1 /*
2 * ====================================================================
3 * Licensed to the Apache Software Foundation (ASF) under one
4 * or more contributor license agreements. See the NOTICE file
5 * distributed with this work for additional information
6 * regarding copyright ownership. The ASF licenses this file
7 * to you under the Apache License, Version 2.0 (the
8 * "License"); you may not use this file except in compliance
9 * with the License. You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing,
14 * software distributed under the License is distributed on an
15 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16 * KIND, either express or implied. See the License for the
17 * specific language governing permissions and limitations
18 * under the License.
19 * ====================================================================
20 *
21 * This software consists of voluntary contributions made by many
22 * individuals on behalf of the Apache Software Foundation. For more
23 * information on the Apache Software Foundation, please see
24 * <http://www.apache.org/>.
25 *
26 */
27 package org.apache.http.impl.client;
28
29 import java.security.Principal;
30
31 import javax.net.ssl.SSLSession;
32
33 import org.apache.http.HttpConnection;
34 import org.apache.http.annotation.Immutable;
35 import org.apache.http.auth.AuthScheme;
36 import org.apache.http.auth.AuthState;
37 import org.apache.http.auth.Credentials;
38 import org.apache.http.client.UserTokenHandler;
39 import org.apache.http.client.protocol.HttpClientContext;
40 import org.apache.http.conn.ManagedHttpClientConnection;
41 import org.apache.http.protocol.HttpContext;
42
43 /**
44 * Default implementation of {@link UserTokenHandler}. This class will use
45 * an instance of {@link Principal} as a state object for HTTP connections,
46 * if it can be obtained from the given execution context. This helps ensure
47 * persistent connections created with a particular user identity within
48 * a particular security context can be reused by the same user only.
49 * <p>
50 * DefaultUserTokenHandler will use the user principle of connection
51 * based authentication schemes such as NTLM or that of the SSL session
52 * with the client authentication turned on. If both are unavailable,
53 * <code>null</code> token will be returned.
54 *
55 * @since 4.0
56 */
57 @Immutable
58 public class DefaultUserTokenHandler implements UserTokenHandler {
59
60 public static final DefaultUserTokenHandler INSTANCE = new DefaultUserTokenHandler();
61
62 public Object getUserToken(final HttpContext context) {
63
64 final HttpClientContext clientContext = HttpClientContext.adapt(context);
65
66 Principal userPrincipal = null;
67
68 final AuthState targetAuthState = clientContext.getTargetAuthState();
69 if (targetAuthState != null) {
70 userPrincipal = getAuthPrincipal(targetAuthState);
71 if (userPrincipal == null) {
72 final AuthState proxyAuthState = clientContext.getProxyAuthState();
73 userPrincipal = getAuthPrincipal(proxyAuthState);
74 }
75 }
76
77 if (userPrincipal == null) {
78 final HttpConnection conn = clientContext.getConnection();
79 if (conn.isOpen() && conn instanceof ManagedHttpClientConnection) {
80 final SSLSession sslsession = ((ManagedHttpClientConnection) conn).getSSLSession();
81 if (sslsession != null) {
82 userPrincipal = sslsession.getLocalPrincipal();
83 }
84 }
85 }
86
87 return userPrincipal;
88 }
89
90 private static Principal getAuthPrincipal(final AuthState authState) {
91 final AuthScheme scheme = authState.getAuthScheme();
92 if (scheme != null && scheme.isComplete() && scheme.isConnectionBased()) {
93 final Credentials creds = authState.getCredentials();
94 if (creds != null) {
95 return creds.getUserPrincipal();
96 }
97 }
98 return null;
99 }
100
101 }