/** * Create an {@link HttpClient} with authentication by user/password * a particular host and port. */ public static HttpClient httpClient(String host, int port, String user, String password, String realm) { AuthSetup auth = new AuthSetup(host, port, user, password, realm); return httpClient(auth); }
/** Create digest auth {@link DigestScheme} */ private static RFC2617Scheme authScheme(String realm) { switch (authMode) { case BASIC: return authBasicScheme(realm); case DIGEST : return authDigestScheme(realm); default: throw new InternalErrorException("RFC2617 auth scheme not reocgnized: "+authMode); } }
public static void withAuth(String urlStr, AuthSetup auth, Consumer<RDFConnection> action) { CredentialsProvider credsProvider = credsProvider(auth); HttpHost target = new HttpHost(auth.host, auth.port, "http"); // --- AuthCache : not necessary // Create AuthCache instance - necessary for non-repeatable request entity. (i.e. streaming) // [AuthScheme] AuthCache authCache = new BasicAuthCache(); if ( LibSec.authMode == AuthScheme.BASIC ) { RFC2617Scheme authScheme = authScheme(auth.realm); // Can force the client to use basic first time by setting authCache. // This does not work for digest because the nonce's will be wrong. authCache.put(target, authScheme); } HttpContext httpContext = httpContext(authCache, credsProvider); HttpClient httpClient = httpClient(auth); // Needs retryable mods to RDFConnectionRemote?? try ( RDFConnection conn = RDFConnectionRemote.create() .destination(urlStr) .httpClient(httpClient) .httpContext(httpContext) .build() ) { action.accept(conn); } }
public static CredentialsProvider credsProvider(AuthSetup auth) { return credsProvider(auth.host, auth.port, auth.user, auth.password); }
@Test public void access_open_userX() { // OK. LibSec.withAuth(serverURL+"open", authSetupX, (conn)->{ conn.queryAsk("ASK{}"); }); }
public static HttpClientContext httpContext(AuthCache authCache, CredentialsProvider provider) { // Add AuthCache to the execution context HttpClientContext localContext = HttpClientContext.create(); return httpContext(localContext, authCache, provider); }
public static CredentialsProvider credsProvider(AuthSetup auth) { return credsProvider(auth.host, auth.port, auth.user, auth.password); }
@Test public void access_open_user1() { // OK. LibSec.withAuth(serverURL+"open", authSetup1, (conn)->{ conn.queryAsk("ASK{}"); }); }
public static HttpClientContext httpContext(AuthCache authCache, CredentialsProvider provider) { // Add AuthCache to the execution context HttpClientContext localContext = HttpClientContext.create(); return httpContext(localContext, authCache, provider); }
/** * Create an {@link HttpClient} with authentication by user/password * a particular host and port. */ public static HttpClient httpClient(String host, int port, String user, String password, String realm) { AuthSetup auth = new AuthSetup(host, port, user, password, realm); return httpClient(auth); }
public static void withAuth(String urlStr, AuthSetup auth, Consumer<RDFConnection> action) { CredentialsProvider credsProvider = credsProvider(auth); HttpHost target = new HttpHost(auth.host, auth.port, "http"); // --- AuthCache : not necessary // Create AuthCache instance - necessary for non-repeatable request entity. (i.e. streaming) // [AuthScheme] AuthCache authCache = new BasicAuthCache(); if ( LibSec.authMode == AuthScheme.BASIC ) { RFC2617Scheme authScheme = authScheme(auth.realm); // Can force the client to use basic first time by setting authCache. // This does not work for digest because the nonce's will be wrong. authCache.put(target, authScheme); } HttpContext httpContext = httpContext(authCache, credsProvider); HttpClient httpClient = httpClient(auth); // Needs retryable mods to RDFConnectionRemote?? try ( RDFConnection conn = RDFConnectionRemote.create() .destination(urlStr) .httpClient(httpClient) .httpContext(httpContext) .build() ) { action.accept(conn); } }
/** Create digest auth {@link DigestScheme} */ private static RFC2617Scheme authScheme(String realm) { switch (authMode) { case BASIC: return authBasicScheme(realm); case DIGEST : return authDigestScheme(realm); default: throw new InternalErrorException("RFC2617 auth scheme not reocgnized: "+authMode); } }
/** * Create an {@link HttpClient} with authentication as given by * the {@link AuthSetup} for a particular host and port. */ public static HttpClient httpClient(AuthSetup auth) { // HttpClient with password. CredentialsProvider credsProvider = credsProvider(auth); HttpClient client = HttpOp.createPoolingHttpClientBuilder() .setDefaultCredentialsProvider(credsProvider) .build(); return client; }
@Test public void access_open_user1() { // OK. LibSec.withAuth(serverURL+"open", authSetup1, (conn)->{ conn.queryAsk("ASK{}"); }); }
@Test public void access_service_ctl_user1() { // user1 -- allowed. HttpClient hc = LibSec.httpClient(authSetup1); try( TypedInputStream in = HttpOp.execHttpGet(serverURL+"ctl", null, hc, null) ) { assertNotNull(in); } }
/** * Create an {@link HttpClient} with authentication as given by * the {@link AuthSetup} for a particular host and port. */ public static HttpClient httpClient(AuthSetup auth) { // HttpClient with password. CredentialsProvider credsProvider = credsProvider(auth); HttpClient client = HttpOp.createPoolingHttpClientBuilder() .setDefaultCredentialsProvider(credsProvider) .build(); return client; }
@Test public void access_open_userX() { // OK. LibSec.withAuth(serverURL+"open", authSetupX, (conn)->{ conn.queryAsk("ASK{}"); }); }
@Test public void access_service_ctl_user1() { // user1 -- allowed. HttpClient hc = LibSec.httpClient(authSetup1); try( TypedInputStream in = HttpOp.execHttpGet(serverURL+"ctl", null, hc, null) ) { assertNotNull(in); } }
@Test public void access_allow_ds() { HttpClient hc = LibSec.httpClient(authSetup1); HttpCaptureResponse<TypedInputStream> handler = new CaptureInput(); try( TypedInputStream in = HttpOp.execHttpGet(serverURL+"ds", null, hc, null) ) { assertNotNull(in); } }
@Test public void access_service_ctl_user2() { // user2 -- can login, not allowed. HttpClient hc = LibSec.httpClient(authSetup2); try( TypedInputStream in = HttpOp.execHttpGet(serverURL+"ctl", null, hc, null) ) { fail("Didn't expect to succeed"); } catch (HttpException ex) { if ( ex.getResponseCode() != HttpSC.FORBIDDEN_403) throw ex; } }