import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.params.DefaultHttpParams;
import org.apache.commons.httpclient.params.HttpParams;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
+import org.argeo.cms.internal.runtime.KernelConstants;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
/** Implementation of the SPNEGO auth scheme. */
public class SpnegoAuthScheme implements AuthScheme {
- private final static Log log = LogFactory.getLog(SpnegoAuthScheme.class);
+// private final static Log log = LogFactory.getLog(SpnegoAuthScheme.class);
public static final String NAME = "Negotiate";
private final static Oid KERBEROS_OID;
@Override
public void processChallenge(String challenge) throws MalformedChallengeException {
- log.debug("processChallenge " + challenge);
+ // if(tokenStr!=null){
+ // log.error("Received challenge while there is a token. Failing.");
+ // complete = false;
+ // }
}
@Override
public String getParameter(String name) {
- log.debug("getParameter " + name);
return null;
}
@Override
public boolean isComplete() {
- log.debug("isComplete");
return complete;
}
@Override
public String authenticate(Credentials credentials, String method, String uri) throws AuthenticationException {
- log.debug("authenticate " + method + " " + uri);
- return null;
+ // log.debug("authenticate " + method + " " + uri);
+ // return null;
+ throw new UnsupportedOperationException();
}
@Override
public String authenticate(Credentials credentials, HttpMethod method) throws AuthenticationException {
- log.debug("authenticate " + method);
GSSContext context = null;
String tokenStr = null;
String hostname;
} catch (URIException e1) {
throw new IllegalStateException("Cannot authenticate", e1);
}
- String serverPrinc = "HTTP@" + hostname;
+ String serverPrinc = KernelConstants.DEFAULT_KERBEROS_SERVICE + "@" + hostname;
try {
// Get service's principal name
}
return "Negotiate " + tokenStr;
} catch (GSSException e) {
+ complete = true;
throw new AuthenticationException("Cannot authenticate to " + serverPrinc, e);
}
}
ArrayList<String> schemes = new ArrayList<>();
schemes.add(SpnegoAuthScheme.NAME);
params.setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, schemes);
- params.setParameter(CredentialsProvider.PROVIDER, new SpnegoCredentialProvider());
+ params.setParameter(CredentialsProvider.PROVIDER, new HttpCredentialProvider());
int responseCode = Subject.doAs(lc.getSubject(), new PrivilegedExceptionAction<Integer>() {
public Integer run() throws Exception {