1 package org
.argeo
.cms
.client
;
3 import java
.net
.MalformedURLException
;
5 import java
.net
.http
.HttpClient
;
6 import java
.net
.http
.HttpRequest
;
7 import java
.net
.http
.HttpResponse
;
8 import java
.net
.http
.HttpResponse
.BodyHandler
;
9 import java
.net
.http
.HttpResponse
.BodyHandlers
;
10 import java
.security
.KeyManagementException
;
11 import java
.security
.NoSuchAlgorithmException
;
12 import java
.security
.cert
.X509Certificate
;
14 import javax
.net
.ssl
.SSLContext
;
15 import javax
.net
.ssl
.TrustManager
;
16 import javax
.net
.ssl
.X509TrustManager
;
17 import javax
.security
.auth
.Subject
;
18 import javax
.security
.auth
.login
.LoginContext
;
20 import org
.argeo
.cms
.auth
.RemoteAuthUtils
;
21 import org
.argeo
.util
.http
.HttpHeader
;
23 public class SpnegoHttpClient
{
24 public static void main(String
[] args
) throws MalformedURLException
{
25 // String principal = System.getProperty("javax.security.auth.login.name");
26 if (args
.length
== 0) {
27 System
.err
.println("usage: java -Djavax.security.auth.login.name=<principal@REALM> "
28 + SpnegoHttpClient
.class.getName() + " <url>");
34 String server
= u
.getHost();
36 URL jaasUrl
= SpnegoHttpClient
.class.getResource("jaas.cfg");
37 System
.setProperty("java.security.auth.login.config", jaasUrl
.toExternalForm());
39 LoginContext lc
= new LoginContext("SINGLE_USER");
42 HttpClient httpClient
= openHttpClient(lc
.getSubject());
43 String token
= RemoteAuthUtils
.createGssToken(lc
.getSubject(), "HTTP", server
);
45 HttpRequest request
= HttpRequest
.newBuilder().uri(u
.toURI()) //
46 .header(HttpHeader
.AUTHORIZATION
.getHeaderName(), HttpHeader
.NEGOTIATE
+ " " + token
) //
48 BodyHandler
<String
> bodyHandler
= BodyHandlers
.ofString();
49 HttpResponse
<String
> response
= httpClient
.send(request
, bodyHandler
);
50 System
.out
.println(response
.body());
51 int responseCode
= response
.statusCode();
52 System
.exit(responseCode
);
53 } catch (Exception e
) {
58 private static HttpClient
openHttpClient(Subject subject
) {
59 HttpClient client
= HttpClient
.newBuilder() //
60 // .sslContext(insecureContext()) //
61 .version(HttpClient
.Version
.HTTP_1_1
) //
67 static SSLContext
insecureContext() {
68 TrustManager
[] noopTrustManager
= new TrustManager
[] { new X509TrustManager() {
69 public void checkClientTrusted(X509Certificate
[] xcs
, String string
) {
72 public void checkServerTrusted(X509Certificate
[] xcs
, String string
) {
75 public X509Certificate
[] getAcceptedIssuers() {
80 SSLContext sc
= SSLContext
.getInstance("ssl");
81 sc
.init(null, noopTrustManager
, null);
83 } catch (KeyManagementException
| NoSuchAlgorithmException e
) {
84 throw new IllegalStateException("Cannot create insecure SSL context ", e
);