Index: java/org/apache/commons/httpclient/HttpMethodDirector.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodDirector.java,v retrieving revision 1.14 diff -u -r1.14 HttpMethodDirector.java --- java/org/apache/commons/httpclient/HttpMethodDirector.java 14 Jan 2004 18:59:27 -0000 1.14 +++ java/org/apache/commons/httpclient/HttpMethodDirector.java 16 Jan 2004 14:35:00 -0000 @@ -64,9 +64,8 @@ package org.apache.commons.httpclient; import java.io.IOException; -import java.util.ArrayList; +import java.util.Collection; import java.util.Iterator; -import java.util.List; import java.util.Map; import org.apache.commons.httpclient.auth.AuthChallengeParser; @@ -137,14 +136,6 @@ /** Whether preemtive proxy authentication is attempted */ private boolean proxyAuthPreemptive = false; - //TODO: to be parameterized - private static final List AUTH_PREFERENCES = new ArrayList(3); - static { - AUTH_PREFERENCES.add(AuthPolicy.NTLM); - AUTH_PREFERENCES.add(AuthPolicy.DIGEST); - AUTH_PREFERENCES.add(AuthPolicy.BASIC); - } - public HttpMethodDirector( final HttpConnectionManager connectionManager, final HostConfiguration hostConfiguration, @@ -766,13 +757,20 @@ private AuthScheme processChallenge(final Map challenges) throws MalformedChallengeException, AuthenticationException { + + Collection authPrefs = (Collection) this.params.getParameter( + AuthPolicy.AUTH_SCHEME_PRIORITY); + if (authPrefs == null || authPrefs.isEmpty()) { + authPrefs = AuthPolicy.getDefaultAuthPrefs(); + } + AuthScheme authscheme = null; String challenge = null; if (LOG.isDebugEnabled()) { LOG.debug("Supported authentication schemes in the order of preference: " - + AUTH_PREFERENCES); + + authPrefs); } - Iterator item = AUTH_PREFERENCES.iterator(); + Iterator item = authPrefs.iterator(); while (item.hasNext()) { String id = (String) item.next(); challenge = (String) challenges.get(id.toLowerCase()); Index: java/org/apache/commons/httpclient/auth/AuthPolicy.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/AuthPolicy.java,v retrieving revision 1.1 diff -u -r1.1 AuthPolicy.java --- java/org/apache/commons/httpclient/auth/AuthPolicy.java 10 Dec 2003 21:37:42 -0000 1.1 +++ java/org/apache/commons/httpclient/auth/AuthPolicy.java 16 Jan 2004 14:35:01 -0000 @@ -63,9 +63,9 @@ package org.apache.commons.httpclient.auth; -import java.util.Collections; +import java.util.ArrayList; import java.util.HashMap; -import java.util.Map; +import java.util.List; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -90,9 +90,28 @@ */ public abstract class AuthPolicy { - private static Map SCHEMES = Collections.synchronizedMap(new HashMap()); + private static final HashMap SCHEMES = new HashMap(); + private static final ArrayList SCHEME_LIST = new ArrayList(); /** + * The key used to look up the list of IDs of supported {@link AuthScheme + * authentication schemes} in their order of preference. The scheme IDs are + * stored in a {@link Collection} as {@link java.lang.String}s. + * + *

+ * If several schemes are returned in the WWW-Authenticate + * or Proxy-Authenticate header, this parameter defines which + * {@link AuthScheme authentication schemes} takes precedence over others. + * The first item in the collection represents the most preferred + * {@link AuthScheme authentication scheme}, the last item represents the ID + * of the least preferred one. + *

+ * + * @see org.apache.commons.httpclient.params.DefaultHttpParams + */ + public static final String AUTH_SCHEME_PRIORITY = "http.auth.scheme-priority"; + + /** * The NTLM scheme is a proprietary Microsoft Windows Authentication * protocol (considered to be the most secure among currently supported * authentication schemes). @@ -111,9 +130,9 @@ public static final String BASIC = "Basic"; static { - AuthPolicy.registerAuthScheme(BASIC, BasicScheme.class); + AuthPolicy.registerAuthScheme(NTLM, NTLMScheme.class); AuthPolicy.registerAuthScheme(DIGEST, DigestScheme.class); - AuthPolicy.registerAuthScheme(NTLM, NTLMScheme.class); + AuthPolicy.registerAuthScheme(BASIC, BasicScheme.class); } /** Log object. */ @@ -125,12 +144,18 @@ * This ID is the same one used to retrieve the {@link AuthScheme authentication scheme} * from {@link #getAuthScheme(String)}. * + *

+ * Please note that custom authentication preferences, if used, need to be updated accordingly + * for the new {@link AuthScheme authentication scheme} to take effect. + *

+ * * @param id the identifier for this scheme * @param clazz the class to register * * @see #getAuthScheme(String) + * @see #AUTH_SCHEME_PRIORITY */ - public static void registerAuthScheme(final String id, Class clazz) { + public static synchronized void registerAuthScheme(final String id, Class clazz) { if (id == null) { throw new IllegalArgumentException("Id may not be null"); } @@ -138,6 +163,7 @@ throw new IllegalArgumentException("Authentication scheme class may not be null"); } SCHEMES.put(id.toLowerCase(), clazz); + SCHEME_LIST.add(id.toLowerCase()); } /** @@ -146,11 +172,12 @@ * * @param id the ID of the class to unregister */ - public static void unregisterAuthScheme(final String id) { + public static synchronized void unregisterAuthScheme(final String id) { if (id == null) { throw new IllegalArgumentException("Id may not be null"); } SCHEMES.remove(id.toLowerCase()); + SCHEME_LIST.remove(id.toLowerCase()); } /** @@ -162,7 +189,7 @@ * * @throws IllegalStateException if a scheme with the ID cannot be found */ - public static AuthScheme getAuthScheme(final String id) + public static synchronized AuthScheme getAuthScheme(final String id) throws IllegalStateException { if (id == null) { @@ -181,5 +208,15 @@ } else { throw new IllegalStateException("Unsupported authentication scheme " + id); } + } + + /** + * Returns a list containing all registered {@link AuthScheme authentication + * schemes} in their default order. + * + * @return {@link AuthScheme authentication scheme} + */ + public static synchronized List getDefaultAuthPrefs() { + return (List)SCHEME_LIST.clone(); } }