List of usage examples for org.apache.http.client.config AuthSchemes SPNEGO
String SPNEGO
To view the source code for org.apache.http.client.config AuthSchemes SPNEGO.
Click Source Link
From source file:ch.cyberduck.core.http.HttpConnectionPoolBuilder.java
public HttpClientBuilder build(final TranscriptListener listener) { // Use HTTP Connect proxy implementation provided here instead of // relying on internal proxy support in socket factory final Proxy proxy = proxyFinder.find(host); if (proxy.getType() == Proxy.Type.HTTP) { final HttpHost h = new HttpHost(proxy.getHostname(), proxy.getPort(), Scheme.http.name()); if (log.isInfoEnabled()) { log.info(String.format("Setup proxy %s", h)); }/*from ww w . j av a2 s . c o m*/ builder.setProxy(h); } if (proxy.getType() == Proxy.Type.HTTPS) { final HttpHost h = new HttpHost(proxy.getHostname(), proxy.getPort(), Scheme.https.name()); if (log.isInfoEnabled()) { log.info(String.format("Setup proxy %s", h)); } builder.setProxy(h); } builder.setUserAgent(new PreferencesUseragentProvider().get()); final int timeout = preferences.getInteger("connection.timeout.seconds") * 1000; builder.setDefaultSocketConfig(SocketConfig.custom().setTcpNoDelay(true).setSoTimeout(timeout).build()); builder.setDefaultRequestConfig(RequestConfig.custom().setRedirectsEnabled(true) // Disable use of Expect: Continue by default for all methods .setExpectContinueEnabled(false).setAuthenticationEnabled(true).setConnectTimeout(timeout) // Sets the timeout in milliseconds used when retrieving a connection from the ClientConnectionManager .setConnectionRequestTimeout(preferences.getInteger("http.manager.timeout")) .setSocketTimeout(timeout).build()); final String encoding; if (null == host.getEncoding()) { encoding = preferences.getProperty("browser.charset.encoding"); } else { encoding = host.getEncoding(); } builder.setDefaultConnectionConfig( ConnectionConfig.custom().setBufferSize(preferences.getInteger("http.socket.buffer")) .setCharset(Charset.forName(encoding)).build()); if (preferences.getBoolean("http.connections.reuse")) { builder.setConnectionReuseStrategy(new DefaultConnectionReuseStrategy()); } else { builder.setConnectionReuseStrategy(new NoConnectionReuseStrategy()); } builder.setRetryHandler( new ExtendedHttpRequestRetryHandler(preferences.getInteger("http.connections.retry"))); if (!preferences.getBoolean("http.compression.enable")) { builder.disableContentCompression(); } builder.setRequestExecutor(new LoggingHttpRequestExecutor(listener)); // Always register HTTP for possible use with proxy. Contains a number of protocol properties such as the // default port and the socket factory to be used to create the java.net.Socket instances for the given protocol builder.setConnectionManager(this.pool(this.registry().build())); builder.setDefaultAuthSchemeRegistry(RegistryBuilder.<AuthSchemeProvider>create() .register(AuthSchemes.BASIC, new BasicSchemeFactory( Charset.forName(preferences.getProperty("http.credentials.charset")))) .register(AuthSchemes.DIGEST, new DigestSchemeFactory( Charset.forName(preferences.getProperty("http.credentials.charset")))) .register(AuthSchemes.NTLM, new NTLMSchemeFactory()) .register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory()) .register(AuthSchemes.KERBEROS, new KerberosSchemeFactory()).build()); return builder; }
From source file:com.srotya.collectd.storm.StormNimbusMetrics.java
@Override public int config(OConfigItem config) { nimbusAddresses = new ArrayList<>(); String jaasPath = "jaas.conf"; List<OConfigItem> children = config.getChildren(); for (OConfigItem child : children) { switch (child.getKey().toLowerCase()) { case "address": for (OConfigValue nimbus : child.getValues()) { try { new URI(nimbus.toString()); } catch (Exception e) { Collectd.logError("Bad URI " + nimbus + " for Nimbus, error:" + e.getMessage()); return -1; }/*from w w w.j av a 2 s . c o m*/ nimbusAddresses.add(nimbus.getString()); } break; case "kerberos": kerberos = child.getValues().get(0).getBoolean(); break; case "jaas": jaasPath = child.getValues().get(0).getString(); break; } } Collectd.logInfo("Storm Nimbus Plugin: using following Nimbuses:" + nimbusAddresses); Collectd.logInfo("Storm Nimbus Plugin: using kerberos:" + kerberos); builder = HttpClientBuilder.create(); context = HttpClientContext.create(); if (kerberos) { System.setProperty("java.security.auth.login.config", jaasPath); System.setProperty("java.security.krb5.conf", "/etc/krb5.conf"); System.setProperty("javax.security.auth.useSubjectCredsOnly", "true"); login(); Lookup<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create() .register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true)).build(); builder.setDefaultAuthSchemeRegistry(authSchemeRegistry); BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider(); // This may seem odd, but specifying 'null' as principal tells java // to // use the logged in user's credentials Credentials useJaasCreds = new Credentials() { public String getPassword() { return null; } public Principal getUserPrincipal() { return null; } }; credentialsProvider.setCredentials(new AuthScope(null, -1, null), useJaasCreds); context.setCredentialsProvider(credentialsProvider); } else { subject = Subject.getSubject(AccessController.getContext()); } return 0; }
