|
|||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectnet.sourceforge.spnego.SpnegoHttpURLConnection
public final class SpnegoHttpURLConnection
This Class may be used by custom clients as a convenience when connecting to a protected HTTP server.
This mechanism is an alternative to HTTP Basic Authentication where the
HTTP server does not support Basic Auth but instead has SPNEGO support
(take a look at SpnegoHttpFilter
).
A krb5.conf and a login.conf is required when using this class. Take a look at the spnego.sourceforge.net documentation for an example krb5.conf and login.conf file. Also, you must provide a keytab file, or a username and password, or allowtgtsessionkey.
Example usage (username/password):
public static void main(final String[] args) throws Exception { System.setProperty("java.security.krb5.conf", "krb5.conf"); System.setProperty("sun.security.krb5.debug", "true"); System.setProperty("java.security.auth.login.config", "login.conf"); SpnegoHttpURLConnection spnego = null; try { spnego = new SpnegoHttpURLConnection("spnego-client", "dfelix", "myp@s5"); spnego.connect(new URL("http://medusa:8080/index.jsp")); System.out.println(spnego.getResponseCode()); } finally { if (null != spnego) { spnego.disconnect(); } } }
Alternatively, if the server supports HTTP Basic Authentication, this Class is NOT needed and instead you can do something like the following:
public static void main(final String[] args) throws Exception { final String creds = "dfelix:myp@s5"; final String token = Base64.encode(creds.getBytes()); URL url = new URL("http://medusa:8080/index.jsp"); HttpURLConnection conn = (HttpURLConnection) url.openConnection(); conn.setRequestProperty(Constants.AUTHZ_HEADER , Constants.BASIC_HEADER + " " + token); conn.connect(); System.out.println("Response Code:" + conn.getResponseCode()); }
To see a working example and instructions on how to use a keytab, take a look at the creating a client keytab example.
Finally, the SpnegoSOAPConnection
class is another example of a class
that uses this class.
Field Summary | |
---|---|
private boolean |
autoDisposeCreds
Determines if the GSSCredentials (if any) used during the connection request should be automatically disposed by this class when finished. |
private boolean |
cntxtEstablished
Flag to determine if GSSContext has been established. |
private HttpURLConnection |
conn
Ref to HTTP URL Connection object after calling connect method. |
private boolean |
connected
If false, this connection object has not created a communications link to the specified URL. |
private GSSCredential |
credential
Client's credentials. |
private static byte[] |
EMPTY_BYTE
|
private static Lock |
LOCK
GSSContext is not thread-safe. |
private static Logger |
LOGGER
|
private LoginContext |
loginContext
Login Context for authenticating client. |
private boolean |
reqCredDeleg
Request credential to be delegated. |
private String |
requestMethod
Default is GET. |
private Map<String,List<String>> |
requestProperties
|
Constructor Summary | |
---|---|
SpnegoHttpURLConnection(GSSCredential creds)
Create an instance where the GSSCredential is specified by the parameter and where the GSSCredential is automatically disposed after use. |
|
SpnegoHttpURLConnection(GSSCredential creds,
boolean dispose)
Create an instance where the GSSCredential is specified by the parameter and whether the GSSCredential should be disposed after use. |
|
SpnegoHttpURLConnection(String loginModuleName)
Creates an instance where the LoginContext relies on a keytab file being specified by "java.security.auth.login.config" or where LoginContext relies on tgtsessionkey. |
|
SpnegoHttpURLConnection(String loginModuleName,
String username,
String password)
Creates an instance where the LoginContext does not require a keytab file. |
Method Summary | |
---|---|
void |
addRequestProperty(String key,
String value)
Adds an HTTP Request property. |
private void |
assertConnected()
Throws IllegalStateException if this connection object has not yet created a communications link to the specified URL. |
private void |
assertKeyValue(String key,
String value)
Internal sanity check to validate not null key/value pairs. |
private void |
assertNotConnected()
Throws IllegalStateException if this connection object has already created a communications link to the specified URL. |
HttpURLConnection |
connect(URL url)
Opens a communications link to the resource referenced by this URL, if such a connection has not already been established. |
HttpURLConnection |
connect(URL url,
ByteArrayOutputStream dooutput)
Opens a communications link to the resource referenced by this URL, if such a connection has not already been established. |
void |
disconnect()
Logout and clear request properties. |
private void |
