X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=cms%2Forg.argeo.slc.cms%2Fsrc%2Forg%2Fargeo%2Fslc%2Fcms%2Fhttpclient3%2FSpnegoAuthScheme.java;fp=cms%2Forg.argeo.slc.cms%2Fsrc%2Forg%2Fargeo%2Fslc%2Fcms%2Fhttpclient3%2FSpnegoAuthScheme.java;h=0000000000000000000000000000000000000000;hb=c84c35b40abfaeb10c2ca05ad493511a6e2d98a3;hp=a28559a9b6f304cd12f851a7d9b2d1987b846a90;hpb=d7473cfeed2d796cdfc1fe99fb23062fa637bb9a;p=gpl%2Fargeo-slc.git

diff --git a/cms/org.argeo.slc.cms/src/org/argeo/slc/cms/httpclient3/SpnegoAuthScheme.java b/cms/org.argeo.slc.cms/src/org/argeo/slc/cms/httpclient3/SpnegoAuthScheme.java
deleted file mode 100644
index a28559a9b..000000000
--- a/cms/org.argeo.slc.cms/src/org/argeo/slc/cms/httpclient3/SpnegoAuthScheme.java
+++ /dev/null
@@ -1,179 +0,0 @@
-package org.argeo.slc.cms.httpclient3;
-
-import java.net.URL;
-import java.security.PrivilegedExceptionAction;
-import java.util.ArrayList;
-
-import javax.security.auth.Subject;
-import javax.security.auth.login.LoginContext;
-
-import org.apache.commons.httpclient.Credentials;
-import org.apache.commons.httpclient.HttpClient;
-import org.apache.commons.httpclient.HttpMethod;
-import org.apache.commons.httpclient.auth.AuthPolicy;
-import org.apache.commons.httpclient.auth.AuthScheme;
-import org.apache.commons.httpclient.auth.AuthenticationException;
-import org.apache.commons.httpclient.auth.CredentialsProvider;
-import org.apache.commons.httpclient.auth.MalformedChallengeException;
-import org.apache.commons.httpclient.methods.GetMethod;
-import org.apache.commons.httpclient.params.DefaultHttpParams;
-import org.apache.commons.httpclient.params.HttpMethodParams;
-import org.apache.commons.httpclient.params.HttpParams;
-import org.argeo.cms.auth.RemoteAuthUtils;
-
-//// Register client-side SPNEGO auth scheme
-//AuthPolicy.registerAuthScheme(SpnegoAuthScheme.NAME, SpnegoAuthScheme.class);
-//HttpParams params = DefaultHttpParams.getDefaultParams();
-//ArrayList<String> schemes = new ArrayList<>();
-//schemes.add(SpnegoAuthScheme.NAME);// SPNEGO preferred
-//// schemes.add(AuthPolicy.BASIC);// incompatible with Basic
-//params.setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, schemes);
-//params.setParameter(CredentialsProvider.PROVIDER, new HttpCredentialProvider());
-//params.setParameter(HttpMethodParams.COOKIE_POLICY, KernelConstants.COOKIE_POLICY_BROWSER_COMPATIBILITY);
-//// params.setCookiePolicy(CookiePolicy.BROWSER_COMPATIBILITY);
-
-
-
-/** Implementation of the SPNEGO auth scheme. */
-public class SpnegoAuthScheme implements AuthScheme {
-//	private final static Log log = LogFactory.getLog(SpnegoAuthScheme.class);
-
-	public static final String NAME = "Negotiate";
-//	private final static Oid KERBEROS_OID;
-//	static {
-//		try {
-//			KERBEROS_OID = new Oid("1.3.6.1.5.5.2");
-//		} catch (GSSException e) {
-//			throw new IllegalStateException("Cannot create Kerberos OID", e);
-//		}
-//	}
-
-	private final static String DEFAULT_KERBEROS_SERVICE = "HTTP";
-
-	private boolean complete = false;
-	private String realm;
-
-	@Override
-	public void processChallenge(String challenge) throws MalformedChallengeException {
-		// if(tokenStr!=null){
-		// log.error("Received challenge while there is a token. Failing.");
-		// complete = false;
-		// }
-
-	}
-
-	@Override
-	public String getSchemeName() {
-		return NAME;
-	}
-
-	@Override
-	public String getParameter(String name) {
-		return null;
-	}
-
-	@Override
-	public String getRealm() {
