List of usage examples for org.apache.commons.httpclient CustomMultiThreadedHttpConnectionManager NON_PROXY_HOSTS_PATTERNS_KEY
String NON_PROXY_HOSTS_PATTERNS_KEY
To view the source code for org.apache.commons.httpclient CustomMultiThreadedHttpConnectionManager NON_PROXY_HOSTS_PATTERNS_KEY.
Click Source Link
From source file:org.sonatype.nexus.proxy.storage.remote.commonshttpclient.HttpClientProxyUtil.java
public static void applyProxyToHttpClient(HttpClient httpClient, RemoteStorageContext ctx, Logger logger) { httpClient.setHttpConnectionManager(new CustomMultiThreadedHttpConnectionManager()); // getting the timeout from RemoteStorageContext. The value we get depends on per-repo and global settings. // The value will "cascade" from repo level to global level, see imple of it. int timeout = ctx.getRemoteConnectionSettings().getConnectionTimeout(); // getting the connection pool size, using a little trick to allow us "backdoor" to tune it using system // properties, but defaulting it to the same we had before (httpClient defaults) int connectionPoolSize = SystemPropertiesHelper.getInteger(CONNECTION_POOL_SIZE_KEY, MultiThreadedHttpConnectionManager.DEFAULT_MAX_TOTAL_CONNECTIONS); httpClient.getHttpConnectionManager().getParams().setConnectionTimeout(timeout); httpClient.getHttpConnectionManager().getParams().setSoTimeout(timeout); // httpClient.getHttpConnectionManager().getParams().setTcpNoDelay( true ); httpClient.getHttpConnectionManager().getParams().setMaxTotalConnections(connectionPoolSize); // NOTE: connPool is _per_ repo, hence all of those will connect to same host (unless mirrors are used) // so, we are violating intentionally the RFC and we let the whole pool size to chase same host httpClient.getHttpConnectionManager().getParams() .setMaxConnectionsPerHost(HostConfiguration.ANY_HOST_CONFIGURATION, connectionPoolSize); // Setting auth if needed HostConfiguration httpConfiguration = httpClient.getHostConfiguration(); // BASIC and DIGEST auth only RemoteAuthenticationSettings ras = ctx.getRemoteAuthenticationSettings(); boolean isSimpleAuthUsed = false; boolean isNtlmUsed = false; if (ras != null) { List<String> authPrefs = new ArrayList<String>(2); authPrefs.add(AuthPolicy.DIGEST); authPrefs.add(AuthPolicy.BASIC); if (ras instanceof ClientSSLRemoteAuthenticationSettings) { // ClientSSLRemoteAuthenticationSettings cras = (ClientSSLRemoteAuthenticationSettings) ras; // TODO - implement this } else if (ras instanceof NtlmRemoteAuthenticationSettings) { NtlmRemoteAuthenticationSettings nras = (NtlmRemoteAuthenticationSettings) ras; // Using NTLM auth, adding it as first in policies authPrefs.add(0, AuthPolicy.NTLM); logger(logger).info("... authentication setup for NTLM domain '{}'", nras.getNtlmDomain()); httpConfiguration.setHost(nras.getNtlmHost()); httpClient.getState().setCredentials(AuthScope.ANY, new NTCredentials(nras.getUsername(), nras.getPassword(), nras.getNtlmHost(), nras.getNtlmDomain())); isNtlmUsed = true;//from w w w. java 2 s . c om } else if (ras instanceof UsernamePasswordRemoteAuthenticationSettings) { UsernamePasswordRemoteAuthenticationSettings uras = (UsernamePasswordRemoteAuthenticationSettings) ras; // Using Username/Pwd auth, will not add NTLM logger(logger).info("... authentication setup for remote storage with username '{}'", uras.getUsername()); httpClient.getState().setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(uras.getUsername(), uras.getPassword())); isSimpleAuthUsed = true; } httpClient.