public final static void main(String[] args) throws Exception { if (!WinHttpClients.isWinAuthAvailable()) { System.out.println("Integrated Win auth is not supported!!!"); } CloseableHttpClient httpclient = WinHttpClients.createDefault(); // There is no need to provide user credentials // HttpClient will attempt to access current user security context through // Windows platform specific methods via JNI. try { HttpGet httpget = new HttpGet("http://winhost/"); System.out.println("Executing request " + httpget.getRequestLine()); CloseableHttpResponse response = httpclient.execute(httpget); try { System.out.println("----------------------------------------"); System.out.println(response.getStatusLine()); EntityUtils.consume(response.getEntity()); } finally { response.close(); } } finally { httpclient.close(); } }
private HttpClient createHttpClient(Authentication auth, String verify, HttpHost target, Boolean postRedirects, String password, TrustStrategy keystoreTrustStrategy, HostnameVerifier keystoreHostnameVerifier, Proxy proxy) { Certificate certificate = new Certificate(); Auth authHelper = new Auth(); HttpClientBuilder httpClientBuilder = WinHttpClients.custom(); Builder requestConfig = RequestConfig.custom(); requestConfig.setCookieSpec(CookieSpecs.DEFAULT); logger.debug("Verify value: " + verify); logger.debug((new File(verify).getAbsolutePath())); if (new File(verify).exists()) { logger.debug("Loading custom keystore"); httpClientBuilder.setSSLSocketFactory( certificate.allowAllCertificates(certificate.createCustomKeyStore(verify.toString(), password), password, keystoreTrustStrategy, keystoreHostnameVerifier)); } else if (!Boolean.parseBoolean(verify.toString())) { logger.debug("Allowing all certificates"); httpClientBuilder.setSSLSocketFactory(certificate.allowAllCertificates(null)); } if (auth.isAuthenticable()) { httpClientBuilder.setDefaultCredentialsProvider(authHelper.getCredentialsProvider(auth, target)); } if (proxy != null && proxy.isInUse()) { logger.debug("Enabling proxy"); if (proxy.isAuthenticable()) { logger.debug("Setting proxy credentials"); httpClientBuilder.setDefaultCredentialsProvider( authHelper.getCredentialsProvider(proxy.getAuth(), proxy.getHttpHost())); } requestConfig.setProxy(proxy.getHttpHost()); } if (postRedirects) { httpClientBuilder.setRedirectStrategy(new CustomRedirectStrategy()); } httpClientBuilder.setDefaultRequestConfig(requestConfig.build()); return httpClientBuilder.build(); }
@Test(timeout=30000) // this timeout (in ms) needs to be extended if you're actively debugging the code public void testNoInfiniteLoopOnSPNOutsideDomain() throws Exception { Assume.assumeTrue("Test can only be run on Windows", WinHttpClients.isWinAuthAvailable()); // HTTPCLIENT-1545 // If a service principal name (SPN) from outside your Windows domain tree (e.g., HTTP/example.com) is used, // InitializeSecurityContext will return SEC_E_DOWNGRADE_DETECTED (decimal: -2146892976, hex: 0x80090350). // Because WindowsNegotiateScheme wasn't setting the completed state correctly when authentication fails, // HttpClient goes into an infinite loop, constantly retrying the negotiate authentication to kingdom // come. This error message, "The system detected a possible attempt to compromise security. Please ensure that // you can contact the server that authenticated you." is associated with SEC_E_DOWNGRADE_DETECTED. final Registry<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create() .register(AuthSchemes.SPNEGO, new AuthSchemeProvider() { @Override public AuthScheme create(final HttpContext context) { return new WindowsNegotiateSchemeGetTokenFail(AuthSchemes.SPNEGO, "HTTP/example.com"); } }).build(); final CredentialsProvider credsProvider = new WindowsCredentialsProvider(new SystemDefaultCredentialsProvider()); final CloseableHttpClient customClient = HttpClientBuilder.create() .setDefaultCredentialsProvider(credsProvider) .setDefaultAuthSchemeRegistry(authSchemeRegistry).build(); final HttpHost target = start(); final HttpGet httpGet = new HttpGet("/"); final CloseableHttpResponse response = customClient.execute(target, httpGet); try { EntityUtils.consume(response.getEntity()); } finally { response.close(); } }
private CloseableHttpClient createHttpClient(ServerInfo serverInfo) { HttpClientBuilder builder = (useBuiltinWindowsAuthentication(serverInfo)) ? WinHttpClients.custom() : HttpClients.custom(); HttpClientConnectionManager connMgr = createConnectionManagerIfNecessary(); if (connMgr != null) { builder.setConnectionManager(connMgr); } builder.setUserAgent(userAgent); builder.useSystemProperties(); return builder.build(); }
