associated with the exact URI given - * <p> - * Called from {@link #findCredentials(URI)} as part of the credential - * lookup process - * </p> - * - * @param target - * Target URI - * @return Credentials - */ - protected abstract T getCredentials(URI target); - - /** - * Extract the user name from the given credentials - * - * @param credentials - * Credentials - * @return User Name - */ - protected abstract String getUserNameFromCredentials(T credentials); - - /** - * Extract the password from the given credentials - * - * @param credentials - * Credentials - * @return Password - */ - protected abstract char[] getPasswordFromCredentials(T credentials); - - /** - * Finds credentials for the given URI using a longest match approach - * - * @param target - * @return T - */ - protected final T findCredentials(URI target) { - // Try URI as-is to start with - T creds = this.getCredentials(target); - - try { - // If that fails strip down the URI recursively - while (creds == null) { - if (target.getFragment() != null) { - // If it has a fragment strip that off - target = new URI(target.getScheme(), target.getUserInfo(), target.getHost(), target.getPort(), - target.getPath(), target.getQuery(), null); - } else if (target.getQuery() != null) { - // If it has a query string strip that off - target = new URI(target.getScheme(), target.getUserInfo(), target.getHost(), target.getPort(), - target.getPath(), null, null); - } else if (target.getPath() != null) { - // Try and strip off last segment of the path - String currPath = target.getPath(); - if (currPath.endsWith("/")) { - currPath = currPath.substring(0, currPath.length() - 1); - if (currPath.length() == 0) - currPath = null; - target = new URI(target.getScheme(), target.getUserInfo(), target.getHost(), target.getPort(), currPath, - null, null); - } else if (currPath.contains("/")) { - currPath = currPath.substring(0, currPath.lastIndexOf('/') + 1); - if (currPath.length() == 0) - currPath = null; - target = new URI(target.getScheme(), target.getUserInfo(), target.getHost(), target.getPort(), currPath, - null, null); - } else { - // If path is non-null it must always contain a / - // otherwise it would be an invalid path - // In this case bail out - return null; - } - } - - creds = this.getCredentials(target); - } - return creds; - } catch (URISyntaxException e) { - // If we generate a malformed URL then bail out - return null; - } - } -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/jena/blob/2e8fc564/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/ApacheModAuthFormLogin.java ---------------------------------------------------------------------- diff --git a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/ApacheModAuthFormLogin.java b/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/ApacheModAuthFormLogin.java deleted file mode 100644 index bd9f421..0000000 --- a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/ApacheModAuthFormLogin.java +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.jena.atlas.web.auth; - -/** - * Represents form login credentials where form logins are against Apache - * mod_auth_form secured servers using default form field configuration - * - */ -public class ApacheModAuthFormLogin extends FormLogin { - - /** - * Default user field used by Apache mod_auth_form configurations - */ - public static final String USER_FIELD = "httpd_username"; - /** - * Default password field used by Apache mod_auth_form configurations - */ - public static final String PASSWORD_FIELD = "httpd_password"; - - /** - * Creates new form login credentials - * - * @param loginFormURL - * Login Form URL - * @param username - * User name - * @param password - * Password - */ - public ApacheModAuthFormLogin(String loginFormURL, String username, char[] password) { - super(loginFormURL, USER_FIELD, PASSWORD_FIELD, username, password); - } -} http://git-wip-us.apache.org/repos/asf/jena/blob/2e8fc564/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/DelegatingAuthenticator.java ---------------------------------------------------------------------- diff --git a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/DelegatingAuthenticator.java b/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/DelegatingAuthenticator.java deleted file mode 100644 index 9373c6e..0000000 --- a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/DelegatingAuthenticator.java +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.jena.atlas.web.auth; - -import java.net.URI; -import java.util.HashMap; -import java.util.Map; - -import org.apache.http.impl.client.AbstractHttpClient; -import org.apache.http.protocol.HttpContext; - -/** - * A scoped authenticator which is actually a wrapper around other - * authenticators and thus can be used to mix and match different authentication - * mechanisms to different services as desired - * - */ -public class DelegatingAuthenticator extends AbstractScopedAuthenticator<HttpAuthenticator> { - - private Map<URI, HttpAuthenticator> authenticators = new HashMap<>(); - - /** - * Creates a new delegating authenticator - * - * @param target - * Target URI - * @param authenticator - * Authenticator to delegate to - */ - public DelegatingAuthenticator(URI target, HttpAuthenticator authenticator) { - if (target == null) - throw new IllegalArgumentException("Target URI cannot be null"); - this.authenticators.put(target, authenticator); - } - - /** - * Creates a new delegating authenticator - * - * @param authenticators - * Mapping between URIs and authenticators - */ - public DelegatingAuthenticator(Map<URI, HttpAuthenticator> authenticators) { - this.authenticators.putAll(authenticators); - } - - @Override - public void apply(AbstractHttpClient client, HttpContext context, URI target) { - HttpAuthenticator authenticator = this.findCredentials(target); - if (authenticator != null) { - authenticator.apply(client, context, target); - } - } - - @Override - protected HttpAuthenticator getCredentials(URI target) { - return this.authenticators.get(target); - } - - @Override - protected String getUserNameFromCredentials(HttpAuthenticator credentials) { - // Not used by this implementation because we override apply() so this - // will never be needed and regardless isn't available - return null; - } - - @Override - protected char[] getPasswordFromCredentials(HttpAuthenticator credentials) { - // Not used by this implementation because we override apply() so this - // will never be needed and regardless isn't available - return null; - } - -} http://git-wip-us.apache.org/repos/asf/jena/blob/2e8fc564/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/FormLogin.java ---------------------------------------------------------------------- diff --git a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/FormLogin.java b/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/FormLogin.java deleted file mode 100644 index db08864..0000000 --- a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/FormLogin.java +++ /dev/null @@ -1,120 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.jena.atlas.web.auth; - -import java.io.UnsupportedEncodingException; -import java.util.ArrayList; -import java.util.List; - -import org.apache.http.HttpEntity; -import org.apache.http.NameValuePair; -import org.apache.http.client.CookieStore; -import org.apache.http.client.entity.UrlEncodedFormEntity; -import org.apache.http.message.BasicNameValuePair; - -/** - * Represents form login credentials - * - */ -public class FormLogin { - - private String loginForm, loginUserField, loginPasswordField, username; - private char[] password; - private CookieStore cookies; - - /** - * Creates new form login credentials - * - * @param loginFormURL - * Login Form URL - * @param loginUserField - * Login Form User field name - * @param loginPasswordField - * Login Form Password field name - * @param username - * User name - * @param password - * Password - */ - public FormLogin(String loginFormURL, String loginUserField, String loginPasswordField, String username, char[] password) { - this.loginForm = loginFormURL; - this.loginUserField = loginUserField; - this.loginPasswordField = loginPasswordField; - this.username = username; - this.password = password; - } - - /** - * Gets the login form URL - * - * @return Login Form URL - */ - public String getLoginFormURL() { - return this.loginForm; - } - - /** - * Gets the HTTP Entity for the Login request - * - * @return Login request entity - * @throws UnsupportedEncodingException - * Thrown if the platform does not support UTF-8 - */ - public HttpEntity getLoginEntity() throws UnsupportedEncodingException { - List<NameValuePair> nvps = new ArrayList<>(); - nvps.add(new BasicNameValuePair(this.loginUserField, this.username)); - nvps.add(new BasicNameValuePair(this.loginPasswordField, new String(this.password))); - - return new UrlEncodedFormEntity(nvps, "UTF-8"); - } - - /** - * Gets whether any cookies are associated with this login - * - * @return True if there are cookies, false otherwise - */ - public boolean hasCookies() { - return this.cookies != null; - } - - /** - * Gets cookies associated with this login - * - * @return Cookies - */ - public CookieStore getCookies() { - return this.cookies; - } - - /** - * Sets cookies associated with this login - * - * @param cookies - */ - public void setCookies(CookieStore cookies) { - this.cookies = cookies; - } - - /** - * Clears cookies associated with login, may be useful if you need to force - * a fresh login attempt for any reason. - */ - public void clearCookies() { - this.cookies = null; - } -} http://git-wip-us.apache.org/repos/asf/jena/blob/2e8fc564/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/FormsAuthenticator.java ---------------------------------------------------------------------- diff --git a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/FormsAuthenticator.java b/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/FormsAuthenticator.java deleted file mode 100644 index 17a93ae..0000000 --- a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/FormsAuthenticator.java +++ /dev/null @@ -1,202 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.jena.atlas.web.auth; - -import java.io.IOException; -import java.io.UnsupportedEncodingException; -import java.net.URI; -import java.util.Calendar; -import java.util.HashMap; -import java.util.Map; - -import org.apache.http.HttpResponse; -import org.apache.http.client.CookieStore; -import org.apache.http.client.methods.HttpPost; -import org.apache.http.impl.client.AbstractHttpClient; -import org.apache.http.impl.client.BasicCookieStore; -import org.apache.http.protocol.HttpContext; -import org.apache.jena.atlas.web.HttpException; -import org.apache.jena.riot.web.HttpOp; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * <p> - * An authenticator capable of making Form based logins and using cookies to - * maintain authentication state. Different logins may be used for different - * services as required. - * </p> - * <h3>Login Scope</h3> - * <p> - * Note that logins are not exclusively scoped to the exact URI rather they are - * scoped to any URI derived from the given URI. For example if you declared - * logins for {@code http://example.org} they would also apply to - * {@code http://example.org/some/path/}. When determining credentials the - * longest match applies, so in the previous example you could define different - * logins for the two URIs and URIs derived from - * {@code http://example.org/some/path/} would prefer the login for that URI - * over those for {@code http://example.org} - * </p> - * - */ -public class