]> git.argeo.org Git - lgpl/argeo-commons.git/blob - org.argeo.cms/src/org/argeo/cms/internal/http/client/SpnegoHttpClient.java
projects / lgpl / argeo-commons.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Clarify CMS initialisation
[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / internal / http / client / SpnegoHttpClient.java
1 package org.argeo.cms.internal.http.client;
2
3 import java.net.MalformedURLException;
4 import java.net.URL;
5 import java.net.http.HttpClient;
6 import java.net.http.HttpRequest;
7 import java.net.http.HttpResponse;
8 import java.net.http.HttpResponse.BodyHandler;
9 import java.net.http.HttpResponse.BodyHandlers;
10 import java.security.KeyManagementException;
11 import java.security.NoSuchAlgorithmException;
12 import java.security.cert.X509Certificate;
13
14 import javax.net.ssl.SSLContext;
15 import javax.net.ssl.TrustManager;
16 import javax.net.ssl.X509TrustManager;
17 import javax.security.auth.Subject;
18 import javax.security.auth.login.LoginContext;
19
20 import org.argeo.cms.auth.RemoteAuthUtils;
21
22 public class SpnegoHttpClient {
23 public static void main(String[] args) throws MalformedURLException {
24 // String principal = System.getProperty("javax.security.auth.login.name");
25 if (args.length == 0 ) {
26 System.err.println("usage: java -Djavax.security.auth.login.name=<principal@REALM> "
27 + SpnegoHttpClient.class.getName() + " <url>");
28 System.exit(1);
29 return;
30 }
31 String url = args[0];
32 URL u = new URL(url);
33 String server = u.getHost();
34
35 URL jaasUrl = SpnegoHttpClient.class.getResource("jaas.cfg");
36 System.setProperty("java.security.auth.login.config", jaasUrl.toExternalForm());
37 try {
38 LoginContext lc = new LoginContext("SINGLE_USER");
39 lc.login();
40
41 // int responseCode = Subject.doAs(lc.getSubject(), new PrivilegedExceptionAction<Integer>() {
42 //
43 // public Integer run() throws Exception {
44
45 // InputStream ins = u.openConnection().getInputStream();
46 // BufferedReader reader = new BufferedReader(new InputStreamReader(ins));
47 // String str;
48 // while ((str = reader.readLine()) != null)
49 // System.out.println(str);
50 // return 666;
51
52 HttpClient httpClient = openHttpClient(lc.getSubject());
53 String token = RemoteAuthUtils.getGssToken(lc.getSubject(), "HTTP", server);
54
55 HttpRequest request = HttpRequest.newBuilder().uri(u.toURI()) //
56 .header("Authorization", "Negotiate " + token) //
57 .build();
58 BodyHandler<String> bodyHandler = BodyHandlers.ofString();
59 HttpResponse<String> response = httpClient.send(request, bodyHandler);
60 System.out.println(response.body());
61 int responseCode = response.statusCode();
62 // return response.statusCode();
63 // }
64 // });
65 System.out.println("Reponse code: " + responseCode);
66 } catch (Exception e) {
67 e.printStackTrace();
68 }
69 }
70
71 private static HttpClient openHttpClient(Subject subject) {
72 HttpClient client = HttpClient.newBuilder() //
73 // .sslContext(insecureContext()) //
74 .version(HttpClient.Version.HTTP_1_1) //
75 .build();
76
77 return client;
78 }
79
80 static SSLContext insecureContext() {
81 TrustManager[] noopTrustManager = new TrustManager[] { new X509TrustManager() {
82 public void checkClientTrusted(X509Certificate[] xcs, String string) {
83 }
84
85 public void checkServerTrusted(X509Certificate[] xcs, String string) {
86 }
87
88 public X509Certificate[] getAcceptedIssuers() {
89 return null;
90 }
91 } };
92 try {
93 SSLContext sc = SSLContext.getInstance("ssl");
94 sc.init(null, noopTrustManager, null);
95 return sc;
96 } catch (KeyManagementException | NoSuchAlgorithmException e) {
97 throw new IllegalStateException("Cannot create insecure SSL context ", e);
98 }
99 }
100
101 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi