[
https://issues.apache.org/jira/browse/HTTPCLIENT-524?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Oleg Kalnichevski resolved HTTPCLIENT-524.
------------------------------------------
Resolution: Fixed
The way HttpClient handles authentication has completely changed in the 4.0
codeline.
(1) HttpState has been eliminated and its function has been replaced with
CredentialsProvider interface. One can now easily plug in a custom
implementation of that interface.
(2) HttpClient now maintains an internal authentication state. I will retry the
authentication process only if the credentials provider returns a different set
of credentials in response to an authentication failure (thus avoiding an
infinite loop).
(3) Credentials providers are no longer expected to provide interactivity with
the user. This logic should be implemented outside of the request execution
loop. See sample:
http://svn.apache.org/repos/asf/jakarta/httpcomponents/httpclient/trunk/module-client/src/examples/org/apache/http/examples/client/ClientInteractiveAuthentication.java
Oleg
> Provide feedback mechanism to CredentialsProvider
> -------------------------------------------------
>
> Key: HTTPCLIENT-524
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-524
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpAuth
> Affects Versions: 3.0 RC4
> Environment: Operating System: Windows XP
> Platform: Other
> Reporter: David Martineau
> Fix For: 4.0 Alpha 2
>
>
> If the remote server is using BASIC or NT authentication and you pass in
> invalid credentials you get stuck in an infinite for loop, repeatedly sending
> the same authentication request again and again to the server. The for loop
> is
> in the executeMethod method of the HttpMethodDirector class.
> Sample code:
> =================================================================
> import org.apache.commons.httpclient.Credentials;
> import org.apache.commons.httpclient.NTCredentials;
> import org.apache.commons.httpclient.UsernamePasswordCredentials;
> import org.apache.commons.httpclient.HttpClient;
> import org.apache.commons.httpclient.methods.GetMethod;
> import org.apache.commons.httpclient.auth.*;
> import java.io.IOException;
> import java.io.BufferedInputStream;
> import java.io.ByteArrayOutputStream;
> /**
> * Created by IntelliJ IDEA.
> * User: dmartineau
> * Date: Nov 8, 2005
> * Time: 1:43:21 PM
> */
> public class ShowProblem
> {
> private String location;
> private String user;
> private String pass;
> private String domain;
> public ShowProblem(String location, String user, String pass, String
> domain)
> {
> this.location = location;
> this.user=user;
> this.pass=pass;
> this.domain=domain;
> }
> public int getFile()
> {
> int status = 500;
> HttpClient client = new HttpClient();
> client.getParams().setParameter(
> CredentialsProvider.PROVIDER, new CProvider(user,pass,domain));
> GetMethod httpget = new GetMethod(location);
> httpget.setDoAuthentication(true);
> try
> {
> // execute the GET
> status = client.executeMethod(httpget);
> if (status==200)
> {
> BufferedInputStream bin = new BufferedInputStream
> (httpget.getResponseBodyAsStream());
> ByteArrayOutputStream bos = new ByteArrayOutputStream();
> int bytesRead = 0;
> byte[] buff = new byte[16384];
> while ( (bytesRead = bin.read(buff)) != -1) {
> bos.write(buff, 0, bytesRead);
> }
> // display the results.
> System.out.println(new String(bos.toByteArray()));
> }
> }
> catch (Throwable t)
> {
> t.printStackTrace();
> }
> finally
> {
> // release any connection resources used by the method
> httpget.releaseConnection();
> }
> return status;
> }
> public static void main(String[] args)
> {
> ShowProblem showProblem = new ShowProblem(args[0],args[1],args[2],args
> [3]);
> int response = showProblem.getFile();
>
> }
> class CProvider implements CredentialsProvider
> {
> private String user;
> private String password;
> private String domain;
> public CProvider(String user, String password, String domain)
> {
> super();
> this.user = user;
> this.password = password;
> this.domain = domain;
> }
> public Credentials getCredentials(final AuthScheme authscheme,final
> String host,int port,boolean proxy)
> throws CredentialsNotAvailableException
> {
> if (authscheme == null)
> {
> return null;
> }
> try
> {
> if (authscheme instanceof NTLMScheme)
> {
> return new NTCredentials(user, password, host, domain);
> }
> else if (authscheme instanceof RFC2617Scheme)
> {
> return new UsernamePasswordCredentials(user, password);
> }
> else
> {
> throw new CredentialsNotAvailableException("Unsupported
> authentication scheme: " +
> authscheme.getSchemeName());
> }
> }
> catch (IOException e)
> {
> throw new CredentialsNotAvailableException(e.getMessage(), e);
> }
> }
> }
> }
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