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authPrefs); } RemoteProxySettings rps = ctx.getRemoteProxySettings(); boolean isProxyUsed = false; if (rps.isEnabled()) { isProxyUsed = true; logger(logger).info("... proxy setup with host '{}'", rps.getHostname()); httpConfiguration.setProxy(rps.getHostname(), rps.getPort()); // check if we have non-proxy hosts if (rps.getNonProxyHosts() != null && !rps.getNonProxyHosts().isEmpty()) { Set<Pattern> nonProxyHostPatterns = new HashSet<Pattern>(rps.getNonProxyHosts().size()); for (String nonProxyHostRegex : rps.getNonProxyHosts()) { try { nonProxyHostPatterns.add(Pattern.compile(nonProxyHostRegex, Pattern.CASE_INSENSITIVE)); } catch (PatternSyntaxException e) { logger(logger).warn("Invalid non proxy host regex: {}", nonProxyHostRegex, e); } } httpConfiguration.getParams().setParameter( CustomMultiThreadedHttpConnectionManager.NON_PROXY_HOSTS_PATTERNS_KEY, nonProxyHostPatterns); } if (rps.getProxyAuthentication() != null) { ras = rps.getProxyAuthentication(); List<String> authPrefs = new ArrayList<String>(2); authPrefs.add(AuthPolicy.DIGEST); authPrefs.add(AuthPolicy.BASIC); if (ras instanceof ClientSSLRemoteAuthenticationSettings) { // ClientSSLRemoteAuthenticationSettings cras = (ClientSSLRemoteAuthenticationSettings) ras; // TODO - implement this } else if (ras instanceof NtlmRemoteAuthenticationSettings) { NtlmRemoteAuthenticationSettings nras = (NtlmRemoteAuthenticationSettings) ras; // Using NTLM auth, adding it as first in policies authPrefs.add(0, AuthPolicy.NTLM); if (ctx.getRemoteAuthenticationSettings() != null && (ctx .getRemoteAuthenticationSettings() instanceof NtlmRemoteAuthenticationSettings)) { logger(logger).warn("... Apache Commons HttpClient 3.x is unable to use NTLM auth scheme\n" + " for BOTH server side and proxy side authentication!\n" + " You MUST reconfigure server side auth and use BASIC/DIGEST scheme\n" + " if you have to use NTLM proxy, otherwise it will not work!\n" + " *** SERVER SIDE AUTH OVERRIDDEN"); } logger(logger).info("... proxy authentication setup for NTLM domain '{}'", nras.getNtlmDomain()); httpConfiguration.setHost(nras.getNtlmHost()); httpClient.getState().setProxyCredentials(AuthScope.ANY, new NTCredentials(nras.getUsername(), nras.getPassword(), nras.getNtlmHost(), nras.getNtlmDomain())); isNtlmUsed = true; } else if (ras instanceof UsernamePasswordRemoteAuthenticationSettings) { UsernamePasswordRemoteAuthenticationSettings uras = (UsernamePasswordRemoteAuthenticationSettings) ras; // Using Username/Pwd auth, will not add NTLM logger(logger).info("... proxy authentication setup for remote storage with username '{}'", uras.getUsername()); httpClient.getState().setProxyCredentials(AuthScope.ANY, new UsernamePasswordCredentials(uras.getUsername(), uras.getPassword())); } httpClient.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authPrefs); } } // set preemptive only for simplest scenario: // no proxy and BASIC auth is used if (isSimpleAuthUsed && !isProxyUsed) { logger(logger) .info("... simple scenario: simple authentication used with no proxy in between target and us," + " will use preemptive authentication"); // we have authentication, let's do it preemptive httpClient.getParams().setAuthenticationPreemptive(true); } // mark the fact that NTLM is in use // but ONLY IF IT CHANGED! // Otherwise, doing it always, actually marks the ctx itself as "changed", causing an avalanche of other // consequences, like resetting all the HTTP clients of all remote storages (coz they think there is a change // in proxy or remote connection settings, etc). final Boolean isNtlmUsedOldValue = (Boolean) ctx.getContextObject(NTLM_IS_IN_USE_KEY); if (isNtlmUsedOldValue == null || isNtlmUsedOldValue.booleanValue() != isNtlmUsed) { if (isNtlmUsed) { ctx.putContextObject(NTLM_IS_IN_USE_KEY, Boolean.TRUE); } else { ctx.putContextObject(NTLM_IS_IN_USE_KEY, Boolean.FALSE); } } }