Index: java/org/apache/commons/httpclient/Authenticator.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/Authenticator.java,v retrieving revision 1.41 diff -u -r1.41 Authenticator.java --- java/org/apache/commons/httpclient/Authenticator.java 28 Mar 2003 16:37:49 -0000 1.41 +++ java/org/apache/commons/httpclient/Authenticator.java 4 Apr 2003 09:29:55 -0000 @@ -199,12 +199,17 @@ * @see HttpMethod#addRequestHeader */ private static boolean authenticate(HttpMethod method, HttpState state, - boolean proxy) + boolean proxy) throws HttpException, UnsupportedOperationException { LOG.trace("enter Authenticator.authenticate(HttpMethod, HttpState, " + "Header, String)"); + return authenticate(method, null, state, proxy); + } + private static boolean authenticate(HttpMethod method, HttpConnection conn, + HttpState state, boolean proxy) + throws HttpException, UnsupportedOperationException { String challengeheader = proxy ? PROXY_AUTH : WWW_AUTH; // I REALLY hate doing this, but I need to avoid multiple autorization @@ -240,9 +245,9 @@ LOG.debug("Using " + authscheme.getSchemeName() + " authentication scheme"); } if (proxy) { - return HttpAuthenticator.authenticateProxy(authscheme, method, state); + return HttpAuthenticator.authenticateProxy(authscheme, method, conn, state); } else { - return HttpAuthenticator.authenticate(authscheme, method, state); + return HttpAuthenticator.authenticate(authscheme, method, conn, state); } } Index: java/org/apache/commons/httpclient/HttpMethodBase.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodBase.java,v retrieving revision 1.128 diff -u -r1.128 HttpMethodBase.java --- java/org/apache/commons/httpclient/HttpMethodBase.java 1 Apr 2003 19:04:18 -0000 1.128 +++ java/org/apache/commons/httpclient/HttpMethodBase.java 4 Apr 2003 09:29:56 -0000 @@ -1337,7 +1337,7 @@ if (challenges.length > 0) { try { AuthScheme authscheme = HttpAuthenticator.selectAuthScheme(challenges); - HttpAuthenticator.authenticate(authscheme, this, state); + HttpAuthenticator.authenticate(authscheme, this, conn, state); } catch (HttpException e) { // log and move on if (LOG.isErrorEnabled()) { @@ -1484,7 +1484,7 @@ if (challenges.length > 0) { try { AuthScheme authscheme = HttpAuthenticator.selectAuthScheme(challenges); - HttpAuthenticator.authenticateProxy(authscheme, this, state); + HttpAuthenticator.authenticateProxy(authscheme, this, conn, state); } catch (HttpException e) { // log and move on if (LOG.isErrorEnabled()) { @@ -2339,11 +2339,11 @@ switch (statusCode) { case HttpStatus.SC_UNAUTHORIZED: removeRequestHeader(HttpAuthenticator.WWW_AUTH_RESP); - authenticated = HttpAuthenticator.authenticate(authscheme, this, state); + authenticated = HttpAuthenticator.authenticate(authscheme, this, conn, state); break; case HttpStatus.SC_PROXY_AUTHENTICATION_REQUIRED: removeRequestHeader(HttpAuthenticator.PROXY_AUTH_RESP); - authenticated = HttpAuthenticator.authenticateProxy(authscheme, this, state); + authenticated = HttpAuthenticator.authenticateProxy(authscheme, this, conn, state); break; } } catch (AuthenticationException e) { Index: java/org/apache/commons/httpclient/HttpState.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpState.java,v retrieving revision 1.19 diff -u -r1.19 HttpState.java --- java/org/apache/commons/httpclient/HttpState.java 1 Apr 2003 19:04:19 -0000 1.19 +++ java/org/apache/commons/httpclient/HttpState.java 4 Apr 2003 09:29:57 -0000 @@ -69,9 +69,9 @@ import java.util.Map; import java.util.List; import java.util.Iterator; - import org.apache.commons.httpclient.cookie.CookieSpec; import org.apache.commons.httpclient.cookie.CookiePolicy; +import org.apache.commons.httpclient.auth.HttpAuthRealm; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -94,6 +94,7 @@ * @author Michael Becke * @author Oleg Kalnichevski * @author Mike Bowler + * @author Adrian Sutton * * @version $Revision: 1.19 $ $Date: 2003/04/01 19:04:19 $ * @@ -129,6 +130,11 @@ private HashMap proxyCred = new HashMap(); /** + * The default authentication realm. + */ + public static final HttpAuthRealm DEFAULT_AUTH_REALM = new HttpAuthRealm(null, null); + + /** * My {@link Cookie Cookie}s. */ private ArrayList cookies = new ArrayList(); @@ -377,7 +383,6 @@ this.cookiePolicy = policy; } - /** * Set the Credentials for the given authentication realm. * @@ -389,40 +394,131 @@ *
* Any previous credentials for this realm will be overwritten.
*
+ * @deprecated This method does not distinguish between realms with the
+ * same name on different hosts. Use
+ * {@link HttpState#setCredentials(String, Credentials)} instead.
