View Javadoc

1   /*
2    * ====================================================================
3    * Licensed to the Apache Software Foundation (ASF) under one
4    * or more contributor license agreements.  See the NOTICE file
5    * distributed with this work for additional information
6    * regarding copyright ownership.  The ASF licenses this file
7    * to you under the Apache License, Version 2.0 (the
8    * "License"); you may not use this file except in compliance
9    * with the License.  You may obtain a copy of the License at
10   *
11   *   http://www.apache.org/licenses/LICENSE-2.0
12   *
13   * Unless required by applicable law or agreed to in writing,
14   * software distributed under the License is distributed on an
15   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16   * KIND, either express or implied.  See the License for the
17   * specific language governing permissions and limitations
18   * under the License.
19   * ====================================================================
20   *
21   * This software consists of voluntary contributions made by many
22   * individuals on behalf of the Apache Software Foundation.  For more
23   * information on the Apache Software Foundation, please see
24   * <http://www.apache.org/>.
25   *
26   */
27  package org.apache.http.impl.auth;
28  
29  import org.apache.http.Header;
30  import org.apache.http.HttpRequest;
31  import org.apache.http.annotation.NotThreadSafe;
32  import org.apache.http.auth.AuthenticationException;
33  import org.apache.http.auth.Credentials;
34  import org.apache.http.protocol.HttpContext;
35  import org.apache.http.util.Args;
36  import org.ietf.jgss.GSSException;
37  import org.ietf.jgss.Oid;
38  
39  /**
40   * SPNEGO (Simple and Protected GSSAPI Negotiation Mechanism) authentication
41   * scheme.
42   *
43   * @since 4.2
44   */
45  @NotThreadSafe
46  public class SPNegoScheme extends GGSSchemeBase {
47  
48      private static final String SPNEGO_OID = "1.3.6.1.5.5.2";
49  
50      /**
51       * @since 4.4
52       */
53      public SPNegoScheme(final boolean stripPort, final boolean useCanonicalHostname) {
54          super(stripPort, useCanonicalHostname);
55      }
56  
57      public SPNegoScheme(final boolean stripPort) {
58          super(stripPort);
59      }
60  
61      public SPNegoScheme() {
62          super();
63      }
64  
65      @Override
66      public String getSchemeName() {
67          return "Negotiate";
68      }
69  
70      /**
71       * Produces SPNEGO authorization Header based on token created by
72       * processChallenge.
73       *
74       * @param credentials not used by the SPNEGO scheme.
75       * @param request The request being authenticated
76       *
77       * @throws AuthenticationException if authentication string cannot
78       *   be generated due to an authentication failure
79       *
80       * @return SPNEGO authentication Header
81       */
82      @Override
83      public Header authenticate(
84              final Credentials credentials,
85              final HttpRequest request,
86              final HttpContext context) throws AuthenticationException {
87          return super.authenticate(credentials, request, context);
88      }
89  
90      @Override @SuppressWarnings("deprecation")
91      protected byte[] generateToken(final byte[] input, final String authServer) throws GSSException {
92          return super.generateToken(input, authServer);
93      }
94  
95      @Override
96      protected byte[] generateToken(final byte[] input, final String authServer, final Credentials credentials) throws GSSException {
97          return generateGSSToken(input, new Oid(SPNEGO_OID), authServer, credentials);
98      }
99  
100     /**
101      * There are no valid parameters for SPNEGO authentication so this
102      * method always returns {@code null}.
103      *
104      * @return {@code null}
105      */
106     @Override
107     public String getParameter(final String name) {
108         Args.notNull(name, "Parameter name");
109         return null;
110     }
111 
112     /**
113      * The concept of an authentication realm is not supported by the Negotiate
114      * authentication scheme. Always returns {@code null}.
115      *
116      * @return {@code null}
117      */
118     @Override
119     public String getRealm() {
120         return null;
121     }
122 
123     /**
124      * Returns {@code true}. SPNEGO authentication scheme is connection based.
125      *
126      * @return {@code true}.
127      */
128     @Override
129     public boolean isConnectionBased() {
130         return true;
131     }
132 
133 }