FormsAuthenticator extends AbstractScopedAuthenticator<FormLogin> { - - private static final Logger LOG = LoggerFactory.getLogger(FormsAuthenticator.class); - - private Map<URI, FormLogin> logins = new HashMap<>(); - - /** - * Creates a new authenticator with the given login - * - * @param target - * Target URI - * @param login - * Login - */ - public FormsAuthenticator(URI target, FormLogin login) { - if (target == null) - throw new IllegalArgumentException("Target URI cannot be null"); - this.logins.put(target, login); - } - - /** - * Creates a new authenticator with the given logins - * - * @param logins - * Logins - */ - public FormsAuthenticator(Map<URI, FormLogin> logins) { - this.logins.putAll(logins); - } - - @Override - public void apply(AbstractHttpClient client, HttpContext httpContext, URI target) { - if (client == null) - return; - - // Do we have a login available for the target server? - FormLogin login = this.findCredentials(target); - if (login == null) - return; - - // We need to synchronize on the login because making a login attempt - // may take a while and there is no point making multiple login attempts - // against the same server - synchronized (login) { - - // Have we already logged into this server? - if (login.hasCookies()) { - // Use existing cookies - LOG.info("Using existing cookies to authenticate access to " + target.toString()); - CookieStore store = login.getCookies(); - if (store != null) - client.setCookieStore(store); - - // Check if any of the cookies have expired - if (!store.clearExpired(Calendar.getInstance().getTime())) { - // No cookies were cleared so our cookies are still fresh - // and we don't need to login again - return; - } - - // If we reach here then some of our cookies have expired and we - // may no longer be logged in and should login again instead of - // proceeding with the existing cookies - } - - try { - // Use a fresh Cookie Store for new login attempts - CookieStore store = new BasicCookieStore(); - client.setCookieStore(store); - - // Try to login - LOG.info("Making login attempt against " + login.getLoginFormURL() + " to obtain authentication for access to " - + target.toString()); - HttpPost post = new HttpPost(login.getLoginFormURL()); - post.setEntity(login.getLoginEntity()); - HttpResponse response = client.execute(post, httpContext); - - // Always read the payload to ensure reusable connections - final String payload = HttpOp.readPayload(response.getEntity()); - - // Check for successful login - if (response.getStatusLine().getStatusCode() >= 400) { - LOG.warn("Failed to login against " + login.getLoginFormURL() + " to obtain authentication for access to " - + target.toString()); - throw new HttpException(response.getStatusLine().getStatusCode(), "Login attempt failed - " - + response.getStatusLine().getReasonPhrase(), payload); - } - - // Otherwise assume a successful login - LOG.info("Successfully logged in against " + login.getLoginFormURL() - + " and obtained authentication for access to " + target.toString()); - login.setCookies(client.getCookieStore()); - - } catch (UnsupportedEncodingException e) { - throw new HttpException("UTF-8 encoding not supported on your platform", e); - } catch (IOException e) { - throw new HttpException("Error making login request", e); - } - } - } - - @Override - public void invalidate() { - // Discard all cookies we have currently - for (FormLogin login : this.logins.values()) { - login.clearCookies(); - } - } - - /** - * Adds a login to the authenticator preserving any existing cookies - * associated with the login - * - * @param target - * Target URI - * @param login - * Login - */ - public void addLogin(URI target, FormLogin login) { - if (target == null) - throw new IllegalArgumentException("Target URI cannot be null"); - this.logins.put(target, login); - - } - - @Override - protected FormLogin getCredentials(URI target) { - return this.logins.get(target); - } - - @Override - protected String getUserNameFromCredentials(FormLogin credentials) { - // Not used by this implementation because we override apply() so this - // will never be needed and regardless isn't available - return null; - } - - @Override - protected char[] getPasswordFromCredentials(FormLogin credentials) { - // Not used by this implementation because we override apply() so this - // will never be needed and regardless isn't available - return null; - } - -} http://git-wip-us.apache.org/repos/asf/jena/blob/2e8fc564/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/HttpAuthenticator.java ---------------------------------------------------------------------- diff --git a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/HttpAuthenticator.java b/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/HttpAuthenticator.java deleted file mode 100644 index d287492..0000000 --- a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/HttpAuthenticator.java +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.jena.atlas.web.auth; - -import java.net.URI; - -import org.apache.http.client.HttpClient; -import org.apache.http.impl.client.AbstractHttpClient; -import org.apache.http.protocol.HttpContext; - -/** - * Interface for classes that are able to apply some form of authentication to a - * {@link HttpClient} instance. Provides a unified mechanism for applying - * authentication that is agnostic of the actual authentication mechanism being - * used. - * - */ -public interface HttpAuthenticator { - - /** - * Applies any necessary authentication methods to the given HTTP Client - * <p> - * The {@code target} parameter indicates the URI to which the request is - * being made and so may be used by an authenticator to determine whether it - * actually needs to apply any authentication or to scope authentication - * appropriately. - * </p> - * - * @param