olegk       2003/12/10 12:44:38

  Modified:    httpclient/src/java/org/apache/commons/httpclient Tag:
                        HTTPCLIENT_2_0_BRANCH HttpMethodBase.java
               httpclient/src/java/org/apache/commons/httpclient/auth Tag:
                        HTTPCLIENT_2_0_BRANCH AuthScheme.java
  Log:
  PR: #24352 (NTLM Proxy and basic host authorization)
  
  The bug turned out to be nastier than I initially thought. Another (and hopefully 
the final) take at fixing it
  
  Contributed by Oleg Kalnichevski
  Reviewed By Michael Becke
  
  Revision  Changes    Path
  No                   revision
  No                   revision
  1.159.2.19 +30 -10    
jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodBase.java
  
  Index: HttpMethodBase.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodBase.java,v
  retrieving revision 1.159.2.18
  retrieving revision 1.159.2.19
  diff -u -r1.159.2.18 -r1.159.2.19
  --- HttpMethodBase.java       3 Nov 2003 23:21:08 -0000       1.159.2.18
  +++ HttpMethodBase.java       10 Dec 2003 20:44:37 -0000      1.159.2.19
  @@ -75,6 +75,7 @@
   import org.apache.commons.httpclient.auth.AuthenticationException;
   import org.apache.commons.httpclient.auth.HttpAuthenticator;
   import org.apache.commons.httpclient.auth.MalformedChallengeException;
  +import org.apache.commons.httpclient.auth.NTLMScheme;
   import org.apache.commons.httpclient.cookie.CookiePolicy;
   import org.apache.commons.httpclient.cookie.CookieSpec;
   import org.apache.commons.httpclient.cookie.MalformedCookieException;
  @@ -178,12 +179,18 @@
       /** Response trailer headers, if any. */
       private HeaderGroup responseTrailerHeaders = new HeaderGroup();
   
  +    /** Authentication scheme used to authenticate againt the target server */
  +    private AuthScheme authScheme = null;
  +
       /** Realms this method tried to authenticate to */
       private Set realms = null;
   
       /** Actual authentication realm */
       private String realm = null;
   
  +    /** Authentication scheme used to authenticate againt the proxy server */
  +    private AuthScheme proxyAuthScheme = null;
  +
       /** Proxy Realms this method tried to authenticate to */
       private Set proxyRealms = null;
   
  @@ -1191,6 +1198,9 @@
           //invalidate the list of authentication attempts
           this.realms.clear();
           //remove exisitng authentication headers
  +        if (this.proxyAuthScheme instanceof NTLMScheme) {
  +            removeRequestHeader(HttpAuthenticator.PROXY_AUTH_RESP);
  +        }
           removeRequestHeader(HttpAuthenticator.WWW_AUTH_RESP); 
           //update the current location with the redirect location.
           //avoiding use of URL.getPath() and URL.getQuery() to keep
  @@ -1300,7 +1310,9 @@
           path = null;
           followRedirects = false;
           doAuthentication = true;
  +        authScheme = null;
           realm = null;
  +        proxyAuthScheme = null;
           proxyRealm = null;
           queryString = null;
           getRequestHeaderGroup().clear();
  @@ -1413,8 +1425,8 @@
                                                  HttpAuthenticator.WWW_AUTH);
               if (challenges.length > 0) {
                   try {
  -                    AuthScheme authscheme = 
HttpAuthenticator.selectAuthScheme(challenges);
  -                    HttpAuthenticator.authenticate(authscheme, this, conn, state);
  +                    this.authScheme = 
HttpAuthenticator.selectAuthScheme(challenges);
  +                    HttpAuthenticator.authenticate(this.authScheme, this, conn, 
state);
                   } catch (HttpException e) {
                       // log and move on
                       if (LOG.isErrorEnabled()) {
  @@ -1581,8 +1593,8 @@
                                                  HttpAuthenticator.PROXY_AUTH);
               if (challenges.length > 0) {
                   try {
  -                    AuthScheme authscheme = 
HttpAuthenticator.selectAuthScheme(challenges);
  -                    HttpAuthenticator.authenticateProxy(authscheme, this, conn, 
state);
  +                    this.proxyAuthScheme = 
HttpAuthenticator.selectAuthScheme(challenges);
  +                    HttpAuthenticator.authenticateProxy(this.proxyAuthScheme, this, 
conn, state);
                   } catch (HttpException e) {
                       // log and move on
                       if (LOG.isErrorEnabled()) {
  @@ -2475,6 +2487,12 @@
           LOG.trace("enter HttpMethodBase.processAuthenticationResponse("
               + "HttpState, HttpConnection)");
   
  +        if (this.proxyAuthScheme instanceof NTLMScheme) {
  +            removeRequestHeader(HttpAuthenticator.PROXY_AUTH_RESP);
  +        }
  +        if (this.authScheme instanceof NTLMScheme) {
  +            removeRequestHeader(HttpAuthenticator.WWW_AUTH_RESP);
  +        }
           int statusCode = statusLine.getStatusCode();
           // handle authentication required
           Header[] challenges = null;
  @@ -2535,20 +2553,22 @@
                   realmsUsed.add(realm);
               }
   
  -            removeRequestHeader(HttpAuthenticator.WWW_AUTH_RESP);
  -            removeRequestHeader(HttpAuthenticator.PROXY_AUTH_RESP);
               try {
                   //remove preemptive header and reauthenticate
                   switch (statusCode) {
                       case HttpStatus.SC_UNAUTHORIZED:
  +                        removeRequestHeader(HttpAuthenticator.WWW_AUTH_RESP);
                           authenticated = HttpAuthenticator.authenticate(
                               authscheme, this, conn, state);
                           this.realm = authscheme.getRealm();
  +                        this.authScheme = authscheme;
                           break;
                       case HttpStatus.SC_PROXY_AUTHENTICATION_REQUIRED:
  +                        removeRequestHeader(HttpAuthenticator.PROXY_AUTH_RESP);
                           authenticated = HttpAuthenticator.authenticateProxy(
                               authscheme, this, conn, state);
                           this.proxyRealm = authscheme.getRealm();
  +                        this.proxyAuthScheme = authscheme;
                           break;
                   }
               } catch (AuthenticationException e) {
  
  
  
  No                   revision
  No                   revision
  1.4.2.1   +4 -4      
jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/AuthScheme.java
  
  Index: AuthScheme.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/AuthScheme.java,v
  retrieving revision 1.4
  retrieving revision 1.4.2.1
  diff -u -r1.4 -r1.4.2.1
  --- AuthScheme.java   22 Apr 2003 17:00:25 -0000      1.4
  +++ AuthScheme.java   10 Dec 2003 20:44:38 -0000      1.4.2.1
  @@ -83,7 +83,7 @@
    * </p>
    * <p>
    * Authentication schemes may ignore method name and URI parameters
  - * if they are relevant for the given authentication mechanism
  + * if they are not relevant for the given authentication mechanism
    * </p>
    * 
    * @author <a href="mailto:[EMAIL PROTECTED]">Oleg Kalnichevski</a>
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to