List of usage examples for org.apache.http.impl.auth DigestScheme DigestScheme
public DigestScheme()
From source file:securitydigest.TestDigestScheme.java
public void testDigestAuthenticationWithNoRealm2() throws Exception { Header authChallenge = new BasicHeader(AUTH.WWW_AUTH, "Digest "); try {// w w w . j a v a 2 s. co m AuthScheme authscheme = new DigestScheme(); authscheme.processChallenge(authChallenge); fail("Should have thrown MalformedChallengeException"); } catch (MalformedChallengeException e) { // expected } }
From source file:securitydigest.TestDigestScheme.java
public void testDigestAuthenticationWithDefaultCreds() throws Exception { String challenge = "Digest realm=\"realm1\", nonce=\"f2a3f18799759d4f1a1c068b92b573cb\""; Header authChallenge = new BasicHeader(AUTH.WWW_AUTH, challenge); HttpRequest request = new BasicHttpRequest("Simple", "/"); Credentials cred = new UsernamePasswordCredentials("username", "password"); AuthScheme authscheme = new DigestScheme(); authscheme.processChallenge(authChallenge); Header authResponse = authscheme.authenticate(cred, request); Map<String, String> table = parseAuthResponse(authResponse); assertEquals("username", table.get("username")); assertEquals("realm1", table.get("realm")); assertEquals("/", table.get("uri")); assertEquals("f2a3f18799759d4f1a1c068b92b573cb", table.get("nonce")); assertEquals("e95a7ddf37c2eab009568b1ed134f89a", table.get("response")); }
From source file:org.opencastproject.loadtest.engage.util.TrustedHttpClient.java
/** * {@inheritDoc}/* w w w.j a v a2 s .c o m*/ * @see org.opencastproject.loadtest.engage.util.remotetest.util.security.api.TrustedHttpClient#execute(org.apache.http.client.methods.HttpUriRequest) */ public HttpResponse execute(HttpUriRequest httpUriRequest) { // Add the request header to elicit a digest auth response httpUriRequest.addHeader(REQUESTED_AUTH_HEADER, DIGEST_AUTH); if ("GET".equalsIgnoreCase(httpUriRequest.getMethod()) || "HEAD".equalsIgnoreCase(httpUriRequest.getMethod())) { // Set the user/pass UsernamePasswordCredentials creds = new UsernamePasswordCredentials(user, pass); httpClient.getCredentialsProvider().setCredentials(AuthScope.ANY, creds); // Run the request (the http client handles the multiple back-and-forth requests) try { return httpClient.execute(httpUriRequest); } catch (IOException e) { throw new TrustedHttpClientException(e); } } // HttpClient doesn't handle the request dynamics for other verbs (especially when sending a streamed multipart // request), so we need to handle the details of the digest auth back-and-forth manually HttpRequestBase digestRequest; try { digestRequest = (HttpRequestBase) httpUriRequest.getClass().newInstance(); } catch (Exception e) { throw new IllegalStateException("Can not create a new " + httpUriRequest.getClass().getName()); } digestRequest.setURI(httpUriRequest.getURI()); digestRequest.addHeader(REQUESTED_AUTH_HEADER, DIGEST_AUTH); String[] realmAndNonce = getRealmAndNonce(digestRequest); if (realmAndNonce != null) { // Set the user/pass UsernamePasswordCredentials creds = new UsernamePasswordCredentials(user, pass); // Set up the digest authentication with the required values DigestScheme digestAuth = new DigestScheme(); digestAuth.overrideParamter("realm", realmAndNonce[0]); digestAuth.overrideParamter("nonce", realmAndNonce[1]); // Add the authentication header try { httpUriRequest.addHeader(digestAuth.authenticate(creds, httpUriRequest)); } catch (Exception e) { // close the http connection(s) httpClient.getConnectionManager().shutdown(); throw new TrustedHttpClientException(e); } } try { return httpClient.execute(httpUriRequest); } catch (Exception e) { // close the http connection(s) httpClient.getConnectionManager().shutdown(); throw new TrustedHttpClientException(e); } }