client - * HTTP Client - * @param httpContext - * HTTP Context - * @param target - * Target URI to which code wants to authenticate - */ - public void apply(AbstractHttpClient client, HttpContext httpContext, URI target); - - /** - * Invalidates the authenticator - * <p> - * Allows code to inform the authenticator that any cached authentication - * information should be invalidated. This can be useful after an - * authentication attempt fails or after a certain amount of time is passed. - * For many authenticators this may actually be a no-op since when using - * standard HTTP authentication typically you authenticate on every request - * and there are no cached authentication information. However more complex - * authentication mechanisms such as Form Based authentication may have - * cached information that discarding will force subsequent requests to - * re-authenticate. - * </p> - */ - public void invalidate(); -} http://git-wip-us.apache.org/repos/asf/jena/blob/2e8fc564/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/PreemptiveBasicAuthenticator.java ---------------------------------------------------------------------- diff --git a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/PreemptiveBasicAuthenticator.java b/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/PreemptiveBasicAuthenticator.java deleted file mode 100644 index fb029b9..0000000 --- a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/PreemptiveBasicAuthenticator.java +++ /dev/null @@ -1,109 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.jena.atlas.web.auth; - -import java.net.URI; - -import org.apache.http.HttpHost; -import org.apache.http.auth.ChallengeState; -import org.apache.http.client.AuthCache; -import org.apache.http.client.protocol.ClientContext; -import org.apache.http.impl.auth.BasicScheme; -import org.apache.http.impl.client.AbstractHttpClient; -import org.apache.http.impl.client.BasicAuthCache; -import org.apache.http.protocol.HttpContext; - -/** - * A decorator for other authenticators that may be used to enable preemptive - * basic authentication. - * <p> - * This can <strong>only</strong> be used with servers that support Basic HTTP - * authentication. For any other authentication scheme the use of this - * authenticator will result in authentication failures. - * </p> - * <h3>Security Concerns</h3> - * <p> - * It is <strong>important</strong> to note that preemptive basic authentication - * is less secure because it can expose credentials to servers that do not - * require them. - * </p> - * <h3>Standard vs Proxy Authentication</h3> - * <p> - * Doing preemptive authentication requires knowing in advance whether you will - * be doing standard or proxy authentication i.e. whether the remote server will - * challenge with 401 or 407. If you need both you can take advantage of this - * being a decorator and simply layer multiple instances of this. - * </p> - * <p> - * However you must remember that this <strong>only</strong> works for Basic - * HTTP authentication, any other authentication scheme cannot be done - * preemptively because it requires a more complex and secure challenge response - * process. - * </p> - */ -public class PreemptiveBasicAuthenticator implements HttpAuthenticator { - - private HttpAuthenticator authenticator; - private boolean isProxy = false; - - /** - * Creates a new decorator over the given authenticator - * - * @param authenticator - * Authenticator to decorate - */ - public PreemptiveBasicAuthenticator(HttpAuthenticator authenticator) { - this(authenticator, false); - } - - /** - * Creates a new decorator over the given authenticator - * - * @param authenticator - * Authenticator to decorate - * @param forProxy - * Whether preemptive authentication is for a proxy - */ - public PreemptiveBasicAuthenticator(HttpAuthenticator authenticator, boolean forProxy) { - if (authenticator == null) - throw new IllegalArgumentException("Must provide an authenticator to decorate"); - this.authenticator = authenticator; - } - - @Override - public void apply(AbstractHttpClient client, HttpContext httpContext, URI target) { - this.authenticator.apply(client, httpContext, target); - - // Enable preemptive basic authentication - // For nice layering we need to respect existing auth cache if present - AuthCache authCache = (AuthCache) httpContext.getAttribute(ClientContext.AUTH_CACHE); - if (authCache == null) - authCache = new BasicAuthCache(); - BasicScheme basicAuth = new BasicScheme(this.isProxy ? ChallengeState.PROXY : ChallengeState.TARGET); - // TODO It is possible that this overwrites existing cached credentials - // so potentially not ideal. - authCache.put(new HttpHost(target.getHost(), target.getPort()), basicAuth); - httpContext.setAttribute(ClientContext.AUTH_CACHE, authCache); - } - - @Override - public void invalidate() { - // Does nothing - } - -} http://git-wip-us.apache.org/repos/asf/jena/blob/2e8fc564/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/ScopedAuthenticator.java ---------------------------------------------------------------------- diff --git a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/ScopedAuthenticator.java b/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/ScopedAuthenticator.java deleted file mode 100644 index 31f3829..0000000 --- a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/ScopedAuthenticator.java +++ /dev/null @@ -1,101 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.jena.atlas.web.auth; - -import java.net.URI; -import java.util.HashMap; -import java.util.Map; - -import org.apache.jena.atlas.lib.Pair; - -/** - * <p> - * A credentials based authenticator where credentials are scoped to URIs. This - * allows for a single authenticator to present different credentials to - * different URIs as appropriate. Works