[
https://issues.apache.org/jira/browse/HTTPCLIENT-872?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12751160#action_12751160
]
Gerald Turner commented on HTTPCLIENT-872:
------------------------------------------
Patch has a few caveats.
I tried following the project style as best I could, but there were a few
arbitrary decisions:
• New parameter is AuthPNames.PREEMPTIVE_AUTHENTICATION with accessors in
AuthParams and AuthParamBean. I could have chosen ClientPNames since that's
where HANDLE_AUTHENTICATION lives.
• New PreemptiveAuth HttpRequestInterceptor class is in
org.apache.http.impl.auth package. It only works with BasicAuthScheme. I
don't believe there is any validity with trying to implement preemptive
authentication for Digest and NTLM types since they include server generated
'nonce' values as part of the challenge.
• Since the request interceptors are initialized by
DefaultHttpClient.createHttpProcessor patch changes the code like so:
@Override
protected BasicHttpProcessor createHttpProcessor() {
BasicHttpProcessor httpproc = new BasicHttpProcessor();
httpproc.addInterceptor(new RequestDefaultHeaders());
// Required protocol interceptors
httpproc.addInterceptor(new RequestContent());
httpproc.addInterceptor(new RequestTargetHost());
// Recommended protocol interceptors
httpproc.addInterceptor(new RequestClientConnControl());
httpproc.addInterceptor(new RequestUserAgent());
httpproc.addInterceptor(new RequestExpectContinue());
// HTTP state management interceptors
httpproc.addInterceptor(new RequestAddCookies());
httpproc.addInterceptor(new ResponseProcessCookies());
// HTTP authentication interceptors
if (AuthParams.getPreemptiveAuthentication(getParams()))
httpproc.addInterceptor(new PreemptiveAuth());
httpproc.addInterceptor(new RequestTargetAuthentication());
httpproc.addInterceptor(new RequestProxyAuthentication());
return httpproc;
}
...there is only one other method createXXX method which peeks at getParams(),
createClientConnectionManager, so it appears to follow the same style.
• I added a testPreemptiveAuthentication case to TestClientAuthentication.
> Add preemptive authentication
> -----------------------------
>
> Key: HTTPCLIENT-872
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-872
> Project: HttpComponents HttpClient
> Issue Type: Improvement
> Components: HttpAuth
> Affects Versions: 4.0 Final
> Reporter: Gerald Turner
> Priority: Trivial
> Attachments: PreemptiveAuth.patch
>
>
> Wishlist request for preemptive authentication to be included in the API,
> like HttpClient 3.x had. There is an example
> ClientPreemptiveBasicAuthentication.java that uses HttpRequestInterceptor
> which I had adapted to my application and it works fine.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
