Author: olegk Date: Mon Sep 19 13:37:48 2005 New Revision: 290260 URL: http://svn.apache.org/viewcvs?rev=290260&view=rev Log: PR #36339 (Request is retried if preemptive authentication fails)
Contributed by Oleg Kalnichevski Reviewed by Michael Becke Modified: jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/HttpMethodDirector.java jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/auth/AuthChallengeProcessor.java jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/auth/AuthState.java jakarta/commons/proper/httpclient/trunk/src/test/org/apache/commons/httpclient/auth/TestBasicAuth.java Modified: jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/HttpMethodDirector.java URL: http://svn.apache.org/viewcvs/jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/HttpMethodDirector.java?rev=290260&r1=290259&r2=290260&view=diff ============================================================================== --- jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/HttpMethodDirector.java (original) +++ jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/HttpMethodDirector.java Mon Sep 19 13:37:48 2005 @@ -159,8 +159,10 @@ { LOG.debug("Preemptively sending default basic credentials"); method.getHostAuthState().setPreemptive(); + method.getHostAuthState().setAuthAttempted(true); if (this.conn.isProxied()) { method.getProxyAuthState().setPreemptive(); + method.getProxyAuthState().setAuthAttempted(true); } } } @@ -665,10 +667,6 @@ throws MalformedChallengeException, AuthenticationException { AuthState authstate = method.getHostAuthState(); - if (authstate.isPreemptive()) { - authstate.invalidate(); - authstate.setAuthRequested(true); - } Map challenges = AuthChallengeParser.parseChallenges( method.getResponseHeaders(WWW_AUTH_CHALLENGE)); if (challenges.isEmpty()) { @@ -733,10 +731,6 @@ throws MalformedChallengeException, AuthenticationException { AuthState authstate = method.getProxyAuthState(); - if (authstate.isPreemptive()) { - authstate.invalidate(); - authstate.setAuthRequested(true); - } Map proxyChallenges = AuthChallengeParser.parseChallenges( method.getResponseHeaders(PROXY_AUTH_CHALLENGE)); if (proxyChallenges.isEmpty()) { Modified: jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/auth/AuthChallengeProcessor.java URL: http://svn.apache.org/viewcvs/jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/auth/AuthChallengeProcessor.java?rev=290260&r1=290259&r2=290260&view=diff ============================================================================== --- jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/auth/AuthChallengeProcessor.java (original) +++ jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/auth/AuthChallengeProcessor.java Mon Sep 19 13:37:48 2005 @@ -143,7 +143,8 @@ if (challenges == null) { throw new IllegalArgumentException("Challenge map may not be null"); } - if (state.getAuthScheme() == null) { + + if (state.isPreemptive() || state.getAuthScheme() == null) { // Authentication not attempted before state.setAuthScheme(selectAuthScheme(challenges)); } Modified: jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/auth/AuthState.java URL: http://svn.apache.org/viewcvs/jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/auth/AuthState.java?rev=290260&r1=290259&r2=290260&view=diff ============================================================================== --- jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/auth/AuthState.java (original) +++ jakarta/commons/proper/httpclient/trunk/src/java/org/apache/commons/httpclient/auth/AuthState.java Mon Sep 19 13:37:48 2005 @@ -38,6 +38,8 @@ */ public class AuthState { + public static final String PREEMPTIVE_AUTH_SCHEME = "basic"; + /** Actual authentication scheme */ private AuthScheme authScheme = null; @@ -116,7 +118,7 @@ if (this.authScheme != null) { throw new IllegalStateException("Authentication state already initialized"); } - this.authScheme = AuthPolicy.getAuthScheme("basic"); + this.authScheme = AuthPolicy.getAuthScheme(PREEMPTIVE_AUTH_SCHEME); this.preemptive = true; } } @@ -137,8 +139,15 @@ * @param authScheme the [EMAIL PROTECTED] AuthScheme authentication scheme} */ public void setAuthScheme(final AuthScheme authScheme) { + if (authScheme == null) { + invalidate(); + return; + } + if (this.preemptive && !(this.authScheme.getClass().isInstance(authScheme))) { + this.preemptive = false; + this.authAttempted = false; + } this.authScheme = authScheme; - this.preemptive = false; } /** Modified: jakarta/commons/proper/httpclient/trunk/src/test/org/apache/commons/httpclient/auth/TestBasicAuth.java URL: http://svn.apache.org/viewcvs/jakarta/commons/proper/httpclient/trunk/src/test/org/apache/commons/httpclient/auth/TestBasicAuth.java?rev=290260&r1=290259&r2=290260&view=diff ============================================================================== --- jakarta/commons/proper/httpclient/trunk/src/test/org/apache/commons/httpclient/auth/TestBasicAuth.java (original) +++ jakarta/commons/proper/httpclient/trunk/src/test/org/apache/commons/httpclient/auth/TestBasicAuth.java Mon Sep 19 13:37:48 2005 @@ -410,7 +410,7 @@ assertNotNull(authstate.getAuthScheme()); assertTrue(authstate.getAuthScheme() instanceof BasicScheme); assertNotNull(authstate.getRealm()); - assertFalse(authstate.isPreemptive()); + assertTrue(authstate.isPreemptive()); } public void testCustomAuthorizationHeader() throws Exception { @@ -551,4 +551,36 @@ assertEquals("test", authstate.getRealm()); } + public void testPreemptiveAuthorizationFailure() throws Exception { + UsernamePasswordCredentials creds = + new UsernamePasswordCredentials("testuser", "testpass"); + UsernamePasswordCredentials wrongcreds = + new UsernamePasswordCredentials("testuser", "garbage"); + + HttpRequestHandlerChain handlerchain = new HttpRequestHandlerChain(); + handlerchain.appendHandler(new AuthRequestHandler(creds)); + handlerchain.appendHandler(new HttpServiceHandler(new FeedbackService())); + + HttpState state = new HttpState(); + state.setCredentials(AuthScope.ANY, wrongcreds); + this.client.setState(state); + this.client.getParams().setAuthenticationPreemptive(true); + + this.server.setRequestHandler(handlerchain); + + GetMethod httpget = new GetMethod("/test/"); + try { + this.client.executeMethod(httpget); + } finally { + httpget.releaseConnection(); + } + assertNotNull(httpget.getStatusLine()); + assertEquals(HttpStatus.SC_UNAUTHORIZED, httpget.getStatusLine().getStatusCode()); + AuthState authstate = httpget.getHostAuthState(); + assertNotNull(authstate.getAuthScheme()); + assertTrue(authstate.getAuthScheme() instanceof BasicScheme); + assertEquals("test", authstate.getRealm()); + assertTrue(authstate.isPreemptive()); + } + } --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]