with the basic and digest HTTP - * authentication schemes. - * </p> - * <p> - * See {@link ScopedNTAuthenticator} for an implementation that works for the - * NTLM authentication scheme. - * </p> - * - */ -public class ScopedAuthenticator extends AbstractScopedAuthenticator<Pair<String, char[]>> { - - private Map<URI, Pair<String, char[]>> credentials = new HashMap<>(); - - /** - * Creates an authenticator with credentials for the given URI - * - * @param target - * URI - * @param username - * User name - * @param password - * Password - */ - public ScopedAuthenticator(URI target, String username, char[] password) { - if (target == null) - throw new IllegalArgumentException("Target URI cannot be null"); - this.credentials.put(target, Pair.create(username, password)); - } - - /** - * Creates an authenticator with a set of credentials for URIs - * - * @param credentials - * Credentials - */ - public ScopedAuthenticator(Map<URI, Pair<String, char[]>> credentials) { - this.credentials.putAll(credentials); - } - - /** - * Adds/Overwrites credentials for a given URI - * - * @param target - * Target - * @param username - * User name - * @param password - * Password - */ - public void addCredentials(URI target, String username, char[] password) { - if (target == null) - throw new IllegalArgumentException("Target URI cannot be null"); - this.credentials.put(target, Pair.create(username, password)); - } - - @Override - protected Pair<String, char[]> getCredentials(URI target) { - return this.credentials.get(target); - } - - @Override - protected String getUserNameFromCredentials(Pair<String, char[]> credentials) { - return credentials != null ? credentials.getLeft() : null; - } - - @Override - protected char[] getPasswordFromCredentials(Pair<String, char[]> credentials) { - return credentials != null ? credentials.getRight() : null; - } - -} http://git-wip-us.apache.org/repos/asf/jena/blob/2e8fc564/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/ScopedNTAuthenticator.java ---------------------------------------------------------------------- diff --git a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/ScopedNTAuthenticator.java b/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/ScopedNTAuthenticator.java deleted file mode 100644 index f389855..0000000 --- a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/ScopedNTAuthenticator.java +++ /dev/null @@ -1,137 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.jena.atlas.web.auth; - -import java.net.URI; -import java.util.HashMap; -import java.util.Map; -import java.util.Map.Entry; - -import org.apache.http.auth.Credentials; -import org.apache.http.auth.NTCredentials; -import org.apache.jena.atlas.lib.Pair; -import org.apache.jena.atlas.lib.tuple.Tuple ; -import org.apache.jena.atlas.lib.tuple.TupleFactory ; - -/** - * <p> - * A credentials based authenticator where credentials are scoped to URIs. This - * allows for a single authenticator to present different credentials to - * different URIs as appropriate. Works with the NTLM authentication schemes. - * </p> - * <p> - * See {@link ScopedAuthenticator} for an implementation that works for the - * Basic and Digest authentication schemes. - * </p> - * - */ -public class ScopedNTAuthenticator extends AbstractScopedAuthenticator<Pair<Tuple<String>, char[]>> { - - private Map<URI, Pair<Tuple<String>, char[]>> credentials = new HashMap<>(); - - /** - * Creates an authenticator with credentials for the given URI - * - * @param target - * URI - * @param username - * User name - * @param password - * Password - * @param workstation - * Workstation, this is the ID of your local workstation - * @param domain - * Domain, this is the domain you are authenticating in which may - * not necessarily be the domain your workstation is in - */ - public ScopedNTAuthenticator(URI target, String username, char[] password, String workstation, String domain) { - if (target == null) - throw new IllegalArgumentException("Target URI cannot be null"); - this.credentials.put(target, Pair.create(TupleFactory.tuple(username, workstation, domain), password)); - } - - /** - * Creates an authenticator with a set of credentials for URIs - * - * @param credentials - * Credentials, the left of the pair should be a tuple with at - * least three fields where the first contains the user name, the - * second the workstation and the third the domain. The right of - * the pair should be the password. - */ - public ScopedNTAuthenticator(Map<URI, Pair<Tuple<String>, char[]>> credentials) { - for (Entry<URI, Pair<Tuple<String>, char[]>> entry : credentials.entrySet()) { - if (entry.getValue() == null) - continue; - if (entry.getValue().getLeft() == null) - throw new IllegalArgumentException("Credentials tuple should be non-null"); - if (entry.getValue().getLeft().len() < 3) - throw new IllegalArgumentException( - "Credentials tuple should contain at least three fields, 0 = user name, 1 = workstation, 2 = domain"); - this.credentials.put(entry.getKey(), entry.getValue()); - } - } - - /** - * Adds/Overwrites credentials for a given URI - * - * @param target - * Target - * @param username - * User name - * @param password - * Password - * @param workstation - * Workstation, this is the ID of your local workstation - * @param domain - * Domain, this is the domain you are authenticating in which may - * not necessarily be the domain your workstation is in - */ - public void addCredentials(URI target, String username, char[] password, String workstation, String domain) { - if (target == null) - throw new IllegalArgumentException("Target URI cannot be null"); - this.credentials.put(target, Pair.create(TupleFactory.tuple(username, workstation, domain), password)); - } - - @Override - protected Credentials createCredentials(URI target) { - Pair<Tuple<String>, char[]> credentials = this.getCredentials(target); - if (credentials == null) - return super.createCredentials(target); - - return new NTCredentials(credentials.getLeft().get(0), new String(credentials.getRight()), credentials.getLeft().get(1), - credentials.getLeft().get(2)); - } - - @Override - protected Pair<Tuple<String>, char[]> getCredentials(URI target) { - return this.credentials.get(target); - } - - @Override - protected String getUserNameFromCredentials(Pair<Tuple<String>, char[]> credentials) { - return credentials != null ? credentials.getLeft().get(0) : null; - } - - @Override - protected char[] getPasswordFromCredentials(Pair<Tuple<String>, char[]> credentials) { - return credentials != null ? credentials.getRight() : null; - } - -} http://git-wip-us.apache.org/repos/asf/jena/blob/2e8fc564/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/ServiceAuthenticator.java ---------------------------------------------------------------------- diff --git a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/ServiceAuthenticator.java b/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/ServiceAuthenticator.java deleted file mode 100644 index 17ba04d..0000000 --- a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/ServiceAuthenticator.java +++ /dev/null @@ -1,129 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.jena.atlas.web.auth; - -import java.net.URI; -import java.util.Map; - -import org.apache.jena.query.ARQ ; -import org.apache.jena.sparql.engine.http.Service ; -import org.apache.jena.sparql.util.Context ; - -/** - * <p> - * A HTTP authenticator which selects credentials based upon service context - * found in the provided {@link Context}. May also optionally use fallback - * credentials for URIs for which authentication has not been explicitly - * configured. This works only with the Basic and Digest authentication schemes - * so you may need to use an alternative authenticator if you need to use - * another authentication scheme. - * </p> - */ -public class ServiceAuthenticator extends AbstractScopedAuthenticator<Context> { - - private Context context; - private String username; - private char[] password; - - /** - * Creates new authenticator using the standard ARQ context - */ - public ServiceAuthenticator() { - this(ARQ.getContext(), null, null); - } - - /** - * Creates a new authenticator using the standard ARQ context, the provided - * credentials are used as fallback if the context contains no registered - * credentials for a target URI - * - * @param username - * Fallback user name - * @param password - * Fallback password - */ - public ServiceAuthenticator(String username, char[] password) { - this(ARQ.getContext(), username, password); - } - - /** - * Creates a new authenticator using the given context - * - * @param context - * Context - */ - public ServiceAuthenticator(Context context) { - this(context, null, null); - } - - /** - * Creates a new authenticator using the given context, the provided - * credentials are used as fallback if the context contains no registered - * credentials for a target URI - * - * @param context - * Context - * @param username - * Fallback user name - * @param password - * Fallback password - */ - public ServiceAuthenticator(Context context, String username, char[] password) { - this.context = context; - this.username = username; - this.password = password; - } - - @SuppressWarnings("unchecked") - private Map<String, Context> getServiceContextMap() { - return (Map<String, Context>) this.context.get(Service.serviceContext); - - } - - @Override - protected Context getCredentials(URI target) { - Map<String, Context> serviceContextMap = this.getServiceContextMap(); - if (serviceContextMap == null) - return null; - return serviceContextMap.get(target.toString()); - } - - @Override - protected String getUserNameFromCredentials(Context credentials) { - if (credentials != null) { - // Use user name from service context - return credentials.getAsString(Service.queryAuthUser); - } else { - // Use fallback user name - return this.username; - } - } - - @Override - protected char[] getPasswordFromCredentials(Context credentials) { - if (credentials != null) { - // Use password from service context - String pwd = credentials.getAsString(Service.queryAuthPwd); - return pwd != null ? pwd.toCharArray() : null; - } else { - // Use fallback password - return this.password; - } - } -} http://git-wip-us.apache.org/repos/asf/jena/blob/2e8fc564/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/SimpleAuthenticator.java ---------------------------------------------------------------------- diff --git a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/SimpleAuthenticator.java b/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/SimpleAuthenticator.java deleted file mode 100644 index 2e2980e..0000000 --- a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/SimpleAuthenticator.java +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.jena.atlas.web.auth; - -import java.net.URI; - -/** - * <p> - * A HTTP Authenticator which provides authentication via user name and password - * combinations. Works with the basic and digest HTTP authentication schemes. - * </p> - * <p> - * See {@link SimpleNTAuthenticator} for an implementation that works for the - * NTLM authentication scheme. - * </p> - * <p> - * This authenticator will present the given credentials to any server that - * request authentication even though the credentials may not be valid there. It - * is typically more secure to use the {@link ScopedAuthenticator} instead which - * only presents credentials to specific servers. - * </p> - * - */ -public class SimpleAuthenticator extends AbstractCredentialsAuthenticator { - - String username; - char[] password; - - /** - * Creates a new authenticator - * - * @param username - * Username - * @param password - * Password - */ - public SimpleAuthenticator(String username, char[] password) { - this.username = username; - this.password = password; - } - - @Override - protected boolean hasUserName(URI target) { - return this.username != null; - } - - @Override - protected String getUserName(URI target) { - return this.username; - } - - @Override - protected boolean hasPassword(URI target) { - return this.password != null; - } - - @Override - protected char[] getPassword(URI target) { - return this.password; - } - -} http://git-wip-us.apache.org/repos/asf/jena/blob/2e8fc564/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/SimpleNTAuthenticator.java ---------------------------------------------------------------------- diff --git a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/SimpleNTAuthenticator.java b/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/SimpleNTAuthenticator.java deleted file mode 100644 index b7bd4c1..0000000 --- a/jena-arq/src/main/java/org/apache/jena/atlas/web/auth/SimpleNTAuthenticator.java +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.jena.atlas.web.auth; - -import java.net.URI; - -import org.apache.http.auth.Credentials; -import org.apache.http.auth.NTCredentials; - -/** - * <p> - * A HTTP Authenticator which provides authentication via user name and password - * combinations. Works with the NTLM authentication scheme. - * </p> - * <p> - * Use the parent class {@link SimpleAuthenticator} if you just need to do - * Basic/Digest authentication. - * </p> - * <p> - * This authenticator will present the given credentials to any server that - * request authentication even though the credentials may not be valid there. It - * is typically more secure to use the {@link ScopedNTAuthenticator} instead - * which only presents credentials to specific servers. - * </p> - * - */ -public class SimpleNTAuthenticator extends SimpleAuthenticator { - - private String workstation, domain; - - /** - * Creates a new authenticator - * - * @param username - * Username - * @param password - * Password - * @param workstation - * Workstation, this is the ID of your local workstation - * @param domain - * Domain, this is the domain you are authenticating in which may - * not necessarily be the domain your workstation is in - */ - public SimpleNTAuthenticator(String username, char[] password, String workstation, String domain) { - super(username, password); - this.workstation = workstation; - this.domain = domain; - } - - @Override - protected Credentials createCredentials(URI target) { - return new NTCredentials(this.getUserName(target), new String(this.getPassword(target)), this.workstation, this.domain); - } - -} http://git-wip-us.apache.org/repos/asf/jena/blob/2e8fc564/jena-arq/src/main/java/org/apache/jena/query/DatasetAccessorFactory.java ---------------------------------------------------------------------- diff --git a/jena-arq/src/main/java/org/apache/jena/query/DatasetAccessorFactory.java b/jena-arq/src/main/java/org/apache/jena/query/DatasetAccessorFactory.java index 31ab4e8..c954019 100644 --- a/jena-arq/src/main/java/org/apache/jena/query/DatasetAccessorFactory.java +++ b/jena-arq/src/main/java/org/apache/jena/query/DatasetAccessorFactory.java @@ -18,7 +18,7 @@ package org.apache.jena.query; -import org.apache.jena.atlas.web.auth.HttpAuthenticator; +import org.apache.http.client.HttpClient; import org.apache.jena.sparql.core.DatasetGraph ; import org.apache.jena.web.DatasetAdapter ; import org.apache.jena.web.DatasetGraphAccessor ; @@ -42,14 +42,14 @@ public class DatasetAccessorFactory } /** - * Create an accessor for a remote HTTP service that requires authentication + * Create an accessor for a remote HTTP service that requires a custom client (e.g. for authentication) * @param serviceURI Service URI - * @param authenticator HTTP authenticator + * @param client HTTP client * @return Accessor */ - public static DatasetAccessor createHTTP(String serviceURI, HttpAuthenticator authenticator) + public static DatasetAccessor createHTTP(String serviceURI, HttpClient client) { - return adapt(new DatasetGraphAccessorHTTP(serviceURI, authenticator)); + return adapt(new DatasetGraphAccessorHTTP(serviceURI, client)); } /** http://git-wip-us.apache.org/repos/asf/jena/blob/2e8fc564/jena-arq/src/main/java/org/apache/jena/query/QueryExecutionFactory.java ---------------------------------------------------------------------- diff --git a/jena-arq/src/main/java/org/apache/jena/query/QueryExecutionFactory.java b/jena-arq/src/main/java/org/apache/jena/query/QueryExecutionFactory.java index bda6a80..3738099 100644 --- a/jena-arq/src/main/java/org/apache/jena/query/QueryExecutionFactory.java +++ b/jena-arq/src/main/java/org/apache/jena/query/QueryExecutionFactory.java @@ -19,8 +19,8 @@ package org.apache.jena.query; import java.util.List ; +import org.apache.http.client.HttpClient; import org.apache.jena.atlas.logging.Log ; -import org.apache.jena.atlas.web.auth.HttpAuthenticator ; import org.apache.jena.rdf.model.Model ; import org.apache.jena.sparql.core.DatasetGraph ; import org.apache.jena.sparql.engine.Plan ; @@ -278,19 +278,19 @@ public class QueryExecutionFactory * @return QueryExecution */ static public QueryExecution sparqlService(String service, String query) { - return sparqlService(service, query, (HttpAuthenticator)null) ; + return sparqlService(service, query, (HttpClient)null) ; } /** Create a QueryExecution that will access a SPARQL service over HTTP * @param service URL of the remote service * @param query Query string to execute - * @param authenticator HTTP Authenticator + * @param client HTTP client * @return QueryExecution */ - static public QueryExecution sparqlService(String service, String query, HttpAuthenticator authenticator) { + static