001/* 002 * ==================================================================== 003 * Licensed to the Apache Software Foundation (ASF) under one 004 * or more contributor license agreements. See the NOTICE file 005 * distributed with this work for additional information 006 * regarding copyright ownership. The ASF licenses this file 007 * to you under the Apache License, Version 2.0 (the 008 * "License"); you may not use this file except in compliance 009 * with the License. You may obtain a copy of the License at 010 * 011 * http://www.apache.org/licenses/LICENSE-2.0 012 * 013 * Unless required by applicable law or agreed to in writing, 014 * software distributed under the License is distributed on an 015 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 016 * KIND, either express or implied. See the License for the 017 * specific language governing permissions and limitations 018 * under the License. 019 * ==================================================================== 020 * 021 * This software consists of voluntary contributions made by many 022 * individuals on behalf of the Apache Software Foundation. For more 023 * information on the Apache Software Foundation, please see 024 * <http://www.apache.org/>. 025 * 026 */ 027package org.apache.http.impl.auth; 028 029import org.apache.http.Header; 030import org.apache.http.HttpRequest; 031import org.apache.http.auth.AuthenticationException; 032import org.apache.http.auth.Credentials; 033import org.apache.http.protocol.HttpContext; 034import org.apache.http.util.Args; 035import org.ietf.jgss.GSSException; 036import org.ietf.jgss.Oid; 037 038/** 039 * KERBEROS authentication scheme. 040 * 041 * @since 4.2 042 */ 043public class KerberosScheme extends GGSSchemeBase { 044 045 private static final String KERBEROS_OID = "1.2.840.113554.1.2.2"; 046 047 /** 048 * @since 4.4 049 */ 050 public KerberosScheme(final boolean stripPort, final boolean useCanonicalHostname) { 051 super(stripPort, useCanonicalHostname); 052 } 053 054 public KerberosScheme(final boolean stripPort) { 055 super(stripPort); 056 } 057 058 public KerberosScheme() { 059 super(); 060 } 061 062 @Override 063 public String getSchemeName() { 064 return "Kerberos"; 065 } 066 067 /** 068 * Produces KERBEROS authorization Header based on token created by 069 * processChallenge. 070 * 071 * @param credentials not used by the KERBEROS scheme. 072 * @param request The request being authenticated 073 * 074 * @throws AuthenticationException if authentication string cannot 075 * be generated due to an authentication failure 076 * 077 * @return KERBEROS authentication Header 078 */ 079 @Override 080 public Header authenticate( 081 final Credentials credentials, 082 final HttpRequest request, 083 final HttpContext context) throws AuthenticationException { 084 return super.authenticate(credentials, request, context); 085 } 086 087 @Override @SuppressWarnings("deprecation") 088 protected byte[] generateToken(final byte[] input, final String authServer) throws GSSException { 089 return super.generateToken(input, authServer); 090 } 091 092 @Override 093 protected byte[] generateToken(final byte[] input, final String authServer, final Credentials credentials) throws GSSException { 094 return generateGSSToken(input, new Oid(KERBEROS_OID), authServer, credentials); 095 } 096 097 /** 098 * There are no valid parameters for KERBEROS authentication so this 099 * method always returns {@code null}. 100 * 101 * @return {@code null} 102 */ 103 @Override 104 public String getParameter(final String name) { 105 Args.notNull(name, "Parameter name"); 106 return null; 107 } 108 109 /** 110 * The concept of an authentication realm is not supported by the Negotiate 111 * authentication scheme. Always returns {@code null}. 112 * 113 * @return {@code null} 114 */ 115 @Override 116 public String getRealm() { 117 return null; 118 } 119 120 /** 121 * Returns {@code true}. KERBEROS authentication scheme is connection based. 122 * 123 * @return {@code true}. 124 */ 125 @Override 126 public boolean isConnectionBased() { 127 return true; 128 } 129 130}