From source file:org.picketbox.test.authentication.http.jetty.DelegatingSecurityFilterHTTPDigestUnitTestCase.java
@Test public void testDigestAuth() throws Exception { URL url = new URL(urlStr); DefaultHttpClient httpclient = null; try {/* www . j av a 2s. c o m*/ String user = "Aladdin"; String pass = "Open Sesame"; httpclient = new DefaultHttpClient(); HttpGet httpget = new HttpGet(url.toExternalForm()); HttpResponse response = httpclient.execute(httpget); assertEquals(401, response.getStatusLine().getStatusCode()); Header[] headers = response.getHeaders(PicketBoxConstants.HTTP_WWW_AUTHENTICATE); HttpEntity entity = response.getEntity(); EntityUtils.consume(entity); Header header = headers[0]; String value = header.getValue(); value = value.substring(7).trim(); String[] tokens = HTTPDigestUtil.quoteTokenize(value); DigestHolder digestHolder = HTTPDigestUtil.digest(tokens); DigestScheme digestAuth = new DigestScheme(); digestAuth.overrideParamter("algorithm", "MD5"); digestAuth.overrideParamter("realm", digestHolder.getRealm()); digestAuth.overrideParamter("nonce", digestHolder.getNonce()); digestAuth.overrideParamter("qop", "auth"); digestAuth.overrideParamter("nc", "0001"); digestAuth.overrideParamter("cnonce", DigestScheme.createCnonce()); digestAuth.overrideParamter("opaque", digestHolder.getOpaque()); httpget = new HttpGet(url.toExternalForm()); Header auth = digestAuth.authenticate(new UsernamePasswordCredentials(user, pass), httpget); System.out.println(auth.getName()); System.out.println(auth.getValue()); httpget.setHeader(auth); System.out.println("executing request" + httpget.getRequestLine()); response = httpclient.execute(httpget); entity = response.getEntity(); System.out.println("----------------------------------------"); StatusLine statusLine = response.getStatusLine(); System.out.println(statusLine); if (entity != null) { System.out.println("Response content length: " + entity.getContentLength()); } assertEquals(200, statusLine.getStatusCode()); EntityUtils.consume(entity); } finally { // When HttpClient instance is no longer needed, // shut down the connection manager to ensure // immediate deallocation of all system resources httpclient.getConnectionManager().shutdown(); } }
From source file:android.net.http.DefaultHttpClientTest.java
private void authenticateDigestAlgorithm(String algorithm) throws Exception { String challenge = "Digest realm=\"protected area\", " + "nonce=\"dcd98b7102dd2f0e8b11d0f600bfb0c093\", " + "algorithm=" + algorithm; DigestScheme digestScheme = new DigestScheme(); digestScheme.processChallenge(new BasicHeader("WWW-Authenticate", challenge)); HttpGet get = new HttpGet(); digestScheme.authenticate(new UsernamePasswordCredentials("username", "password"), get); }
From source file:org.apache.syncope.installer.utilities.HttpUtils.java
public String postWithDigestAuth(final String url, final String file) { String responseBodyAsString = ""; try (CloseableHttpResponse response = httpClient.execute(targetHost, httpPost(url, MultipartEntityBuilder.create().addPart("bin", new FileBody(new File(file))).build()), setAuth(targetHost, new DigestScheme()))) { responseBodyAsString = IOUtils.toString(response.getEntity().getContent(), Charset.forName("UTF-8")); handler.logOutput("Http status: " + response.getStatusLine().getStatusCode(), true); InstallLog.getInstance().info("Http status: " + response.getStatusLine().getStatusCode()); } catch (IOException e) { final String messageError = "Error calling " + url + ": " + e.getMessage(); handler.emitError(messageError, messageError); InstallLog.getInstance().error(messageError); }// w ww . ja va2 s. c o m return responseBodyAsString; }
