View Javadoc

1   /*
2    * ====================================================================
3    * Licensed to the Apache Software Foundation (ASF) under one
4    * or more contributor license agreements.  See the NOTICE file
5    * distributed with this work for additional information
6    * regarding copyright ownership.  The ASF licenses this file
7    * to you under the Apache License, Version 2.0 (the
8    * "License"); you may not use this file except in compliance
9    * with the License.  You may obtain a copy of the License at
10   *
11   *   http://www.apache.org/licenses/LICENSE-2.0
12   *
13   * Unless required by applicable law or agreed to in writing,
14   * software distributed under the License is distributed on an
15   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16   * KIND, either express or implied.  See the License for the
17   * specific language governing permissions and limitations
18   * under the License.
19   * ====================================================================
20   *
21   * This software consists of voluntary contributions made by many
22   * individuals on behalf of the Apache Software Foundation.  For more
23   * information on the Apache Software Foundation, please see
24   * <http://www.apache.org/>.
25   *
26   */
27  package org.apache.http.impl.auth;
28  
29  import org.apache.http.Header;
30  import org.apache.http.HttpRequest;
31  import org.apache.http.auth.AuthenticationException;
32  import org.apache.http.auth.Credentials;
33  import org.apache.http.protocol.HttpContext;
34  import org.apache.http.util.Args;
35  import org.ietf.jgss.GSSException;
36  import org.ietf.jgss.Oid;
37  
38  /**
39   * SPNEGO (Simple and Protected GSSAPI Negotiation Mechanism) authentication
40   * scheme.
41   *
42   * @since 4.2
43   */
44  public class SPNegoScheme extends GGSSchemeBase {
45  
46      private static final String SPNEGO_OID = "1.3.6.1.5.5.2";
47  
48      public SPNegoScheme(final boolean stripPort) {
49          super(stripPort);
50      }
51  
52      public SPNegoScheme() {
53          super(false);
54      }
55  
56      public String getSchemeName() {
57          return "Negotiate";
58      }
59  
60      /**
61       * Produces SPNEGO authorization Header based on token created by
62       * processChallenge.
63       *
64       * @param credentials not used by the SPNEGO scheme.
65       * @param request The request being authenticated
66       *
67       * @throws AuthenticationException if authentication string cannot
68       *   be generated due to an authentication failure
69       *
70       * @return SPNEGO authentication Header
71       */
72      @Override
73      public Header authenticate(
74              final Credentials credentials,
75              final HttpRequest request,
76              final HttpContext context) throws AuthenticationException {
77          return super.authenticate(credentials, request, context);
78      }
79  
80      @Override
81      protected byte[] generateToken(final byte[] input, final String authServer) throws GSSException {
82          return generateGSSToken(input, new Oid(SPNEGO_OID), authServer);
83      }
84  
85      /**
86       * There are no valid parameters for SPNEGO authentication so this
87       * method always returns <code>null</code>.
88       *
89       * @return <code>null</code>
90       */
91      public String getParameter(final String name) {
92          Args.notNull(name, "Parameter name");
93          return null;
94      }
95  
96      /**
97       * The concept of an authentication realm is not supported by the Negotiate
98       * authentication scheme. Always returns <code>null</code>.
99       *
100      * @return <code>null</code>
101      */
102     public String getRealm() {
103         return null;
104     }
105 
106     /**
107      * Returns <tt>true</tt>. SPNEGO authentication scheme is connection based.
108      *
109      * @return <tt>true</tt>.
110      */
111     public boolean isConnectionBased() {
112         return true;
113     }
114 
115 }