[jira] [Commented] (HTTPCLIENT-1912) AuthSchemes.SPNEGO should be able to specify login conf and krb5 conf as parameters instead of system properties

Michael Osipov (JIRA) Tue, 10 Apr 2018 06:34:13 -0700

    [ 
https://issues.apache.org/jira/browse/HTTPCLIENT-1912?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16432262#comment-16432262
 ]


Michael Osipov commented on HTTPCLIENT-1912:
--------------------------------------------

bq. If I could figure out how to tell HttpClient to use a certain Entry name 
within the login.conf, that would help me a lot.

You can't. This is, in fact, your task has to obtain the credentials when 
working with JAAS, the currect code does only work without JAAS (implicit 
JAAS). Look 
[here|http://tomcatspnegoad.sourceforge.net/xref/net/sf/michaelo/tomcat/authenticator/SpnegoAuthenticator.html#L117],
 create the login context, login, get the subject and wrap your HTTP call 
within a {{PrivilegedExceptionAction}} and call {{Subject#doAs()}}.

> AuthSchemes.SPNEGO should be able to specify login conf and krb5 conf as 
> parameters instead of system properties
> ----------------------------------------------------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-1912
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1912
>             Project: HttpComponents HttpClient
>          Issue Type: Improvement
>          Components: HttpClient (classic)
>    Affects Versions: 4.5.2
>            Reporter: Nicholas DiPiazza
>            Priority: Major
>              Labels: volunteers-wanted
>             Fix For: Stuck
>
>
> in order to use spenego 
> see 
> [example|https://github.com/jumarko/kerberos-auth-example/blob/master/src/main/java/net/curiousprogrammer/auth/kerberos/example/KerberosAuthExample.java]
> you need to specify system properties to specify a custom krb5.conf or 
> login.conf location.
> It would be very useful if these could be given as parameters somehow instead 
> of system properties, because in our cloud apps use case, sharing these as 
> system properties at the jvm level is causing conflicts. 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Commented] (HTTPCLIENT-1912) AuthSchemes.SPNEGO should be able to specify login conf and krb5 conf as parameters instead of system properties

Reply via email to