List of usage examples for org.apache.commons.httpclient.auth AuthChallengeException AuthChallengeException
public AuthChallengeException(String paramString, Throwable paramThrowable)
From source file:davmail.http.SpNegoScheme.java
/** * Produces Negotiate authorization string for the given set of * {@link Credentials}.//from w w w .j av a 2s . c o m * * @param credentials The set of credentials to be used for authentication * @param httpMethod The method being authenticated * @return an Negotiate authorization string * @throws org.apache.commons.httpclient.auth.InvalidCredentialsException * if authentication credentials * are not valid or not applicable for this authentication scheme * @throws AuthenticationException if authorization string cannot * be generated due to an authentication failure */ public String authenticate(Credentials credentials, HttpMethod httpMethod) throws AuthenticationException { if (this.state == UNINITIATED) { throw new IllegalStateException("Negotiate authentication process has not been initiated"); } String host = null; try { host = httpMethod.getURI().getHost(); } catch (URIException e) { // ignore } if (host == null) { Header header = httpMethod.getRequestHeader("Host"); if (header != null) { host = header.getValue(); if (host.indexOf(':') >= 0) { host = host.substring(0, host.indexOf(':')); } } } if (host == null) { throw new IllegalStateException("Negotiate authentication failed: empty host"); } // no credentials needed String response; try { if (this.state == INITIATED || this.state == FAILED) { // send initial token to server response = EncodingUtil.getAsciiString( Base64.encodeBase64(KerberosHelper.initSecurityContext("HTTP", host, new byte[0]))); this.state = TYPE1_MSG_GENERATED; } else { // send challenge response response = EncodingUtil.getAsciiString( Base64.encodeBase64(KerberosHelper.initSecurityContext("HTTP", host, serverToken))); this.state = TYPE3_MSG_GENERATED; } } catch (GSSException gsse) { state = FAILED; if (gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED) throw new InvalidCredentialsException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.NO_CRED) throw new CredentialsNotAvailableException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.DEFECTIVE_TOKEN || gsse.getMajor() == GSSException.DUPLICATE_TOKEN || gsse.getMajor() == GSSException.OLD_TOKEN) throw new AuthChallengeException(gsse.getMessage(), gsse); // other error throw new AuthenticationException(gsse.getMessage(), gsse); } catch (LoginException e) { state = FAILED; throw new InvalidCredentialsException(e.getMessage(), e); } return "Negotiate " + response; }
From source file:com.jivesoftware.authHelper.customescheme.negotiate.CustomNegotiateScheme.java
/** * Produces Negotiate authorization string based on token created by * processChallenge.//w w w . j a v a2s .c o m * * @param credentials Never used be the Negotiate scheme but must be provided to * satisfy common-httpclient API. Credentials from JAAS will be used insted. * @param method The method being authenticated * * @throws org.apache.commons.httpclient.auth.AuthenticationException if authorization string cannot * be generated due to an authentication failure * * @return an Negotiate authorization string * * @since 3.0 */ public synchronized String authenticate(Credentials credentials, HttpMethod method) throws AuthenticationException { LOG.info("enter CustomNegotiateScheme.authenticate(Credentials, HttpMethod)"); if (state == UNINITIATED) { throw new IllegalStateException("Negotiation authentication process has not been initiated"); } try { try { if (context == null) { LOG.info("host: " + method.getURI().getHost()); init(method.getURI().getHost(), (UsernamePasswordCredentials) credentials); } } catch (org.apache.commons.httpclient.URIException urie) { LOG.severe(urie.getMessage()); state = FAILED; throw new AuthenticationException(urie.getMessage()); } // HTTP 1.1 issue: // Mutual auth will never complete do to 200 insted of 401 in // return from server. "state" will never reach ESTABLISHED // but it works anyway // token = context.initSecContext(token, 0, token.length); LOG.info("got token, sending " + token.length + " to server"); } catch (GSSException gsse) { LOG.severe(gsse.getMessage()); state = FAILED; if (gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED) { throw new InvalidCredentialsException(gsse.getMessage(), gsse); } if (gsse.getMajor() == GSSException.NO_CRED) { throw new CredentialsNotAvailableException(gsse.getMessage(), gsse); } if (gsse.getMajor() == GSSException.DEFECTIVE_TOKEN || gsse.getMajor() == GSSException.DUPLICATE_TOKEN || gsse.getMajor() == GSSException.OLD_TOKEN) { throw new AuthChallengeException(gsse.getMessage(), gsse); } // other error throw new AuthenticationException(gsse.getMessage()); } return "Negotiate " + new String(new Base64(-1).encode(token)); }