rwaldhoff 01/08/08 09:51:05 Modified: httpclient/src/java/org/apache/commons/httpclient Authenticator.java httpclient/src/test/org/apache/commons/httpclient TestAuthenticator.java Log: Oops, that last one wasn't quite right. Basic authentication realms are passed as realm="<realm-name>", not just "realm". That's what I get for trying it from memory (and what we get for not having real authentication tests). Revision Changes Path 1.4 +28 -21 jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/Authenticator.java Index: Authenticator.java =================================================================== RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/Authenticator.java,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- Authenticator.java 2001/08/08 15:29:05 1.3 +++ Authenticator.java 2001/08/08 16:51:05 1.4 @@ -1,7 +1,7 @@ /* - * $Header: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/Authenticator.java,v 1.3 2001/08/08 15:29:05 rwaldhoff Exp $ - * $Revision: 1.3 $ - * $Date: 2001/08/08 15:29:05 $ + * $Header: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/Authenticator.java,v 1.4 2001/08/08 16:51:05 rwaldhoff Exp $ + * $Revision: 1.4 $ + * $Date: 2001/08/08 16:51:05 $ * * ==================================================================== * @@ -113,14 +113,14 @@ if (space < 0) return null; - String challengeName = challenge.substring(0, space); + String authScheme = challenge.substring(0, space); - if ("basic".equalsIgnoreCase(challengeName)) { + if ("basic".equalsIgnoreCase(authScheme)) { return basic(state, credentials); - } else if ("digest".equalsIgnoreCase(challengeName)) { + } else if ("digest".equalsIgnoreCase(authScheme)) { throw new UnsupportedOperationException("Digest authentication is not supported."); } else { - throw new UnsupportedOperationException("Authentication type \"" + challengeName + "\" is not recognized."); + throw new UnsupportedOperationException("Authentication type \"" + authScheme + "\" is not recognized."); } } @@ -132,26 +132,33 @@ return null; } - StringTokenizer toker = new StringTokenizer(challenge); - String challengeName = null; - try { - challengeName = toker.nextToken(); - } catch(NoSuchElementException e) { - return null; + int space = challenge.indexOf(' '); + if(space < 0) { + throw new HttpException("Unable to parse authentication challenge \"" + challenge + "\", expected space"); } + String authScheme = challenge.substring(0, space); - if ("basic".equalsIgnoreCase(challengeName)) { - String realm = null; - try { - realm = toker.nextToken(); - } catch(NoSuchElementException e) { - throw new HttpException("Expected realm name in basic authentication challenge."); + if ("basic".equalsIgnoreCase(authScheme)) { + // parse the realm from the authentication challenge + // XXX FIX ME XXX + // Note that this won't work if there is more than one + // realm within the challenge + // We could probably make it a bit more flexiable in + // parsing as well. + if(challenge.length() < space + 1) { + throw new HttpException("Unable to parse authentication challenge \"" + challenge + "\", expected realm"); } + String realmstr = challenge.substring(space+1,challenge.length()); + realmstr.trim(); + log.debug("Parsing realm from \"" + realmstr + "\"."); + String realm = realmstr.substring("realm=\"".length(),realmstr.length()-1); + log.debug("Parsed realm \"" + realm + "\" from challenge \"" + challenge + "\"."); + return basic(realm,state); - } else if ("digest".equalsIgnoreCase(challengeName)) { + } else if ("digest".equalsIgnoreCase(authScheme)) { throw new UnsupportedOperationException("Digest authentication is not supported."); } else { - throw new UnsupportedOperationException("Authentication type \"" + challengeName + "\" is not recognized."); + throw new UnsupportedOperationException("Authentication type \"" + authScheme + "\" is not recognized."); } } 1.3 +9 -9 jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestAuthenticator.java Index: TestAuthenticator.java =================================================================== RCS file: /home/cvs/jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestAuthenticator.java,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- TestAuthenticator.java 2001/08/08 15:29:05 1.2 +++ TestAuthenticator.java 2001/08/08 16:51:05 1.3 @@ -1,7 +1,7 @@ /* - * $Header: /home/cvs/jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestAuthenticator.java,v 1.2 2001/08/08 15:29:05 rwaldhoff Exp $ - * $Revision: 1.2 $ - * $Date: 2001/08/08 15:29:05 $ + * $Header: /home/cvs/jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestAuthenticator.java,v 1.3 2001/08/08 16:51:05 rwaldhoff Exp $ + * $Revision: 1.3 $ + * $Date: 2001/08/08 16:51:05 $ * ==================================================================== * Copyright (C) The Apache Software Foundation. All rights reserved. * @@ -18,7 +18,7 @@ * Unit tests for {@link Authenticator}. * * @author Rodney Waldhoff - * @version $Id: TestAuthenticator.java,v 1.2 2001/08/08 15:29:05 rwaldhoff Exp $ + * @version $Id: TestAuthenticator.java,v 1.3 2001/08/08 16:51:05 rwaldhoff Exp $ */ public class TestAuthenticator extends TestCase { @@ -43,7 +43,7 @@ public void testBasicAuthenticationWithNoCreds() { State state = new State(); - state.setAuthenticateToken("Basic realm1"); + state.setAuthenticateToken("Basic realm=\"realm1\""); try { Authenticator.challengeResponse(state); fail("Should have thrown HttpException"); @@ -79,7 +79,7 @@ public void testBasicAuthenticationWithDefaultCreds() throws Exception { State state = new State(); - state.setAuthenticateToken("Basic realm1"); + state.setAuthenticateToken("Basic realm=\"realm1\""); state.setDefaultCredentials(new Credentials("username","password")); String response = Authenticator.challengeResponse(state); String expected = "Basic " + new String(Base64.encode("username:password".getBytes())); @@ -88,7 +88,7 @@ public void testBasicAuthentication() throws Exception { State state = new State(); - state.setAuthenticateToken("Basic realm1"); + state.setAuthenticateToken("Basic realm=\"realm1\""); state.setCredentials("realm1",new Credentials("username","password")); String response = Authenticator.challengeResponse(state); String expected = "Basic " + new String(Base64.encode("username:password".getBytes())); @@ -100,13 +100,13 @@ state.setCredentials("realm1",new Credentials("username","password")); state.setCredentials("realm2",new Credentials("uname2","password2")); { - state.setAuthenticateToken("Basic realm1"); + state.setAuthenticateToken("Basic realm=\"realm1\""); String response = Authenticator.challengeResponse(state); String expected = "Basic " + new String(Base64.encode("username:password".getBytes())); assertEquals(expected,response); } { - state.setAuthenticateToken("Basic realm2"); + state.setAuthenticateToken("Basic realm=\"realm2\""); String response = Authenticator.challengeResponse(state); String expected = "Basic " + new String(Base64.encode("uname2:password2".getBytes())); assertEquals(expected,response);