001/* 002 * ==================================================================== 003 * Licensed to the Apache Software Foundation (ASF) under one 004 * or more contributor license agreements. See the NOTICE file 005 * distributed with this work for additional information 006 * regarding copyright ownership. The ASF licenses this file 007 * to you under the Apache License, Version 2.0 (the 008 * "License"); you may not use this file except in compliance 009 * with the License. You may obtain a copy of the License at 010 * 011 * http://www.apache.org/licenses/LICENSE-2.0 012 * 013 * Unless required by applicable law or agreed to in writing, 014 * software distributed under the License is distributed on an 015 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 016 * KIND, either express or implied. See the License for the 017 * specific language governing permissions and limitations 018 * under the License. 019 * ==================================================================== 020 * 021 * This software consists of voluntary contributions made by many 022 * individuals on behalf of the Apache Software Foundation. For more 023 * information on the Apache Software Foundation, please see 024 * <http://www.apache.org/>. 025 * 026 */ 027package org.apache.http.impl.auth; 028 029import org.apache.http.Header; 030import org.apache.http.HttpRequest; 031import org.apache.http.auth.AuthenticationException; 032import org.apache.http.auth.Credentials; 033import org.apache.http.protocol.HttpContext; 034import org.apache.http.util.Args; 035import org.ietf.jgss.GSSException; 036import org.ietf.jgss.Oid; 037 038/** 039 * SPNEGO (Simple and Protected GSSAPI Negotiation Mechanism) authentication 040 * scheme. 041 * 042 * @since 4.2 043 */ 044public class SPNegoScheme extends GGSSchemeBase { 045 046 private static final String SPNEGO_OID = "1.3.6.1.5.5.2"; 047 048 /** 049 * @since 4.4 050 */ 051 public SPNegoScheme(final boolean stripPort, final boolean useCanonicalHostname) { 052 super(stripPort, useCanonicalHostname); 053 } 054 055 public SPNegoScheme(final boolean stripPort) { 056 super(stripPort); 057 } 058 059 public SPNegoScheme() { 060 super(); 061 } 062 063 @Override 064 public String getSchemeName() { 065 return "Negotiate"; 066 } 067 068 /** 069 * Produces SPNEGO authorization Header based on token created by 070 * processChallenge. 071 * 072 * @param credentials not used by the SPNEGO scheme. 073 * @param request The request being authenticated 074 * 075 * @throws AuthenticationException if authentication string cannot 076 * be generated due to an authentication failure 077 * 078 * @return SPNEGO authentication Header 079 */ 080 @Override 081 public Header authenticate( 082 final Credentials credentials, 083 final HttpRequest request, 084 final HttpContext context) throws AuthenticationException { 085 return super.authenticate(credentials, request, context); 086 } 087 088 @Override @SuppressWarnings("deprecation") 089 protected byte[] generateToken(final byte[] input, final String authServer) throws GSSException { 090 return super.generateToken(input, authServer); 091 } 092 093 @Override 094 protected byte[] generateToken(final byte[] input, final String authServer, final Credentials credentials) throws GSSException { 095 return generateGSSToken(input, new Oid(SPNEGO_OID), authServer, credentials); 096 } 097 098 /** 099 * There are no valid parameters for SPNEGO authentication so this 100 * method always returns {@code null}. 101 * 102 * @return {@code null} 103 */ 104 @Override 105 public String getParameter(final String name) { 106 Args.notNull(name, "Parameter name"); 107 return null; 108 } 109 110 /** 111 * The concept of an authentication realm is not supported by the Negotiate 112 * authentication scheme. Always returns {@code null}. 113 * 114 * @return {@code null} 115 */ 116 @Override 117 public String getRealm() { 118 return null; 119 } 120 121 /** 122 * Returns {@code true}. SPNEGO authentication scheme is connection based. 123 * 124 * @return {@code true}. 125 */ 126 @Override 127 public boolean isConnectionBased() { 128 return true; 129 } 130 131}