+ *
* @param realm the authentication realm
* @param credentials the authentication credentials for the given realm
*
- * @see #getCredentials(String)
- * @see #setProxyCredentials(String, Credentials)
+ * @see #getCredentials(String, String)
+ * @see #setProxyCredentials(String, String, Credentials)
*
*/
+
public synchronized void setCredentials(String realm, Credentials credentials) {
LOG.trace("enter HttpState.setCredentials(String, Credentials)");
- credMap.put(realm, credentials);
+ setCredentials(realm, null, credentials);
+ }
+
+ /** Sets the credentials for realm on host.
+ * with no host.
+ *
+ * When realm is null, I'll use the given
+ * credentials when no other {@link Credentials} have
+ * been supplied for the given challenging realm.
+ * (I.e., use a null realm to set the "default"
+ * credentials.)
+ *
+ * Any previous credentials for this realm will be overwritten.
+ *
+ * @param realm the authentication realm
+ * @param host the host the realm belongs to
+ * @param credentials the authentication credentials for the given realm.
+ *
+ * @see #getCredentials(String, String)
+ * @see #setProxyCredentials(String, String, Credentials)
+ */
+
+ public synchronized void setCredentials(String realm, String host, Credentials credentials) {
+ LOG.trace(
+ "enter HttpState.setCredentials(String realm, String host, Credentials credentials)");
+ credMap.put(new HttpAuthRealm(host, realm), credentials);
}
/**
+ * Find matching credentials for the given authentication realm and host.
+ *
+ * If the realm exists on host, return the coresponding credentials.
+ * If the host exists with a null realm, return the corresponding
+ * credentials.
+ * If the realm exists with a null host, return the
+ * corresponding credentials. If the realm does not exist, return
+ * the default Credentials. If there are no default credentials, return
+ * null.
+ *
+ * @param map the credentials hash map
+ * @param realm the authentication realm
+ * @param host the host the realm is on
+ * @return the credentials
+ *
+ */
+ private static Credentials matchCredentials(HashMap map, String realm, String host) {
+ HttpAuthRealm entry = new HttpAuthRealm(host, realm);
+ Credentials creds = (Credentials) map.get(entry);
+ if (creds == null && host != null && realm != null) {
+ entry = new HttpAuthRealm(host, null);
+ creds = (Credentials) map.get(entry);
+ if (creds == null) {
+ entry = new HttpAuthRealm(null, realm);
+ creds = (Credentials) map.get(entry);
+ }
+ }
+ if (creds == null) {
+ creds = (Credentials) map.get(DEFAULT_AUTH_REALM);
+ }
+ return creds;
+ }
+
+ /**
* Get the Credentials for the given authentication realm.
*
- * If the realm exists, return the coresponding credentials. If the
- * realm does not exist, return the default Credentials. If there is
- * no default credentials, return null.
+ * If the realm exists on host, return the coresponding credentials.
+ * If the host exists with a null realm, return the corresponding
+ * credentials.
+ * If the realm exists with a null host, return the
+ * corresponding credentials. If the realm does not exist, return
+ * the default Credentials. If there are no default credentials, return
+ * null.
*
* @param realm the authentication realm
+ * @param host the host the realm is on
* @return the credentials
*
- * @see #setCredentials(String, Credentials)
+ * @see #setCredentials(String, String, Credentials)
*
*/
+
+ public synchronized Credentials getCredentials(String realm, String host) {
+ LOG.trace("enter HttpState.getCredentials(String, String");
+ return matchCredentials(this.credMap, realm, host);
+ }
+
+ /**
+ * Get the Credentials for the given authentication realm.
+ *
+ * If the realm exists on host, return the coresponding credentials.
+ * If the realm exists with a null host, return the
+ * corresponding credentials. If the realm does not exist, return
+ * the default Credentials. If there is no default credentials, return
+ * null.
+ *
+ * @deprecated This method does not distinguish between realms on different
+ * servers with the same name. Use {@link #getCredentials(String, String)}
+ * instead.
+ *
+ * @param realm the authentication realm
+ * @return the credentials
+ *
+ * @see #setCredentials(String, String, Credentials)
+ *
+ */
+
public synchronized Credentials getCredentials(String realm) {
LOG.trace("enter HttpState.getCredentials(String)");
- Credentials creds = (Credentials) credMap.get(realm);
- if (creds == null) {
- creds = (Credentials) credMap.get(null);
- }
- return creds;
+ return getCredentials(realm, null);
}
/**
@@ -437,6 +533,10 @@
*
* Any previous credentials for this realm will be overwritten.
*
+ * @depreciated This method does not differentiate between realms with
+ * the same name on different servers. Use
+ * {@link #setProxyCredentials(String, String, Credentials)} instead.
+ *
* @param realm the authentication realm
* @param credentials the authentication credentials for the given realm
*
@@ -444,11 +544,36 @@
* @see #setCredentials(String, Credentials)
*
*/
+
public synchronized void setProxyCredentials(String realm, Credentials credentials) {
LOG.trace("enter HttpState.setProxyCredentials(String, credentials)");
- proxyCred.put(realm, credentials);
+ setProxyCredentials(realm, null, credentials);
+ }
+
+ /**
+ * Set the for the proxy with the given authentication realm.
