X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fhttp%2Fclient%2FSpnegoAuthScheme.java;h=334e43c85a1672e9cd737bd6f9096a3ec78329d3;hb=b7683883512d924a039a43c2e1102290aa49f64d;hp=7d5278ef06b90fb176c93ca35b582b8e18f41c55;hpb=3714331f776988facff3632d86ad3f6d6352220c;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/internal/http/client/SpnegoAuthScheme.java b/org.argeo.cms/src/org/argeo/cms/internal/http/client/SpnegoAuthScheme.java index 7d5278ef0..334e43c85 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/http/client/SpnegoAuthScheme.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/http/client/SpnegoAuthScheme.java @@ -20,8 +20,7 @@ import org.apache.commons.httpclient.auth.MalformedChallengeException; import org.apache.commons.httpclient.methods.GetMethod; import org.apache.commons.httpclient.params.DefaultHttpParams; import org.apache.commons.httpclient.params.HttpParams; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; +import org.argeo.cms.internal.kernel.KernelConstants; import org.ietf.jgss.GSSContext; import org.ietf.jgss.GSSException; import org.ietf.jgss.GSSManager; @@ -30,7 +29,7 @@ import org.ietf.jgss.Oid; /** Implementation of the SPNEGO auth scheme. */ public class SpnegoAuthScheme implements AuthScheme { - private final static Log log = LogFactory.getLog(SpnegoAuthScheme.class); +// private final static Log log = LogFactory.getLog(SpnegoAuthScheme.class); public static final String NAME = "Negotiate"; private final static Oid KERBEROS_OID; @@ -47,7 +46,10 @@ public class SpnegoAuthScheme implements AuthScheme { @Override public void processChallenge(String challenge) throws MalformedChallengeException { - log.debug("processChallenge " + challenge); + // if(tokenStr!=null){ + // log.error("Received challenge while there is a token. Failing."); + // complete = false; + // } } @@ -58,7 +60,6 @@ public class SpnegoAuthScheme implements AuthScheme { @Override public String getParameter(String name) { - log.debug("getParameter " + name); return null; } @@ -79,19 +80,18 @@ public class SpnegoAuthScheme implements AuthScheme { @Override public boolean isComplete() { - log.debug("isComplete"); return complete; } @Override public String authenticate(Credentials credentials, String method, String uri) throws AuthenticationException { - log.debug("authenticate " + method + " " + uri); - return null; + // log.debug("authenticate " + method + " " + uri); + // return null; + throw new UnsupportedOperationException(); } @Override public String authenticate(Credentials credentials, HttpMethod method) throws AuthenticationException { - log.debug("authenticate " + method); GSSContext context = null; String tokenStr = null; String hostname; @@ -100,7 +100,7 @@ public class SpnegoAuthScheme implements AuthScheme { } catch (URIException e1) { throw new IllegalStateException("Cannot authenticate", e1); } - String serverPrinc = "HTTP@" + hostname; + String serverPrinc = KernelConstants.DEFAULT_KERBEROS_SERVICE + "@" + hostname; try { // Get service's principal name @@ -126,6 +126,7 @@ public class SpnegoAuthScheme implements AuthScheme { } return "Negotiate " + tokenStr; } catch (GSSException e) { + complete = true; throw new AuthenticationException("Cannot authenticate to " + serverPrinc, e); } } @@ -149,7 +150,7 @@ public class SpnegoAuthScheme implements AuthScheme { ArrayList schemes = new ArrayList<>(); schemes.add(SpnegoAuthScheme.NAME); params.setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, schemes); - params.setParameter(CredentialsProvider.PROVIDER, new SpnegoCredentialProvider()); + params.setParameter(CredentialsProvider.PROVIDER, new HttpCredentialProvider()); int responseCode = Subject.doAs(lc.getSubject(), new PrivilegedExceptionAction() { public Integer run() throws Exception {