cvs diff -u (in directory D:\jakarta\jakarta-commons\httpclient) cvs server: Diffing . cvs server: Diffing docs cvs server: Diffing src cvs server: Diffing src/conf cvs server: Diffing src/examples cvs server: Diffing src/java cvs server: Diffing src/java/org cvs server: Diffing src/java/org/apache cvs server: Diffing src/java/org/apache/commons cvs server: Diffing src/java/org/apache/commons/httpclient Index: src/java/org/apache/commons/httpclient/Authenticator.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/Authenticator.java,v retrieving revision 1.16 diff -d -u -b -B -w -u -r1.16 Authenticator.java --- src/java/org/apache/commons/httpclient/Authenticator.java 16 Jul 2002 03:46:53 -0000 1.16 +++ src/java/org/apache/commons/httpclient/Authenticator.java 16 Jul 2002 13:23:01 -0000 @@ -334,8 +334,7 @@ method.addRequestHeader(new Header("cnonce","\""+createCnonce()+"\"")); method.addRequestHeader(new Header("nc", "00000001")); Hashtable headers = getHTTPDigestCredentials(method); - String digest = createDigest(cred.getUserName(), cred.getPassword(), headers); - return new Header(respHeader, Authenticator.digest(cred, headers, digest)); + return new Header(respHeader, Authenticator.digest(cred, headers)); } } @@ -343,7 +342,8 @@ * Return a Digest Authorization header value for the * given {@link UsernamePasswordCredentials}. */ - static String digest(UsernamePasswordCredentials cred, Hashtable headers, String digest) throws HttpException { + static String digest(UsernamePasswordCredentials cred, Hashtable headers) throws HttpException { + String digest = createDigest(cred.getUserName(), cred.getPassword(), headers); return "Digest " + createDigestHeader(cred.getUserName(), headers, digest); } @@ -359,7 +359,7 @@ * @return The created digest as string. This will be the response tag's * value in the Authentication HTTP header. */ - private static String createDigest(String uname, String pwd, Hashtable dCreds) throws HttpException { + public static String createDigest(String uname, String pwd, Hashtable dCreds) throws HttpException { String digAlg = "MD5"; String method = "POST"; cvs server: Diffing src/java/org/apache/commons/httpclient/log cvs server: Diffing src/java/org/apache/commons/httpclient/methods cvs server: Diffing src/test cvs server: Diffing src/test/org cvs server: Diffing src/test/org/apache cvs server: Diffing src/test/org/apache/commons cvs server: Diffing src/test/org/apache/commons/httpclient Index: src/test/org/apache/commons/httpclient/TestAuthenticator.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestAuthenticator.java,v retrieving revision 1.8 diff -d -u -b -B -w -u -r1.8 TestAuthenticator.java --- src/test/org/apache/commons/httpclient/TestAuthenticator.java 16 Jul 2002 12:41:16 -0000 1.8 +++ src/test/org/apache/commons/httpclient/TestAuthenticator.java 16 Jul 2002 13:23:01 -0000 @@ -62,7 +62,12 @@ package org.apache.commons.httpclient; -import junit.framework.*; +import junit.framework.Test; +import junit.framework.TestCase; +import junit.framework.TestSuite; + +import java.util.Hashtable; +import java.util.StringTokenizer; /** * Unit tests for {@link Authenticator}. @@ -115,7 +120,7 @@ } } - // ----------------------------------------------------------- Test Methods + // ---------------------------------- Test Methods for Basic Authentication public void testBasicAuthenticationWithNoCreds() { HttpState state = new HttpState(); @@ -239,5 +244,119 @@ String expected = "Basic " + new String(Base64.encode("uname2:password2".getBytes())); assertEquals(expected,method.getRequestHeader("Authorization").getValue()); } + } + + // --------------------------------- Test Methods for Digest Authentication + + public void testDigestAuthenticationWithNoCreds() { + HttpState state = new HttpState(); + HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate","Digest realm=\"realm1\"")); + try { + Authenticator.authenticate(method,state); + fail("Should have thrown HttpException"); + } catch(HttpException e) { + // expected + } + } + + public void testDigestAuthenticationWithNoRealm() { + HttpState state = new HttpState(); + HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate","Digest")); + try { + Authenticator.authenticate(method,state); + fail("Should have thrown HttpException"); + } catch(HttpException