1 package org
.argeo
.cms
.client
;
3 import java
.net
.MalformedURLException
;
5 import java
.net
.http
.HttpClient
;
6 import java
.net
.http
.HttpHeaders
;
7 import java
.net
.http
.HttpRequest
;
8 import java
.net
.http
.HttpResponse
;
9 import java
.net
.http
.HttpResponse
.BodyHandler
;
10 import java
.net
.http
.HttpResponse
.BodyHandlers
;
11 import java
.security
.KeyManagementException
;
12 import java
.security
.NoSuchAlgorithmException
;
13 import java
.security
.cert
.X509Certificate
;
15 import javax
.net
.ssl
.SSLContext
;
16 import javax
.net
.ssl
.TrustManager
;
17 import javax
.net
.ssl
.X509TrustManager
;
18 import javax
.security
.auth
.Subject
;
19 import javax
.security
.auth
.login
.LoginContext
;
21 import org
.argeo
.cms
.auth
.RemoteAuthUtils
;
22 import org
.argeo
.util
.http
.HttpHeader
;
24 public class SpnegoHttpClient
{
25 public static void main(String
[] args
) throws MalformedURLException
{
26 // String principal = System.getProperty("javax.security.auth.login.name");
27 if (args
.length
== 0) {
28 System
.err
.println("usage: java -Djavax.security.auth.login.name=<principal@REALM> "
29 + SpnegoHttpClient
.class.getName() + " <url>");
35 String server
= u
.getHost();
37 URL jaasUrl
= SpnegoHttpClient
.class.getResource("jaas.cfg");
38 System
.setProperty("java.security.auth.login.config", jaasUrl
.toExternalForm());
40 LoginContext lc
= new LoginContext("SINGLE_USER");
43 // int responseCode = Subject.doAs(lc.getSubject(), new PrivilegedExceptionAction<Integer>() {
45 // public Integer run() throws Exception {
47 // InputStream ins = u.openConnection().getInputStream();
48 // BufferedReader reader = new BufferedReader(new InputStreamReader(ins));
50 // while ((str = reader.readLine()) != null)
51 // System.out.println(str);
54 HttpClient httpClient
= openHttpClient(lc
.getSubject());
55 String token
= RemoteAuthUtils
.getGssToken(lc
.getSubject(), "HTTP", server
);
57 HttpRequest request
= HttpRequest
.newBuilder().uri(u
.toURI()) //
58 .header(HttpHeader
.AUTHORIZATION
.getName(), HttpHeader
.NEGOTIATE
+ " " + token
) //
60 BodyHandler
<String
> bodyHandler
= BodyHandlers
.ofString();
61 HttpResponse
<String
> response
= httpClient
.send(request
, bodyHandler
);
62 System
.out
.println(response
.body());
63 int responseCode
= response
.statusCode();
64 // return response.statusCode();
67 System
.out
.println("Reponse code: " + responseCode
);
68 } catch (Exception e
) {
73 private static HttpClient
openHttpClient(Subject subject
) {
74 HttpClient client
= HttpClient
.newBuilder() //
75 // .sslContext(insecureContext()) //
76 .version(HttpClient
.Version
.HTTP_1_1
) //
82 static SSLContext
insecureContext() {
83 TrustManager
[] noopTrustManager
= new TrustManager
[] { new X509TrustManager() {
84 public void checkClientTrusted(X509Certificate
[] xcs
, String string
) {
87 public void checkServerTrusted(X509Certificate
[] xcs
, String string
) {
90 public X509Certificate
[] getAcceptedIssuers() {
95 SSLContext sc
= SSLContext
.getInstance("ssl");
96 sc
.init(null, noopTrustManager
, null);
98 } catch (KeyManagementException
| NoSuchAlgorithmException e
) {
99 throw new IllegalStateException("Cannot create insecure SSL context ", e
);