From source file:de.codecentric.elasticsearch.plugin.kerberosrealm.AbstractUnitTest.java
protected final CloseableHttpClient getHttpClient(final boolean useSpnego) throws Exception { final CredentialsProvider credsProvider = new BasicCredentialsProvider(); final HttpClientBuilder hcb = HttpClients.custom(); if (useSpnego) { //SPNEGO/Kerberos setup log.debug("SPNEGO activated"); final AuthSchemeProvider nsf = new SPNegoSchemeFactory(true);// new NegotiateSchemeProvider(); final Credentials jaasCreds = new JaasCredentials(); credsProvider.setCredentials(new AuthScope(null, -1, null, AuthSchemes.SPNEGO), jaasCreds); credsProvider.setCredentials(new AuthScope(null, -1, null, AuthSchemes.NTLM), new NTCredentials("Guest", "Guest", "Guest", "Guest")); final Registry<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create() .register(AuthSchemes.SPNEGO, nsf).register(AuthSchemes.NTLM, new NTLMSchemeFactory()).build(); hcb.setDefaultAuthSchemeRegistry(authSchemeRegistry); }//from www . ja va2 s . c o m hcb.setDefaultCredentialsProvider(credsProvider); hcb.setDefaultSocketConfig(SocketConfig.custom().setSoTimeout(10 * 1000).build()); final CloseableHttpClient httpClient = hcb.build(); return httpClient; }
From source file:org.apache.maven.wagon.providers.http.AbstractHttpClientWagonFixed.java
private static CloseableHttpClient createClient() { return HttpClientBuilder.create() // .useSystemProperties() // .disableConnectionState() // .setConnectionManager(httpClientConnectionManager) // //Using Custom Default Schema Registry .setDefaultAuthSchemeRegistry(RegistryBuilder.<AuthSchemeProvider>create() .register(AuthSchemes.BASIC, new BasicSchemeFactory()) .register(AuthSchemes.DIGEST, new DigestSchemeFactory()) .register(AuthSchemes.NTLM, new NTLMSchemeFactory()) //Using Custom SPNEGO Factory & FORCE strip port //Kerberos Error: Server not found in Kerberos database (7) - LOOKING_UP_SERVER .register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true)) .register(AuthSchemes.KERBEROS, new KerberosSchemeFactory(true)).build()) .build();//from w w w.ja v a2s. c om }
From source file:com.petalmd.armor.AbstractUnitTest.java
protected final HeaderAwareJestHttpClient getJestClient(final String serverUri, final String username, final String password) throws Exception {// http://hc.apache.org/httpcomponents-client-ga/tutorial/html/authentication.html final CredentialsProvider credsProvider = new BasicCredentialsProvider(); final HttpClientConfig clientConfig1 = new HttpClientConfig.Builder(serverUri).multiThreaded(true).build(); // Construct a new Jest client according to configuration via factory final HeaderAwareJestClientFactory factory1 = new HeaderAwareJestClientFactory(); factory1.setHttpClientConfig(clientConfig1); final HeaderAwareJestHttpClient c = factory1.getObject(); final HttpClientBuilder hcb = HttpClients.custom(); if (username != null) { credsProvider.setCredentials(new AuthScope(AuthScope.ANY), new UsernamePasswordCredentials(username, password)); }// w w w . j a v a2 s . co m if (useSpnego) { //SPNEGO/Kerberos setup log.debug("SPNEGO activated"); final AuthSchemeProvider nsf = new SPNegoSchemeFactory(true, false);// new NegotiateSchemeProvider(); final Credentials jaasCreds = new JaasCredentials(); credsProvider.setCredentials(new AuthScope(null, -1, null, AuthSchemes.SPNEGO), jaasCreds); credsProvider.setCredentials(new AuthScope(null, -1, null, AuthSchemes.NTLM), new NTCredentials("Guest", "Guest", "Guest", "Guest")); final Registry<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create() .register(AuthSchemes.SPNEGO, nsf).register(AuthSchemes.NTLM, new NTLMSchemeFactory()).build(); hcb.setDefaultAuthSchemeRegistry(authSchemeRegistry); } hcb.setDefaultCredentialsProvider(credsProvider); if (serverUri.startsWith("https")) { log.debug("Configure Jest with SSL"); final KeyStore myTrustStore = KeyStore.getInstance("JKS"); myTrustStore.load(new FileInputStream(SecurityUtil.getAbsoluteFilePathFromClassPath("ArmorTS.jks")), "changeit".toCharArray()); final KeyStore keyStore = KeyStore.getInstance("JKS"); keyStore.load(new FileInputStream(SecurityUtil.getAbsoluteFilePathFromClassPath("ArmorKS.jks")), "changeit".toCharArray()); final SSLContext sslContext = SSLContexts.custom().useTLS() .loadKeyMaterial(keyStore, "changeit".toCharArray()).loadTrustMaterial(myTrustStore).build(); String[] protocols = null; if (enableSSLv3Only) { protocols = new String[] { "SSLv3" }; } else { protocols = SecurityUtil.ENABLED_SSL_PROTOCOLS; } final SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, protocols, SecurityUtil.ENABLED_SSL_CIPHERS, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); hcb.setSSLSocketFactory(sslsf); } hcb.setDefaultSocketConfig(SocketConfig.custom().setSoTimeout(60 * 1000).build()); final CloseableHttpClient httpClient = hcb.build(); c.setHttpClient(httpClient); return c; }