From source file:org.picketbox.http.test.config.ProtectedResourceManagerUnitTestCase.java
@Test public void testDigestAuth() throws Exception { URL url = new URL(this.urlStr + "/onlyManagers/"); DefaultHttpClient httpclient = null; try {// ww w.jav a 2 s . c o m String user = "Aladdin"; String pass = "Open Sesame"; httpclient = new DefaultHttpClient(); HttpGet httpget = new HttpGet(url.toExternalForm()); HttpResponse response = httpclient.execute(httpget); assertEquals(401, response.getStatusLine().getStatusCode()); Header[] headers = response.getHeaders(PicketBoxConstants.HTTP_WWW_AUTHENTICATE); HttpEntity entity = response.getEntity(); EntityUtils.consume(entity); Header header = headers[0]; String value = header.getValue(); value = value.substring(7).trim(); String[] tokens = HTTPDigestUtil.quoteTokenize(value); Digest digestHolder = HTTPDigestUtil.digest(tokens); DigestScheme digestAuth = new DigestScheme(); digestAuth.overrideParamter("algorithm", "MD5"); digestAuth.overrideParamter("realm", digestHolder.getRealm()); digestAuth.overrideParamter("nonce", digestHolder.getNonce()); digestAuth.overrideParamter("qop", "auth"); digestAuth.overrideParamter("nc", "0001"); digestAuth.overrideParamter("cnonce", DigestScheme.createCnonce()); digestAuth.overrideParamter("opaque", digestHolder.getOpaque()); httpget = new HttpGet(url.toExternalForm()); Header auth = digestAuth.authenticate(new UsernamePasswordCredentials(user, pass), httpget); System.out.println(auth.getName()); System.out.println(auth.getValue()); httpget.setHeader(auth); System.out.println("executing request" + httpget.getRequestLine()); response = httpclient.execute(httpget); entity = response.getEntity(); System.out.println("----------------------------------------"); StatusLine statusLine = response.getStatusLine(); System.out.println(statusLine); if (entity != null) { System.out.println("Response content length: " + entity.getContentLength()); } assertEquals(404, statusLine.getStatusCode()); EntityUtils.consume(entity); } finally { // When HttpClient instance is no longer needed, // shut down the connection manager to ensure // immediate deallocation of all system resources httpclient.getConnectionManager().shutdown(); } }
From source file:securitydigest.TestDigestScheme.java
public void testDigestAuthentication() throws Exception { String challenge = "Digest realm=\"realm1\", nonce=\"f2a3f18799759d4f1a1c068b92b573cb\""; Header authChallenge = new BasicHeader(AUTH.WWW_AUTH, challenge); HttpRequest request = new BasicHttpRequest("Simple", "/"); Credentials cred = new UsernamePasswordCredentials("username", "password"); AuthScheme authscheme = new DigestScheme(); authscheme.processChallenge(authChallenge); Header authResponse = authscheme.authenticate(cred, request); Map<String, String> table = parseAuthResponse(authResponse); assertEquals("username", table.get("username")); assertEquals("realm1", table.get("realm")); assertEquals("/", table.get("uri")); assertEquals("f2a3f18799759d4f1a1c068b92b573cb", table.get("nonce")); assertEquals("e95a7ddf37c2eab009568b1ed134f89a", table.get("response")); }
From source file:org.picketbox.http.test.authentication.jetty.DelegatingSecurityFilterHTTPDigestUnitTestCase.java
