rwaldhoff 01/08/08 09:51:05
Modified: httpclient/src/java/org/apache/commons/httpclient
Authenticator.java
httpclient/src/test/org/apache/commons/httpclient
TestAuthenticator.java
Log:
Oops, that last one wasn't quite right.
Basic authentication realms are passed as realm="<realm-name>", not just "realm".
That's what I get for trying it from memory (and what we get for not having real
authentication tests).
Revision Changes Path
1.4 +28 -21
jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/Authenticator.java
Index: Authenticator.java
===================================================================
RCS file:
/home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/Authenticator.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- Authenticator.java 2001/08/08 15:29:05 1.3
+++ Authenticator.java 2001/08/08 16:51:05 1.4
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/Authenticator.java,v
1.3 2001/08/08 15:29:05 rwaldhoff Exp $
- * $Revision: 1.3 $
- * $Date: 2001/08/08 15:29:05 $
+ * $Header:
/home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/Authenticator.java,v
1.4 2001/08/08 16:51:05 rwaldhoff Exp $
+ * $Revision: 1.4 $
+ * $Date: 2001/08/08 16:51:05 $
*
* ====================================================================
*
@@ -113,14 +113,14 @@
if (space < 0)
return null;
- String challengeName = challenge.substring(0, space);
+ String authScheme = challenge.substring(0, space);
- if ("basic".equalsIgnoreCase(challengeName)) {
+ if ("basic".equalsIgnoreCase(authScheme)) {
return basic(state, credentials);
- } else if ("digest".equalsIgnoreCase(challengeName)) {
+ } else if ("digest".equalsIgnoreCase(authScheme)) {
throw new UnsupportedOperationException("Digest authentication is not
supported.");
} else {
- throw new UnsupportedOperationException("Authentication type \"" +
challengeName + "\" is not recognized.");
+ throw new UnsupportedOperationException("Authentication type \"" +
authScheme + "\" is not recognized.");
}
}
@@ -132,26 +132,33 @@
return null;
}
- StringTokenizer toker = new StringTokenizer(challenge);
- String challengeName = null;
- try {
- challengeName = toker.nextToken();
- } catch(NoSuchElementException e) {
- return null;
+ int space = challenge.indexOf(' ');
+ if(space < 0) {
+ throw new HttpException("Unable to parse authentication challenge \"" +
challenge + "\", expected space");
}
+ String authScheme = challenge.substring(0, space);
- if ("basic".equalsIgnoreCase(challengeName)) {
- String realm = null;
- try {
- realm = toker.nextToken();
- } catch(NoSuchElementException e) {
- throw new HttpException("Expected realm name in basic
authentication challenge.");
+ if ("basic".equalsIgnoreCase(authScheme)) {
+ // parse the realm from the authentication challenge
+ // XXX FIX ME XXX
+ // Note that this won't work if there is more than one
+ // realm within the challenge
+ // We could probably make it a bit more flexiable in
+ // parsing as well.
+ if(challenge.length() < space + 1) {
+ throw new HttpException("Unable to parse authentication challenge
\"" + challenge + "\", expected realm");
}
+ String realmstr = challenge.substring(space+1,challenge.length());
+ realmstr.trim();
+ log.debug("Parsing realm from \"" + realmstr + "\".");
+ String realm =
realmstr.substring("realm=\"".length(),realmstr.length()-1);
+ log.debug("Parsed realm \"" + realm + "\" from challenge \"" +
challenge + "\".");
+
return basic(realm,state);
- } else if ("digest".equalsIgnoreCase(challengeName)) {
+ } else if ("digest".equalsIgnoreCase(authScheme)) {
throw new UnsupportedOperationException("Digest authentication is not
supported.");
} else {
- throw new UnsupportedOperationException("Authentication type \"" +
challengeName + "\" is not recognized.");
+ throw new UnsupportedOperationException("Authentication type \"" +
authScheme + "\" is not recognized.");
}
}
1.3 +9 -9
jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestAuthenticator.java
Index: TestAuthenticator.java
===================================================================
RCS file:
/home/cvs/jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestAuthenticator.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- TestAuthenticator.java 2001/08/08 15:29:05 1.2
+++ TestAuthenticator.java 2001/08/08 16:51:05 1.3
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestAuthenticator.java,v
1.2 2001/08/08 15:29:05 rwaldhoff Exp $
- * $Revision: 1.2 $
- * $Date: 2001/08/08 15:29:05 $
+ * $Header:
/home/cvs/jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestAuthenticator.java,v
1.3 2001/08/08 16:51:05 rwaldhoff Exp $
+ * $Revision: 1.3 $
+ * $Date: 2001/08/08 16:51:05 $
* ====================================================================
* Copyright (C) The Apache Software Foundation. All rights reserved.
*
@@ -18,7 +18,7 @@
* Unit tests for {@link Authenticator}.
*
* @author Rodney Waldhoff
- * @version $Id: TestAuthenticator.java,v 1.2 2001/08/08 15:29:05 rwaldhoff Exp $
+ * @version $Id: TestAuthenticator.java,v 1.3 2001/08/08 16:51:05 rwaldhoff Exp $
*/
public class TestAuthenticator extends TestCase {
@@ -43,7 +43,7 @@
public void testBasicAuthenticationWithNoCreds() {
State state = new State();
- state.setAuthenticateToken("Basic realm1");
+ state.setAuthenticateToken("Basic realm=\"realm1\"");
try {
Authenticator.challengeResponse(state);
fail("Should have thrown HttpException");
@@ -79,7 +79,7 @@
public void testBasicAuthenticationWithDefaultCreds() throws Exception {
State state = new State();
- state.setAuthenticateToken("Basic realm1");
+ state.setAuthenticateToken("Basic realm=\"realm1\"");
state.setDefaultCredentials(new Credentials("username","password"));
String response = Authenticator.challengeResponse(state);
String expected = "Basic " + new
String(Base64.encode("username:password".getBytes()));
@@ -88,7 +88,7 @@
public void testBasicAuthentication() throws Exception {
State state = new State();
- state.setAuthenticateToken("Basic realm1");
+ state.setAuthenticateToken("Basic realm=\"realm1\"");
state.setCredentials("realm1",new Credentials("username","password"));
String response = Authenticator.challengeResponse(state);
String expected = "Basic " + new
String(Base64.encode("username:password".getBytes()));
@@ -100,13 +100,13 @@
state.setCredentials("realm1",new Credentials("username","password"));
state.setCredentials("realm2",new Credentials("uname2","password2"));
{
- state.setAuthenticateToken("Basic realm1");
+ state.setAuthenticateToken("Basic realm=\"realm1\"");
String response = Authenticator.challengeResponse(state);
String expected = "Basic " + new
String(Base64.encode("username:password".getBytes()));
assertEquals(expected,response);
}
{
- state.setAuthenticateToken("Basic realm2");
+ state.setAuthenticateToken("Basic realm=\"realm2\"");
String response = Authenticator.challengeResponse(state);
String expected = "Basic " + new
String(Base64.encode("uname2:password2".getBytes()));
assertEquals(expected,response);