dispose(GSSContext context)
Logout the LoginContext instance, and call dispose() on GSSCredential if autoDisposeCreds is set to true, and call dispose on the passed-in GSSContext instance. |
InputStream |
getErrorStream()
Returns an error stream that reads from this open connection. |
private GSSContext |
getGSSContext(URL url)
Returns a GSSContextt for the given url with a default lifetime. |
String |
getHeaderField(int index)
Get header value at specified index. |
String |
getHeaderField(String name)
Get header value by header name. |
String |
getHeaderFieldKey(int index)
Get header field key at specified index. |
InputStream |
getInputStream()
Returns an input stream that reads from this open connection. |
OutputStream |
getOutputStream()
Returns an output stream that writes to this open connection. |
int |
getResponseCode()
Returns HTTP Status code. |
String |
getResponseMessage()
Returns HTTP Status message. |
boolean |
isContextEstablished()
Returns true if GSSContext has been established. |
void |
requestCredDeleg(boolean requestDelegation)
Request that this GSSCredential be allowed for delegation. |
void |
setRequestMethod(String method)
May override the default GET method. |
void |
setRequestProperty(String key,
String value)
Sets an HTTP Request property. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
private static final Logger LOGGER
private static final Lock LOCK
private static final byte[] EMPTY_BYTE
private transient boolean connected
private transient String requestMethod
HttpURLConnection.getRequestMethod()
private final transient Map<String,List<String>> requestProperties
URLConnection.getRequestProperties()
private final transient LoginContext loginContext
private transient GSSCredential credential
private transient boolean cntxtEstablished
private transient HttpURLConnection conn
private transient boolean reqCredDeleg
private transient boolean autoDisposeCreds
Constructor Detail |
---|
public SpnegoHttpURLConnection(String loginModuleName) throws LoginException
loginModuleName
-
LoginException
public SpnegoHttpURLConnection(GSSCredential creds)
creds
- credentials to usepublic SpnegoHttpURLConnection(GSSCredential creds, boolean dispose)
creds
- credentials to usedispose
- true if GSSCredential should be diposed after usepublic SpnegoHttpURLConnection(String loginModuleName, String username, String password) throws LoginException
loginModuleName
- username
- password
-
LoginException
Method Detail |
---|
private void assertConnected()
private void assertNotConnected()
public HttpURLConnection connect(URL url) throws GSSException, PrivilegedActionException, IOException
This implementation simply calls this objects connect(URL, ByteArrayOutputStream) method but passing in a null for the second argument.
url
-
GSSException
PrivilegedActionException
IOException
LoginException
URLConnection.connect()
public HttpURLConnection connect(URL url, ByteArrayOutputStream dooutput) throws GSSException, PrivilegedActionException, IOException
url
- dooutput
- optional message/payload to send to server
GSSException
PrivilegedActionException
IOException
LoginException
URLConnection.connect()
private void dispose(GSSContext context)
public void disconnect()
HttpURLConnection.disconnect()
public boolean isContextEstablished()
private void assertKeyValue(String key, String value)
public void addRequestProperty(String key, String value)
key
- request property namevalue
- request propery valueURLConnection.addRequestProperty(String, String)
public void setRequestProperty(String key, String value)
key
- request property namevalue
- request property valueURLConnection.setRequestProperty(String, String)
private GSSContext getGSSContext(URL url) throws GSSException, PrivilegedActionException
url
- http address
GSSException
PrivilegedActionException
public InputStream getErrorStream() throws IOException
IOException
HttpURLConnection.getErrorStream()
public String getHeaderField(int index)
index
-
public String getHeaderField(String name)
name
- name header
URLConnection.getHeaderField(String)
public String getHeaderFieldKey(int index)
index
-
public InputStream getInputStream() throws IOException
IOException
URLConnection.getInputStream()
public OutputStream getOutputStream() throws IOException
IOException
URLConnection.getOutputStream()
public int getResponseCode() throws IOException
IOException
HttpURLConnection.getResponseCode()
public String getResponseMessage() throws IOException
IOException
HttpURLConnection.getResponseMessage()
public void requestCredDeleg(boolean requestDelegation)
requestDelegation
- true to allow/request delegationpublic void setRequestMethod(String method)
method
- HttpURLConnection.setRequestMethod(String)
|
|||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |