public ProxyClient(final HttpParams params) { super(); if (params == null) { throw new IllegalArgumentException("HTTP parameters may not be null"); } this.httpProcessor = new ImmutableHttpProcessor(new HttpRequestInterceptor[] { new RequestContent(), new RequestTargetHost(), new RequestClientConnControl(), new RequestUserAgent(), new RequestProxyAuthentication() } ); this.requestExec = new HttpRequestExecutor(); this.proxyAuthStrategy = new ProxyAuthenticationStrategy(); this.authenticator = new HttpAuthenticator(); this.proxyAuthState = new AuthState(); this.authSchemeRegistry = new AuthSchemeRegistry(); this.authSchemeRegistry.register(AuthPolicy.BASIC, new BasicSchemeFactory()); this.authSchemeRegistry.register(AuthPolicy.DIGEST, new DigestSchemeFactory()); this.authSchemeRegistry.register(AuthPolicy.NTLM, new NTLMSchemeFactory()); this.authSchemeRegistry.register(AuthPolicy.SPNEGO, new SPNegoSchemeFactory()); this.authSchemeRegistry.register(AuthPolicy.KERBEROS, new KerberosSchemeFactory()); this.reuseStrategy = new DefaultConnectionReuseStrategy(); this.params = params; }
protected AuthSchemeRegistry createAuthSchemeRegistry() { AuthSchemeRegistry registry = new AuthSchemeRegistry(); registry.register( AuthPolicy.BASIC, new BasicSchemeFactory()); registry.register( AuthPolicy.DIGEST, new DigestSchemeFactory()); registry.register( AuthPolicy.NTLM, new NTLMSchemeFactory()); registry.register( AuthPolicy.SPNEGO, new SPNegoSchemeFactory()); registry.register( AuthPolicy.KERBEROS, new KerberosSchemeFactory()); return registry; }
protected AuthSchemeRegistry createAuthSchemeRegistry() { final AuthSchemeRegistry registry = new AuthSchemeRegistry(); registry.register( AuthPolicy.BASIC, new BasicSchemeFactory()); registry.register( AuthPolicy.DIGEST, new DigestSchemeFactory()); registry.register( AuthPolicy.NTLM, new NTLMSchemeFactory()); registry.register( AuthPolicy.SPNEGO, new SPNegoSchemeFactory()); registry.register( AuthPolicy.KERBEROS, new KerberosSchemeFactory()); return registry; }
/** * @since 4.3 */ public ProxyClient( final HttpConnectionFactory<HttpRoute, ManagedHttpClientConnection> connFactory, final ConnectionConfig connectionConfig, final RequestConfig requestConfig) { super(); this.connFactory = connFactory != null ? connFactory : ManagedHttpClientConnectionFactory.INSTANCE; this.connectionConfig = connectionConfig != null ? connectionConfig : ConnectionConfig.DEFAULT; this.requestConfig = requestConfig != null ? requestConfig : RequestConfig.DEFAULT; this.httpProcessor = new ImmutableHttpProcessor( new RequestTargetHost(), new RequestClientConnControl(), new RequestUserAgent()); this.requestExec = new HttpRequestExecutor(); this.proxyAuthStrategy = new ProxyAuthenticationStrategy(); this.authenticator = new HttpAuthenticator(); this.proxyAuthState = new AuthState(); this.authSchemeRegistry = new AuthSchemeRegistry(); this.authSchemeRegistry.register(AuthSchemes.BASIC, new BasicSchemeFactory()); this.authSchemeRegistry.register(AuthSchemes.DIGEST, new DigestSchemeFactory()); this.authSchemeRegistry.register(AuthSchemes.NTLM, new NTLMSchemeFactory()); this.authSchemeRegistry.register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory()); this.authSchemeRegistry.register(AuthSchemes.KERBEROS, new KerberosSchemeFactory()); this.reuseStrategy = new DefaultConnectionReuseStrategy(); }
public static void initAuth(ConfigProvider configuration) { // Setting up BASIC and DIGEST auth setupUserPassAuthScheme(AuthScheme.BASIC, AuthSchemes.BASIC, new BasicSchemeFactory(), configuration); setupUserPassAuthScheme(AuthScheme.DIGEST, AuthSchemes.DIGEST, new DigestSchemeFactory(), configuration); // Adding kerberos standard auth setupHttpAuthScheme(AuthSchemes.KERBEROS, new KerberosSchemeFactory(), AuthScope.ANY, DEFAULT_TOKEN_CREDENTIALS); authRegistry = registryBuilder.build(); }
@Test public void buildLookupWithKerberosAuth() { AuthTypes authTypes = new AuthTypes(AuthSchemes.KERBEROS); AuthSchemeProvider provider = new AuthSchemeProviderLookupBuilder() .setAuthTypes(authTypes) .setHost("myweb.contoso.com").buildAuthSchemeProviderLookup().lookup(AuthSchemes.KERBEROS); assertThat(provider, instanceOf(KerberosSchemeFactory.class)); }
