Index: java/org/apache/commons/httpclient/Authenticator.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/Authenticator.java,v retrieving revision 1.13 diff -u -r1.13 Authenticator.java --- java/org/apache/commons/httpclient/Authenticator.java 10 Jul 2002 02:29:32 -0000 1.13 +++ java/org/apache/commons/httpclient/Authenticator.java 11 Jul 2002 17:09:47 -0000 @@ -74,6 +74,7 @@ *
* @author Remy Maucherat * @author Rodney Waldhoff + * @author Jeff Dever * @version $Revision: 1.13 $ $Date: 2002/07/10 02:29:32 $ */ class Authenticator { @@ -102,6 +103,7 @@ * {@link HttpMethod}, if possible. * * @see HttpState#setCredentials(String, Credentials) HttpState.setCredentials + * @see #authenticate(HttpMethod,HttpState,Header,String) * * @param method a {@link HttpMethod} which requires authentication * @param state a {@link HttpState} object providing {@link Credentials} @@ -110,7 +112,9 @@ * @throws UnsupportedOperationException when the given challenge type is not supported * @return true if only if a response header was added */ - static boolean authenticate(HttpMethod method, HttpState state) throws HttpException { + static boolean authenticate(HttpMethod method, HttpState state) + throws HttpException, UnsupportedOperationException { + log.debug("Authenticator.authenticate(HttpMethod, HttpState)"); Header challengeHeader = method.getResponseHeader(WWW_AUTH); @@ -124,6 +128,7 @@ * {@link HttpMethod}, if possible. * * @see HttpState#setProxyCredentials(String, Credentials) HttpState.setProxyCredentials + * @see #authenticate(HttpMethod,HttpState,Header,String) * * @param method a {@link HttpMethod} which requires authentication * @param state a {@link HttpState} object providing {@link Credentials} @@ -132,7 +137,9 @@ * @throws UnsupportedOperationException when the given challenge type is not supported * @return true if only if a response header was added */ - static boolean authenticateProxy(HttpMethod method, HttpState state) throws HttpException { + static boolean authenticateProxy(HttpMethod method, HttpState state) + throws HttpException, UnsupportedOperationException { + log.debug("Authenticator.authenticateProxy(HttpMethod, HttpState)"); Header challengeHeader = method.getResponseHeader(PROXY_AUTH); @@ -144,17 +151,21 @@ * Add requisite authentication credentials to the given * {@link HttpMethod}, if possible, using the given response header * + * Currently only Basic authentication is supported. + * * @param method the {@link HttpMethod http method} to add the authentication * details to * @param challengeHeader the header the web server created to challenge the * credentials + * @param state a {@link HttpState} object providing {@link Credentials} * @param respHeader the response header to add (e.g. proxy or standard) + * * @throws HttpException when an error occurs parsing the challenge + * @throws UnsupportedOperationException when the given challenge type is not supported + * @return true if only if a response header was added */ - private static boolean authenticate(HttpMethod method, HttpState state, - Header challengeHeader, - String respHeader) - throws HttpException { + private static boolean authenticate(HttpMethod method, HttpState state, Header challengeHeader, String respHeader) + throws HttpException, UnsupportedOperationException { String challenge = challengeHeader.getValue(); if(null == challenge) { return false; } Index: java/org/apache/commons/httpclient/HttpMethodBase.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodBase.java,v retrieving revision 1.28 diff -u -r1.28 HttpMethodBase.java --- java/org/apache/commons/httpclient/HttpMethodBase.java 16 Apr 2002 14:30:42 -0000 1.28 +++ java/org/apache/commons/httpclient/HttpMethodBase.java 11 Jul 2002 17:09:47 -0000 @@ -111,6 +111,7 @@ * @author Rodney Waldhoff * @author Sean C. Sullivan * @author dIon Gillard + * @author Jeff Dever * @version $Revision: 1.28 $ $Date: 2002/04/16 14:30:42 $ */ public abstract class HttpMethodBase implements HttpMethod { @@ -521,9 +522,12 @@ boolean authenticated = false; try { authenticated = Authenticator.authenticate(this,state); - } catch(HttpException e) { - // ignored + } catch (HttpException httpe) { + log.warn(httpe.getMessage()); + } catch (UnsupportedOperationException uoe) { + log.warn(uoe.getMessage()); } + if (!authenticated) { // won't be able to authenticate to this challenge // without additional information Index: test/org/apache/commons/httpclient/TestAuthenticator.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestAuthenticator.java,v retrieving revision 1.6 diff -u -r1.6 TestAuthenticator.java --- test/org/apache/commons/httpclient/TestAuthenticator.java 4 Feb 2002 15:26:43 -0000 1.6 +++ test/org/apache/commons/httpclient/TestAuthenticator.java 11 Jul 2002 17:09:48 -0000 @@ -69,6 +69,7 @@ * * @author Rodney Waldhoff * @version $Id: TestAuthenticator.java,v 1.6 2002/02/04 15:26:43 dion Exp $ + * @author Jeff Dever */ public class TestAuthenticator extends TestCase { @@ -164,6 +165,41 @@ // expected } } + + public void testDigestAuthenticationScheme() throws Exception { + HttpState state = new HttpState(); + state.setCredentials(null,new UsernamePasswordCredentials("username","password")); + HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate","Digest realm=\"realm1\"")); + try{ + assertTrue(Authenticator.authenticate(method, state)); + fail("Should have thrown UnsupportedOperationException"); + }catch (UnsupportedOperationException uoe){ + // expected + } + } + + public void testInvalidAuthenticationScheme() throws Exception { + HttpState state = new HttpState(); + state.setCredentials(null,new UsernamePasswordCredentials("username","password")); + HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate","invalid realm=\"realm1\"")); + try{ + assertTrue(Authenticator.authenticate(method, state)); + fail("Should have thrown UnsupportedOperationException"); + }catch (UnsupportedOperationException uoe){ + // expected + } + } + + public void testBasicAuthenticationCaseInsensitivity() throws Exception { + HttpState state = new HttpState(); + state.setCredentials(null,new UsernamePasswordCredentials("username","password")); + HttpMethod method = new SimpleHttpMethod(new Header("WwW-AuThEnTiCaTe","bAsIc ReAlM=\"realm1\"")); + assertTrue(Authenticator.authenticate(method,state)); + assertTrue(null != method.getRequestHeader("Authorization")); + String expected = "Basic " + new String(Base64.encode("username:password".getBytes())); + assertEquals(expected,method.getRequestHeader("Authorization").getValue()); + } + public void testBasicAuthenticationWithDefaultCreds() throws Exception { HttpState state = new HttpState();