Hi Krzysztof, you can set "Authorization" header in the authentication provider. The StandardAuthenticationProvider does exactly this for basic auth.
To use the "Proxy-Authorization" header, extend the StandardAuthenticationProvider instead of the AbstractAuthenticationProvider. - Florian Am 12.09.2017 um 11:39 schrieb krzysztoffzielin...@gmail.com: > To be more specific, the jdk low level class (HttpURLConnection) excludes > "Authorization" header for security reasons. So I can't be authorised to > access alfresco. > > So i dont know what does authentication provider is meant to do if JDK > removes the header? > > Kind Regards > Krzysztof > > On 2017-09-11 22:09, Florian Müller <f...@apache.org> wrote: >> Hi, >> >> SPNEGO is a little bit different than most other authentication mechanisms. >> >> Please see the SPNEGO section on this web page: >> https://docs.oracle.com/javase/8/docs/technotes/guides/net/http-auth.html >> >> >> - Florian >> >> >>> I have Alfresco Core repository configured with SPNEGO authentication >>> (Kerberos SSO). >>> I am writing a service that talks to it using Apache Chemistry opencmis >>> library 1.1.0. Cmis library requires me to provide custom authentication >>> provider, but it drops the Authorisation header I am >>> adding(DefaultHttpInvoker.invoke() line:129). So far I came up with >>> following: >>> >>> public class KerberosAuthProvider extends AbstractAuthenticationProvider { >>> >>> @Override >>> public Map<String, List<String>> getHTTPHeaders(String url) { >>> try { >>> String authToken = …. // generate token >>> Map<String, List<String>> headers = Maps.newHashMap(); >>> >>> headers.put("Authorization", Lists.newArrayList("Negotiate " + >>> authToken)); >>> return headers; >>> } catch (Exception ex) { >>> throw new IllegalStateException("Couldn't get token", ex); >>> }} >>> } >>> >>> Alfresco responds with following: >>> >>> No Proxy-Authorization Header is present. >>> No Authorization Header is present. >>> >>> I will appreciate any suggestions. >>> >>