-		return realm;
-	}
-
-	@Override
-	public String getID() {
-		return NAME;
-	}
-
-	@Override
-	public boolean isConnectionBased() {
-		return true;
-	}
-
-	@Override
-	public boolean isComplete() {
-		return complete;
-	}
-
-	@Override
-	public String authenticate(Credentials credentials, String method, String uri) throws AuthenticationException {
-		// log.debug("authenticate " + method + " " + uri);
-		// return null;
-		throw new UnsupportedOperationException();
-	}
-
-	@Override
-	public String authenticate(Credentials credentials, HttpMethod method) throws AuthenticationException {
-//		GSSContext context = null;
-		String hostname;
-		try {
-			hostname = method.getURI().getHost();
-			String tokenStr = RemoteAuthUtils.createGssToken(null, DEFAULT_KERBEROS_SERVICE, hostname);
-			return "Negotiate " + tokenStr;
-		} catch (Exception e1) {
-			complete = true;
-			throw new AuthenticationException("Cannot authenticate " + method, e1);
-		}
-//		String serverPrinc = DEFAULT_KERBEROS_SERVICE + "@" + hostname;
-//
-//		try {
-//			// Get service's principal name
-//			GSSManager manager = GSSManager.getInstance();
-//			GSSName serverName = manager.createName(serverPrinc, GSSName.NT_HOSTBASED_SERVICE, KERBEROS_OID);
-//
-//			// Get the context for authentication
-//			context = manager.createContext(serverName, KERBEROS_OID, null, GSSContext.DEFAULT_LIFETIME);
-//			// context.requestMutualAuth(true); // Request mutual authentication
-//			// context.requestConf(true); // Request confidentiality
-//			context.requestCredDeleg(true);
-//
-//			byte[] token = new byte[0];
-//
-//			// token is ignored on the first call
-//			token = context.initSecContext(token, 0, token.length);
-//
-//			// Send a token to the server if one was generated by
-//			// initSecContext
-//			if (token != null) {
-//				tokenStr = Base64.getEncoder().encodeToString(token);
-//				// complete=true;
-//			}
-//		} catch (GSSException e) {
-//			complete = true;
-//			throw new AuthenticationException("Cannot authenticate to " + serverPrinc, e);
-//		}
-	}
-
-	public static void main(String[] args) {
-		String principal = System.getProperty("javax.security.auth.login.name");
-		if (args.length == 0 || principal == null) {
-			System.err.println("usage: java -Djavax.security.auth.login.name=<principal@REALM> "
-					+ SpnegoAuthScheme.class.getName() + " <url>");
-			System.exit(1);
-			return;
-		}
-		String url = args[0];
-
-		URL jaasUrl = SpnegoAuthScheme.class.getResource("jaas.cfg");
-		System.setProperty("java.security.auth.login.config", jaasUrl.toExternalForm());
-		try {
-			LoginContext lc = new LoginContext("SINGLE_USER");
-			lc.login();
-
-			AuthPolicy.registerAuthScheme(SpnegoAuthScheme.NAME, SpnegoAuthScheme.class);
-			HttpParams params = DefaultHttpParams.getDefaultParams();
-			ArrayList<String> schemes = new ArrayList<>();
-			schemes.add(SpnegoAuthScheme.NAME);
-			params.setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, schemes);
-			params.setParameter(CredentialsProvider.PROVIDER, new HttpCredentialProvider());
-
-			int responseCode = Subject.doAs(lc.getSubject(), new PrivilegedExceptionAction<Integer>() {
-				public Integer run() throws Exception {
-					HttpClient httpClient = new HttpClient();
-					return httpClient.executeMethod(new GetMethod(url));
-				}
-			});
-			System.out.println("Reponse code: " + responseCode);
-		} catch (Exception e) {
-			e.printStackTrace();
-		}
-	}
-
-}