+ *
+ * When realm and host are null, I'll use the given
+ * credentials when no other {@link Credentials} have
+ * been supplied for the given challenging realm.
+ * (I.e., use a null realm to set the "default"
+ * credentials.) Realms rarely make much sense with proxies, so
+ * null is normally a good choice here.
+ *
+ * Any previous credentials for this realm will be overwritten.
+ *
+ * @param realm the authentication realm
+ * @param credentials the authentication credentials for the given realm
+ *
+ * @see #getProxyCredentials(String)
+ * @see #setCredentials(String, Credentials)
+ *
+ */
+
+ public synchronized void setProxyCredentials(String realm, String proxyHost, Credentials credentials) {
+ LOG.trace("enter HttpState.setProxyCredentials(String, String, Credentials");
+ proxyCred.put(new HttpAuthRealm(proxyHost, realm), credentials);
}
-
/**
* Get the Credentials for the proxy with the given authentication realm.
@@ -456,21 +581,47 @@
* If the realm exists, return the coresponding credentials. If the
* realm does not exist, return the default Credentials. If there is
* no default credentials, return null.
+ *
+ * @deprecated This method does not distinguish between realms on different hosts.
+ * Use {@link #getProxyCredentials(String, String)} instead.
*
* @param realm the authentication realm
* @return the credentials
- * @see #setProxyCredentials
+ * @see #setProxyCredentials(String, String, Credentials)
*/
+
public synchronized Credentials getProxyCredentials(String realm) {
LOG.trace("enter HttpState.getProxyCredentials(String)");
- Credentials creds = (Credentials) proxyCred.get(realm);
- if (creds == null) {
- creds = (Credentials) proxyCred.get(null);
- }
- return creds;
+ return getProxyCredentials(realm, null);
}
/**
+ * Get the Credentials for the proxy with the given authentication realm on the given
+ * host.
+ *
+ * If the realm exists on host, return the coresponding credentials.
+ * If the host exists with a null realm, return the corresponding
+ * credentials.
+ * If the realm exists with a null host, return the
+ * corresponding credentials. If the realm does not exist, return
+ * the default Credentials. If there are no default credentials, return
+ * null.
+ *
+ * @deprecated This method does not distinguish between realms on different hosts.
+ * Use {@link #getProxyCredentials(String, String)} instead.
+ *
+ * @param realm the authentication realm
+ * @param host the host the realm is on
+ * @return the credentials
+ * @see #setProxyCredentials(String, String, Credentials)
+ */
+
+ public synchronized Credentials getProxyCredentials(String realm, String proxyHost) {
+ LOG.trace("enter HttpState.getCredentials(String, String");
+ return matchCredentials(this.proxyCred, realm, proxyHost);
+ }
+
+ /**
* Return a string representation of this object.
* @return The string representation.
* @see java.lang.Object#toString()
@@ -500,7 +651,7 @@
StringBuffer sbResult = new StringBuffer();
Iterator iter = proxyCredMap.keySet().iterator();
while (iter.hasNext()) {
- String key = (String) iter.next();
+ Object key = iter.next();
Credentials cred = (Credentials) proxyCredMap.get(key);
if (sbResult.length() > 0) {
sbResult.append(", ");
@@ -521,7 +672,7 @@
StringBuffer sbResult = new StringBuffer();
Iterator iter = credMap.keySet().iterator();
while (iter.hasNext()) {
- String key = (String) iter.next();
+ Object key = iter.next();
Credentials cred = (Credentials) credMap.get(key);
if (sbResult.length() > 0) {
sbResult.append(", ");
Index: java/org/apache/commons/httpclient/auth/HttpAuthRealm.java
===================================================================
RCS file: java/org/apache/commons/httpclient/auth/HttpAuthRealm.java
diff -N java/org/apache/commons/httpclient/auth/HttpAuthRealm.java
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ java/org/apache/commons/httpclient/auth/HttpAuthRealm.java 4 Apr 2003 09:29:57 -0000
@@ -0,0 +1,150 @@
+/*
+ * ====================================================================
+ *
+ * The Apache Software License, Version 1.1
+ *
+ * Copyright (c) 2002-2003 The Apache Software Foundation. All rights
+ * reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. The end-user documentation included with the redistribution, if
+ * any, must include the following acknowlegement:
+ * "This product includes software developed by the
+ * Apache Software Foundation (http://www.apache.org/)."
+ * Alternately, this acknowlegement may appear in the software itself,
+ * if and wherever such third-party acknowlegements normally appear.
+ *
+ * 4. The names "The Jakarta Project", "Commons", and "Apache Software
+ * Foundation" must not be used to endorse or promote products derived
+ * from this software without prior written permission. For written
+ * permission, please contact apache@apache.org.
+ *
+ * 5. Products derived from this software may not be called "Apache"
+ * nor may "Apache" appear in their names without prior written
+ * permission of the Apache Group.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+ * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation. For more
+ * information on the Apache Software Foundation, please see
+ *