/** * @param listener Log listener * @param prompt Prompt for proxy credentials * @return Builder for HTTP client */ public HttpClientBuilder build(final TranscriptListener listener, final LoginCallback prompt) { final HttpClientBuilder configuration = HttpClients.custom(); // Use HTTP Connect proxy implementation provided here instead of // relying on internal proxy support in socket factory final Proxy proxy = proxyFinder.find(host); switch(proxy.getType()) { case HTTP: case HTTPS: final HttpHost h = new HttpHost(proxy.getHostname(), proxy.getPort(), StringUtils.lowerCase(proxy.getType().name())); if(log.isInfoEnabled()) { log.info(String.format("Setup proxy %s", h)); } configuration.setProxy(h); configuration.setProxyAuthenticationStrategy(new CallbackProxyAuthenticationStrategy(ProxyCredentialsStoreFactory.get(), host, prompt)); break; } configuration.setUserAgent(new PreferencesUseragentProvider().get()); final int timeout = preferences.getInteger("connection.timeout.seconds") * 1000; configuration.setDefaultSocketConfig(SocketConfig.custom() .setTcpNoDelay(true) .setSoTimeout(timeout) .build()); configuration.setDefaultRequestConfig(this.createRequestConfig(timeout)); final String encoding; if(null == host.getEncoding()) { encoding = preferences.getProperty("browser.charset.encoding"); } else { encoding = host.getEncoding(); } configuration.setDefaultConnectionConfig(ConnectionConfig.custom() .setBufferSize(preferences.getInteger("http.socket.buffer")) .setCharset(Charset.forName(encoding)) .build()); if(preferences.getBoolean("http.connections.reuse")) { configuration.setConnectionReuseStrategy(new DefaultClientConnectionReuseStrategy()); } else { configuration.setConnectionReuseStrategy(new NoConnectionReuseStrategy()); } configuration.setRetryHandler(new ExtendedHttpRequestRetryHandler(preferences.getInteger("http.connections.retry"))); configuration.setServiceUnavailableRetryStrategy(new DisabledServiceUnavailableRetryStrategy()); if(!preferences.getBoolean("http.compression.enable")) { configuration.disableContentCompression(); } configuration.setRequestExecutor(new LoggingHttpRequestExecutor(listener)); // Always register HTTP for possible use with proxy. Contains a number of protocol properties such as the // default port and the socket factory to be used to create the java.net.Socket instances for the given protocol configuration.setConnectionManager(this.createConnectionManager(this.createRegistry())); configuration.setDefaultAuthSchemeRegistry(RegistryBuilder.<AuthSchemeProvider>create() .register(AuthSchemes.BASIC, new BasicSchemeFactory( Charset.forName(preferences.getProperty("http.credentials.charset")))) .register(AuthSchemes.DIGEST, new DigestSchemeFactory( Charset.forName(preferences.getProperty("http.credentials.charset")))) .register(AuthSchemes.NTLM, new NTLMSchemeFactory()) .register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory()) .register(AuthSchemes.KERBEROS, new KerberosSchemeFactory()).build()); return configuration; }
/** * Use HTTPClient to connect to Hadoop job history server. * Need to set the environment for kerberos, keytab... * @param prop * @throws Exception */ public HadoopJobHistoryNodeExtractor(Properties prop) throws Exception { this.serverURL = prop.getProperty(Constant.AZ_HADOOP_JOBHISTORY_KEY); String CURRENT_DIR = System.getProperty("user.dir"); String WHZ_KRB5_DIR = System.getenv("WHZ_KRB5_DIR"); String APP_HOME = System.getenv("APP_HOME"); String USER_HOME = System.getenv("HOME") + "/.kerberos"; String[] searchPath = new String[]{CURRENT_DIR, WHZ_KRB5_DIR, APP_HOME, USER_HOME, "/etc"}; System.setProperty("java.security.auth.login.config", findFileInSearchPath(searchPath, "gss-jaas.conf")); System.setProperty("java.security.krb5.conf", findFileInSearchPath(searchPath, "krb5.conf")); if (System.getProperty("java.security.auth.login.config") == null || System.getProperty("java.security.krb5.conf") == null) { log.warn("Can't find Java security config [krb5.conf, gss-jass.conf] for Kerberos! Trying other authentication methods..."); } if (log.isTraceEnabled()) { System.setProperty("sun.security.krb5.debug", "true"); } else { System.setProperty("sun.security.krb5.debug", "false"); } System.setProperty("javax.security.auth.useSubjectCredsOnly", "false"); System.setProperty("java.security.krb5.realm", prop.getProperty(Constant.KRB5_REALM)); System.setProperty("java.security.krb5.kdc", prop.getProperty(Constant.KRB5_KDC)); PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(); cm.setMaxTotal(200); cm.setDefaultMaxPerRoute(100); CredentialsProvider credsProvider = new BasicCredentialsProvider(); credsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("DUMMY", null)); Lookup<AuthSchemeProvider> authRegistry = RegistryBuilder.<AuthSchemeProvider>create() .register(AuthSchemes.BASIC, new BasicSchemeFactory()) .register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory()) .register(AuthSchemes.KERBEROS, new KerberosSchemeFactory()).build(); httpClient = HttpClients.custom().setDefaultCredentialsProvider(credsProvider).setDefaultAuthSchemeRegistry(authRegistry) .setConnectionManager(cm).build(); }