public QueryExecution sparqlService(String service, String query, HttpClient client) { checkNotNull(service, "URL for service is null") ; checkArg(query) ; - return sparqlService(service, QueryFactory.create(query), authenticator) ; + return sparqlService(service, QueryFactory.create(query), client) ; } /** Create a QueryExecution that will access a SPARQL service over HTTP @@ -307,14 +307,14 @@ public class QueryExecutionFactory * @param service URL of the remote service * @param query Query string to execute * @param defaultGraph URI of the default graph - * @param authenticator HTTP Authenticator + * @param client HTTP client * @return QueryExecution */ - static public QueryExecution sparqlService(String service, String query, String defaultGraph, HttpAuthenticator authenticator) { + static public QueryExecution sparqlService(String service, String query, String defaultGraph, HttpClient client) { checkNotNull(service, "URL for service is null") ; // checkNotNull(defaultGraph, "IRI for default graph is null") ; checkArg(query) ; - return sparqlService(service, QueryFactory.create(query), defaultGraph, authenticator) ; + return sparqlService(service, QueryFactory.create(query), defaultGraph, client) ; } /** Create a QueryExecution that will access a SPARQL service over HTTP @@ -333,16 +333,16 @@ public class QueryExecutionFactory * @param query Query string to execute * @param defaultGraphURIs List of URIs to make up the default graph * @param namedGraphURIs List of URIs to make up the named graphs - * @param authenticator HTTP Authenticator + * @param client HTTP client * @return QueryExecution */ static public QueryExecution sparqlService(String service, String query, List<String> defaultGraphURIs, List<String> namedGraphURIs, - HttpAuthenticator authenticator) { + HttpClient client) { checkNotNull(service, "URL for service is null") ; // checkNotNull(defaultGraphURIs, "List of default graph URIs is null") ; // checkNotNull(namedGraphURIs, "List of named graph URIs is null") ; checkArg(query) ; - return sparqlService(service, QueryFactory.create(query), defaultGraphURIs, namedGraphURIs, authenticator) ; + return sparqlService(service, QueryFactory.create(query), defaultGraphURIs, namedGraphURIs, client) ; } /** Create a QueryExecution that will access a SPARQL service over HTTP @@ -351,19 +351,19 @@ public class QueryExecutionFactory * @return QueryExecution */ static public QueryExecution sparqlService(String service, Query query) { - return sparqlService(service, query, (HttpAuthenticator)null) ; + return sparqlService(service, query, (HttpClient)null) ; } /** Create a QueryExecution that will access a SPARQL service over HTTP * @param service URL of the remote service * @param query Query to execute - * @param authenticator HTTP Authenticator + * @param client HTTP client * @return QueryExecution */ - static public QueryExecution sparqlService(String service, Query query, HttpAuthenticator authenticator) { + static public QueryExecution sparqlService(String service, Query query, HttpClient client) { checkNotNull(service, "URL for service is null") ; checkArg(query) ; - return createServiceRequest(service, query, authenticator) ; + return createServiceRequest(service, query, client) ; } /** Create a QueryExecution that will access a SPARQL service over HTTP @@ -382,16 +382,16 @@ public class QueryExecutionFactory * @param query Query to execute * @param defaultGraphURIs List of URIs to make up the default graph * @param namedGraphURIs List of URIs to make up the named graphs - * @param authenticator HTTP Authenticator + * @param client HTTP client * @return QueryExecution */ static public QueryExecution sparqlService(String service, Query query, List<String> defaultGraphURIs, List<String> namedGraphURIs, - HttpAuthenticator authenticator) { + HttpClient client) { checkNotNull(service, "URL for service is null") ; // checkNotNull(defaultGraphURIs, "List of default graph URIs is null") ; // checkNotNull(namedGraphURIs, "List of named graph URIs is null") ; checkArg(query) ; - QueryEngineHTTP qe = createServiceRequest(service, query, authenticator) ; + QueryEngineHTTP qe = createServiceRequest(service, query, client) ; if ( defaultGraphURIs != null ) qe.setDefaultGraphURIs(defaultGraphURIs) ; if ( namedGraphURIs != null ) @@ -413,14 +413,14 @@ public class QueryExecutionFactory * @param service URL of the remote service * @param query Query to execute * @param defaultGraph URI of the default graph - * @param authenticator HTTP Authenticator + * @param client HTTP client * @return QueryExecution */ - static public QueryExecution sparqlService(String service, Query query, String defaultGraph, HttpAuthenticator authenticator) { + static public QueryExecution sparqlService(String service, Query query, String defaultGraph, HttpClient client) { checkNotNull(service, "URL for service is null") ; // checkNotNull(defaultGraph, "IRI for default graph is null") ; checkArg(query) ; - QueryEngineHTTP qe = createServiceRequest(service, query, authenticator) ; + QueryEngineHTTP qe = createServiceRequest(service, query, client) ; qe.addDefaultGraph(defaultGraph) ; return qe ; } @@ -441,11 +441,11 @@ public class QueryExecutionFactory * allows various HTTP specific parameters to be set. * @param service Endpoint URL * @param query Query - * @param authenticator HTTP Authenticator + * @param client HTTP client * @return Remote Query Engine */ - static public QueryEngineHTTP createServiceRequest(String service, Query query, HttpAuthenticator authenticator) { - QueryEngineHTTP qe = new QueryEngineHTTP(service, query, authenticator) ; + static public QueryEngineHTTP createServiceRequest(String service, Query query, HttpClient client) { + QueryEngineHTTP qe = new QueryEngineHTTP(service, query, client) ; return qe ; }