e) { + // expected + } + } + + public void testDigestAuthenticationWithNoRealm2() { + HttpState state = new HttpState(); + HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate","Digest ")); + try { + Authenticator.authenticate(method,state); + fail("Should have thrown HttpException"); + } catch(HttpException e) { + // expected + } + } + + public void testDigestAuthenticationWithNullHttpState() throws Exception { + HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate","Digest realm=\"realm1\"")); + try { + Authenticator.authenticate(method,(HttpState)null); + fail("Should have thrown NullPointerException"); + } catch(NullPointerException e) { + // expected + } + } + + public void testDigestAuthenticationCaseInsensitivity() throws Exception { + HttpState state = new HttpState(); + UsernamePasswordCredentials cred = new UsernamePasswordCredentials("username","password"); + state.setCredentials(null, cred); + HttpMethod method = new SimpleHttpMethod(new Header("WwW-AuThEnTiCaTe","dIgEsT ReAlM=\"realm1\"")); + assertTrue(Authenticator.authenticate(method,state)); + assertTrue(null != method.getRequestHeader("Authorization")); + } + + + public void testDigestAuthenticationWithDefaultCreds() throws Exception { + HttpState state = new HttpState(); + UsernamePasswordCredentials cred = new UsernamePasswordCredentials("username","password"); + state.setCredentials(null, cred); + HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate","Digest realm=\"realm1\"")); + assertTrue(Authenticator.authenticate(method,state)); + assertTrue(null != method.getRequestHeader("Authorization")); + checkAuthorization(cred, method.getRequestHeader("Authorization").getValue()); + } + + public void testDigestAuthentication() throws Exception { + HttpState state = new HttpState(); + UsernamePasswordCredentials cred = new UsernamePasswordCredentials("username","password"); + state.setCredentials(null, cred); + HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate","Digest realm=\"realm1\"")); + assertTrue(Authenticator.authenticate(method,state)); + assertTrue(null != method.getRequestHeader("Authorization")); + checkAuthorization(cred, method.getRequestHeader("Authorization").getValue()); + } + + public void testDigestAuthenticationWithMutlipleRealms() throws Exception { + HttpState state = new HttpState(); + UsernamePasswordCredentials cred = new UsernamePasswordCredentials("username","password"); + state.setCredentials("realm1", cred); + UsernamePasswordCredentials cred2 = new UsernamePasswordCredentials("uname2","password2"); + state.setCredentials("realm2", cred2); + { + HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate","Digest realm=\"realm1\"")); + assertTrue(Authenticator.authenticate(method,state)); + assertTrue(null != method.getRequestHeader("Authorization")); + checkAuthorization(cred, method.getRequestHeader("Authorization").getValue()); + } + { + HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate","Digest realm=\"realm2\"")); + assertTrue(Authenticator.authenticate(method,state)); + assertTrue(null != method.getRequestHeader("Authorization")); + checkAuthorization(cred2, method.getRequestHeader("Authorization").getValue()); + } + } + + private void checkAuthorization(UsernamePasswordCredentials cred, String auth) throws Exception { + Hashtable table = new Hashtable(); + StringTokenizer tokenizer = new StringTokenizer(auth, ",=\""); + while(tokenizer.hasMoreTokens()){ + String key = null; + String value = null; + if(tokenizer.hasMoreTokens()) + key = tokenizer.nextToken(); + if(tokenizer.hasMoreTokens()) + value = tokenizer.nextToken(); + if(key != null && value != null){ + table.put(key.trim(),value.trim()); + } + } + String response = (String) table.get("response"); + String digest = Authenticator.createDigest(cred.getUserName(),cred.getPassword(), table); + assertEquals(response, digest); } } cvs server: Diffing src/test-webapp cvs server: Diffing src/test-webapp/conf cvs server: Diffing src/test-webapp/src cvs server: Diffing src/test-webapp/src/org cvs server: Diffing src/test-webapp/src/org/apache cvs server: Diffing src/test-webapp/src/org/apache/commons cvs server: Diffing src/test-webapp/src/org/apache/commons/httpclient cvs server: Diffing xdocs cvs server: Diffing xdocs/images cvs server: Diffing xdocs/stylesheets