X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=eclipse%2Forg.argeo.cms.swt%2Fsrc%2Forg%2Fargeo%2Fcms%2Fswt%2Fauth%2FCmsLogin.java;fp=eclipse%2Forg.argeo.cms.swt%2Fsrc%2Forg%2Fargeo%2Fcms%2Fswt%2Fauth%2FCmsLogin.java;h=6cc410ced0d07aff11369121d3687b880365bc8c;hb=3d3c654c9d973c62ca22f1c9010bb2e7e1847d09;hp=b313222d516374e67b60ff9114b98fd9a1992530;hpb=9e3e4ceb38e36ee8d7b4287a60cd92f2b1a66a2a;p=lgpl%2Fargeo-commons.git diff --git a/eclipse/org.argeo.cms.swt/src/org/argeo/cms/swt/auth/CmsLogin.java b/eclipse/org.argeo.cms.swt/src/org/argeo/cms/swt/auth/CmsLogin.java index b313222d5..6cc410ced 100644 --- a/eclipse/org.argeo.cms.swt/src/org/argeo/cms/swt/auth/CmsLogin.java +++ b/eclipse/org.argeo.cms.swt/src/org/argeo/cms/swt/auth/CmsLogin.java @@ -4,24 +4,9 @@ import static org.argeo.cms.CmsMsg.password; import static org.argeo.cms.CmsMsg.username; import java.io.IOException; -import java.net.Authenticator; -import java.net.PasswordAuthentication; -import java.net.URI; -import java.net.http.HttpClient; -import java.net.http.HttpRequest; -import java.net.http.HttpResponse; -import java.net.http.HttpResponse.BodyHandler; -import java.net.http.HttpResponse.BodyHandlers; -import java.security.KeyManagementException; -import java.security.NoSuchAlgorithmException; -import java.security.PrivilegedAction; -import java.security.cert.X509Certificate; import java.util.List; import java.util.Locale; -import javax.net.ssl.SSLContext; -import javax.net.ssl.TrustManager; -import javax.net.ssl.X509TrustManager; import javax.security.auth.Subject; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; @@ -39,7 +24,6 @@ import org.argeo.api.cms.ux.CmsView; import org.argeo.cms.CmsMsg; import org.argeo.cms.LocaleUtils; import org.argeo.cms.auth.RemoteAuthCallback; -import org.argeo.cms.auth.RemoteAuthUtils; import org.argeo.cms.servlet.ServletHttpRequest; import org.argeo.cms.servlet.ServletHttpResponse; import org.argeo.cms.swt.CmsStyles; @@ -293,11 +277,6 @@ public class CmsLogin implements CmsStyles, CallbackHandler { else loginContext = new LoginContext(CmsAuth.LOGIN_CONTEXT_USER, subject, this); loginContext.login(); -// try { -// openHttpClient(loginContext.getSubject(), "id-internal.work.argeo.net"); -// } catch (Exception e) { -// e.printStackTrace(); -// } cmsView.authChange(loginContext); return true; } catch (LoginException e) { @@ -320,69 +299,6 @@ public class CmsLogin implements CmsStyles, CallbackHandler { // } } - private static HttpClient openHttpClient(Subject subject, String server) { - try { - String domain = "WORK.ARGEO.ORG"; - // disable https check - // jdk.internal.httpclient.disableHostnameVerification=true - HttpClient client = HttpClient.newBuilder().sslContext(insecureContext()) - .authenticator(new Authenticator() { - public PasswordAuthentication getPasswordAuthentication() { - // I haven't checked getRequestingScheme() here, since for NTLM - // and Negotiate, the usrname and password are all the same. - System.err.println("Feeding username and password for " + getRequestingScheme()); - return (new PasswordAuthentication("mbaudier@" + domain, null)); - } - - }).build(); - - String token = RemoteAuthUtils.getGssToken(subject, "HTTP/" + server + "@" + domain); - - HttpRequest request = HttpRequest.newBuilder(URI.create("https://" + server + "/ipa/session/json")).GET() - .header("Authorization", "Negotiate " + token).build(); - BodyHandler bodyHandler = BodyHandlers.ofString(); - HttpResponse response = client.send(request, bodyHandler); - System.out.println(response.body()); - return client; - - // return client; -// AuthPolicy.registerAuthScheme(SpnegoAuthScheme.NAME, SpnegoAuthScheme.class); -// HttpParams params = DefaultHttpParams.getDefaultParams(); -// ArrayList schemes = new ArrayList<>(); -// schemes.add(SpnegoAuthScheme.NAME); -// params.setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, schemes); -// params.setParameter(CredentialsProvider.PROVIDER, new HttpCredentialProvider()); -// HttpClient httpClient = new HttpClient(); -// httpClient.executeMethod(new GetMethod(("https://" + server + "/ipa/session/json"))); -// return httpClient; - } catch ( - - Exception e) { - throw new IllegalStateException("Cannot open client to IPA server " + server, e); - } - - } - - private static SSLContext insecureContext() { - TrustManager[] noopTrustManager = new TrustManager[] { new X509TrustManager() { - public void checkClientTrusted(X509Certificate[] xcs, String string) { - } - - public void checkServerTrusted(X509Certificate[] xcs, String string) { - } - - public X509Certificate[] getAcceptedIssuers() { - return null; - } - } }; - try { - SSLContext sc = SSLContext.getInstance("ssl"); - sc.init(null, noopTrustManager, null); - return sc; - } catch (KeyManagementException | NoSuchAlgorithmException e) { - throw new IllegalStateException("Cannot create insecure SSL context ", e); - } - } protected void logout() { cmsView.logout();