@Test public void testDigestAuth() throws Exception { URL url = new URL(this.urlStr); DefaultHttpClient httpclient = null; try {// w ww .j av a 2 s . com String user = "Aladdin"; String pass = "Open Sesame"; httpclient = new DefaultHttpClient(); HttpGet httpget = new HttpGet(url.toExternalForm()); HttpResponse response = httpclient.execute(httpget); assertEquals(401, response.getStatusLine().getStatusCode()); Header[] headers = response.getHeaders(PicketBoxConstants.HTTP_WWW_AUTHENTICATE); HttpEntity entity = response.getEntity(); EntityUtils.consume(entity); Header header = headers[0]; String value = header.getValue(); value = value.substring(7).trim(); String[] tokens = HTTPDigestUtil.quoteTokenize(value); Digest digestHolder = HTTPDigestUtil.digest(tokens); DigestScheme digestAuth = new DigestScheme(); digestAuth.overrideParamter("algorithm", "MD5"); digestAuth.overrideParamter("realm", digestHolder.getRealm()); digestAuth.overrideParamter("nonce", digestHolder.getNonce()); digestAuth.overrideParamter("qop", "auth"); digestAuth.overrideParamter("nc", "0001"); digestAuth.overrideParamter("cnonce", DigestScheme.createCnonce()); digestAuth.overrideParamter("opaque", digestHolder.getOpaque()); httpget = new HttpGet(url.toExternalForm()); Header auth = digestAuth.authenticate(new UsernamePasswordCredentials(user, pass), httpget); System.out.println(auth.getName()); System.out.println(auth.getValue()); httpget.setHeader(auth); System.out.println("executing request" + httpget.getRequestLine()); response = httpclient.execute(httpget); entity = response.getEntity(); System.out.println("----------------------------------------"); StatusLine statusLine = response.getStatusLine(); System.out.println(statusLine); if (entity != null) { System.out.println("Response content length: " + entity.getContentLength()); } assertEquals(200, statusLine.getStatusCode()); EntityUtils.consume(entity); } finally { // When HttpClient instance is no longer needed, // shut down the connection manager to ensure // immediate deallocation of all system resources httpclient.getConnectionManager().shutdown(); } }
From source file:org.opencastproject.remotetest.server.DigestAuthenticationTest.java
@Test public void testDigestAuthenticatedPost() throws Exception { DefaultHttpClient httpclient = new DefaultHttpClient(); // Perform a HEAD, and extract the realm and nonce HttpHead head = new HttpHead(BASE_URL); head.addHeader("X-Requested-Auth", "Digest"); HttpResponse headResponse = httpclient.execute(head); Header authHeader = headResponse.getHeaders("WWW-Authenticate")[0]; String nonce = null;// ww w . j a v a 2 s . c om String realm = null; for (HeaderElement element : authHeader.getElements()) { if ("nonce".equals(element.getName())) { nonce = element.getValue(); } else if ("Digest realm".equals(element.getName())) { realm = element.getValue(); } } // Build the post UsernamePasswordCredentials creds = new UsernamePasswordCredentials("matterhorn_system_account", "CHANGE_ME"); HttpPost post = new HttpPost(BASE_URL + "/capture-admin/agents/testagent"); post.addHeader("X-Requested-Auth", "Digest"); httpclient.getCredentialsProvider().setCredentials(AuthScope.ANY, creds); List<BasicNameValuePair> params = new ArrayList<BasicNameValuePair>(); params.add(new BasicNameValuePair("state", "idle")); UrlEncodedFormEntity entity = new UrlEncodedFormEntity(params, "UTF-8"); post.setEntity(entity); // Add the previously obtained nonce HttpContext localContext = new BasicHttpContext(); DigestScheme digestAuth = new DigestScheme(); digestAuth.overrideParamter("realm", realm); digestAuth.overrideParamter("nonce", nonce); localContext.setAttribute("preemptive-auth", digestAuth); // Send the POST try { HttpResponse response = httpclient.execute(post, localContext); String content = IOUtils.toString(response.getEntity().getContent(), "UTF-8"); Assert.assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); Assert.assertEquals("testagent set to idle", content); } finally { httpclient.getConnectionManager().shutdown(); } }