org.orbeon.oxf.resources.handler.PreemptiveAuthHttpRequestInterceptor.java Source code

Java tutorial

  1. HOME
  2. Java
  3. org.orbeon.oxf.resources.handler.PreemptiveAuthHttpRequestInterceptor.java

Introduction

Here is the source code for org.orbeon.oxf.resources.handler.PreemptiveAuthHttpRequestInterceptor.java

Source

/**
 * Copyright (C) 2010 Orbeon, Inc.
 *
 * This program is free software; you can redistribute it and/or modify it under the terms of the
 * GNU Lesser General Public License as published by the Free Software Foundation; either version
 * 2.1 of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 * See the GNU Lesser General Public License for more details.
 *
 * The full text of the license is available at http://www.gnu.org/copyleft/lesser.html
 */
package org.orbeon.oxf.resources.handler;

import org.apache.http.HttpException;
import org.apache.http.HttpHost;
import org.apache.http.HttpRequest;
import org.apache.http.HttpRequestInterceptor;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.AuthState;
import org.apache.http.auth.Credentials;
import org.apache.http.auth.NTCredentials;
import org.apache.http.client.CredentialsProvider;
import org.apache.http.client.protocol.ClientContext;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.impl.auth.NTLMScheme;
import org.apache.http.protocol.ExecutionContext;
import org.apache.http.protocol.HttpContext;

import java.io.IOException;

/**
 * The Apache folks are afraid we misuse preemptive authentication, and so force us to copy paste some code rather
 * than providing a simple configuration flag. See:
 *
 * http://hc.apache.org/httpcomponents-client-ga/tutorial/html/authentication.html#d4e950
 */
public class PreemptiveAuthHttpRequestInterceptor implements HttpRequestInterceptor {

    public void process(final HttpRequest request, final HttpContext context) throws HttpException, IOException {
        AuthState authState = (AuthState) context.getAttribute(ClientContext.TARGET_AUTH_STATE);
        CredentialsProvider credentialsProvider = (CredentialsProvider) context
                .getAttribute(ClientContext.CREDS_PROVIDER);
        HttpHost targetHost = (HttpHost) context.getAttribute(ExecutionContext.HTTP_TARGET_HOST);

        // If not auth scheme has been initialized yet
        if (authState.getAuthScheme() == null) {
            AuthScope authScope = new AuthScope(targetHost.getHostName(), targetHost.getPort());
            // Obtain credentials matching the target host
            Credentials credentials = credentialsProvider.getCredentials(authScope);
            // If found, generate BasicScheme preemptively
            if (credentials != null) {
                authState.setAuthScheme(credentials instanceof NTCredentials ? new NTLMScheme(new JCIFSEngine())
                        : new BasicScheme());
                authState.setCredentials(credentials);
            }
        }
    }
}