To be more specific, the jdk low level class (HttpURLConnection) excludes "Authorization" header for security reasons. So I can't be authorised to access alfresco.
So i dont know what does authentication provider is meant to do if JDK removes the header? Kind Regards Krzysztof On 2017-09-11 22:09, Florian Müller <f...@apache.org> wrote: > Hi, > > SPNEGO is a little bit different than most other authentication mechanisms. > > Please see the SPNEGO section on this web page: > https://docs.oracle.com/javase/8/docs/technotes/guides/net/http-auth.html > > > - Florian > > > > I have Alfresco Core repository configured with SPNEGO authentication > > (Kerberos SSO). > > I am writing a service that talks to it using Apache Chemistry opencmis > > library 1.1.0. Cmis library requires me to provide custom authentication > > provider, but it drops the Authorisation header I am > > adding(DefaultHttpInvoker.invoke() line:129). So far I came up with > > following: > > > > public class KerberosAuthProvider extends AbstractAuthenticationProvider { > > > > @Override > > public Map<String, List<String>> getHTTPHeaders(String url) { > > try { > > String authToken = ââ¬Â¦. // generate token > > Map<String, List<String>> headers = Maps.newHashMap(); > > > > headers.put("Authorization", Lists.newArrayList("Negotiate " + > > authToken)); > > return headers; > > } catch (Exception ex) { > > throw new IllegalStateException("Couldn't get token", ex); > > }} > > } > > > > Alfresco responds with following: > > > > No Proxy-Authorization Header is present. > > No Authorization Header is present. > > > > I will appreciate any suggestions. > > >