From source file:org.apache.zeppelin.livy.BaseLivyInterpreter.java
private RestTemplate createRestTemplate() { String keytabLocation = getProperty("zeppelin.livy.keytab"); String principal = getProperty("zeppelin.livy.principal"); boolean isSpnegoEnabled = StringUtils.isNotEmpty(keytabLocation) && StringUtils.isNotEmpty(principal); HttpClient httpClient = null;/* w ww. j a v a2s . co m*/ if (livyURL.startsWith("https:")) { String keystoreFile = getProperty("zeppelin.livy.ssl.trustStore"); String password = getProperty("zeppelin.livy.ssl.trustStorePassword"); if (StringUtils.isBlank(keystoreFile)) { throw new RuntimeException("No zeppelin.livy.ssl.trustStore specified for livy ssl"); } if (StringUtils.isBlank(password)) { throw new RuntimeException("No zeppelin.livy.ssl.trustStorePassword specified " + "for livy ssl"); } FileInputStream inputStream = null; try { inputStream = new FileInputStream(keystoreFile); KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustStore.load(new FileInputStream(keystoreFile), password.toCharArray()); SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(trustStore).build(); SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext); HttpClientBuilder httpClientBuilder = HttpClients.custom().setSSLSocketFactory(csf); RequestConfig reqConfig = new RequestConfig() { @Override public boolean isAuthenticationEnabled() { return true; } }; httpClientBuilder.setDefaultRequestConfig(reqConfig); Credentials credentials = new Credentials() { @Override public String getPassword() { return null; } @Override public Principal getUserPrincipal() { return null; } }; CredentialsProvider credsProvider = new BasicCredentialsProvider(); credsProvider.setCredentials(AuthScope.ANY, credentials); httpClientBuilder.setDefaultCredentialsProvider(credsProvider); if (isSpnegoEnabled) { Registry<AuthSchemeProvider> authSchemeProviderRegistry = RegistryBuilder .<AuthSchemeProvider>create().register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory()) .build(); httpClientBuilder.setDefaultAuthSchemeRegistry(authSchemeProviderRegistry); } httpClient = httpClientBuilder.build(); } catch (Exception e) { throw new RuntimeException("Failed to create SSL HttpClient", e); } finally { if (inputStream != null) { try { inputStream.close(); } catch (IOException e) { LOGGER.error("Failed to close keystore file", e); } } } } RestTemplate restTemplate = null; if (isSpnegoEnabled) { if (httpClient == null) { restTemplate = new KerberosRestTemplate(keytabLocation, principal); } else { restTemplate = new KerberosRestTemplate(keytabLocation, principal, httpClient); } } else { if (httpClient == null) { restTemplate = new RestTemplate(); } else { restTemplate = new RestTemplate(new HttpComponentsClientHttpRequestFactory(httpClient)); } } restTemplate.getMessageConverters().add(0, new StringHttpMessageConverter(Charset.forName("UTF-8"))); return restTemplate; }
From source file:org.apache.hadoop.hbase.rest.TestSecureRESTServer.java
private Pair<CloseableHttpClient, HttpClientContext> getClient() { HttpClientConnectionManager pool = new PoolingHttpClientConnectionManager(); HttpHost host = new HttpHost("localhost", REST_TEST.getServletPort()); Registry<AuthSchemeProvider> authRegistry = RegistryBuilder.<AuthSchemeProvider>create() .register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true, true)).build(); CredentialsProvider credentialsProvider = new BasicCredentialsProvider(); credentialsProvider.setCredentials(AuthScope.ANY, EmptyCredentials.INSTANCE); AuthCache authCache = new BasicAuthCache(); CloseableHttpClient client = HttpClients.custom().setDefaultAuthSchemeRegistry(authRegistry) .setConnectionManager(pool).build(); HttpClientContext context = HttpClientContext.create(); context.setTargetHost(host);/*from w ww .j a v a 2s . co m*/ context.setCredentialsProvider(credentialsProvider); context.setAuthSchemeRegistry(authRegistry); context.setAuthCache(authCache); return new Pair<>(client, context); }
From source file:org.apache.http.impl.auth.win.WindowsNegotiateScheme.java
public WindowsNegotiateScheme(final String scheme) { super();/*w w w . j av a 2 s.com*/ this.scheme = (scheme == null) ? AuthSchemes.SPNEGO : scheme; this.challenge = null; this.continueNeeded = true; }