1. 包列表
  2. 类列表
  3. org.apache.http.impl.auth.SPNegoSchemeFactory

Java 类org.apache.http.impl.auth.SPNegoSchemeFactory 实例源码

项目:lams    文件:ProxyClient.java    
public ProxyClient(final HttpParams params) {
    super();
    if (params == null) {
        throw new IllegalArgumentException("HTTP parameters may not be null");
    }
    this.httpProcessor = new ImmutableHttpProcessor(new HttpRequestInterceptor[] {
            new RequestContent(),
            new RequestTargetHost(),
            new RequestClientConnControl(),
            new RequestUserAgent(),
            new RequestProxyAuthentication()
    } );
    this.requestExec = new HttpRequestExecutor();
    this.proxyAuthStrategy = new ProxyAuthenticationStrategy();
    this.authenticator = new HttpAuthenticator();
    this.proxyAuthState = new AuthState();
    this.authSchemeRegistry = new AuthSchemeRegistry();
    this.authSchemeRegistry.register(AuthPolicy.BASIC, new BasicSchemeFactory());
    this.authSchemeRegistry.register(AuthPolicy.DIGEST, new DigestSchemeFactory());
    this.authSchemeRegistry.register(AuthPolicy.NTLM, new NTLMSchemeFactory());
    this.authSchemeRegistry.register(AuthPolicy.SPNEGO, new SPNegoSchemeFactory());
    this.authSchemeRegistry.register(AuthPolicy.KERBEROS, new KerberosSchemeFactory());
    this.reuseStrategy = new DefaultConnectionReuseStrategy();
    this.params = params;
}
项目:lams    文件:AbstractHttpClient.java    
protected AuthSchemeRegistry createAuthSchemeRegistry() {
    AuthSchemeRegistry registry = new AuthSchemeRegistry();
    registry.register(
            AuthPolicy.BASIC,
            new BasicSchemeFactory());
    registry.register(
            AuthPolicy.DIGEST,
            new DigestSchemeFactory());
    registry.register(
            AuthPolicy.NTLM,
            new NTLMSchemeFactory());
    registry.register(
            AuthPolicy.SPNEGO,
            new SPNegoSchemeFactory());
    registry.register(
            AuthPolicy.KERBEROS,
            new KerberosSchemeFactory());
    return registry;
}
项目:hadoop    文件:AuthenticatorTestCase.java    
private SystemDefaultHttpClient getHttpClient() {
  final SystemDefaultHttpClient httpClient = new SystemDefaultHttpClient();
  httpClient.getAuthSchemes().register(AuthPolicy.SPNEGO, new SPNegoSchemeFactory(true));
   Credentials use_jaas_creds = new Credentials() {
     public String getPassword() {
       return null;
     }

     public Principal getUserPrincipal() {
       return null;
     }
   };

   httpClient.getCredentialsProvider().setCredentials(
     AuthScope.ANY, use_jaas_creds);
   return httpClient;
}
项目:aliyun-oss-hadoop-fs    文件:AuthenticatorTestCase.java    
private SystemDefaultHttpClient getHttpClient() {
  final SystemDefaultHttpClient httpClient = new SystemDefaultHttpClient();
  httpClient.getAuthSchemes().register(AuthPolicy.SPNEGO, new SPNegoSchemeFactory(true));
   Credentials use_jaas_creds = new Credentials() {
     public String getPassword() {
       return null;
     }

     public Principal getUserPrincipal() {
       return null;
     }
   };

   httpClient.getCredentialsProvider().setCredentials(
     AuthScope.ANY, use_jaas_creds);
   return httpClient;
}
项目:big-c    文件:AuthenticatorTestCase.java    
private SystemDefaultHttpClient getHttpClient() {
  final SystemDefaultHttpClient httpClient = new SystemDefaultHttpClient();
  httpClient.getAuthSchemes().register(AuthPolicy.SPNEGO, new SPNegoSchemeFactory(true));
   Credentials use_jaas_creds = new Credentials() {
     public String getPassword() {
       return null;
     }

     public Principal getUserPrincipal() {
       return null;
     }
   };

   httpClient.getCredentialsProvider().setCredentials(
     AuthScope.ANY, use_jaas_creds);
   return httpClient;
}
项目:registry    文件:AuthenticatorTestCase.java    
private SystemDefaultHttpClient getHttpClient() {
    final SystemDefaultHttpClient httpClient = new SystemDefaultHttpClient();
    httpClient.getAuthSchemes().register(AuthPolicy.SPNEGO, new SPNegoSchemeFactory(true));
    Credentials use_jaas_creds = new Credentials() {
        public String getPassword() {
            return null;
        }

        public Principal getUserPrincipal() {
            return null;
        }
    };

    httpClient.getCredentialsProvider().setCredentials(
            AuthScope.ANY, use_jaas_creds);
    return httpClient;
}
项目:purecloud-iot    文件:AbstractHttpClient.java    
protected AuthSchemeRegistry createAuthSchemeRegistry() {
    final AuthSchemeRegistry registry = new AuthSchemeRegistry();
    registry.register(
            AuthPolicy.BASIC,
            new BasicSchemeFactory());
    registry.register(
            AuthPolicy.DIGEST,
            new DigestSchemeFactory());
    registry.register(
            AuthPolicy.NTLM,
            new NTLMSchemeFactory());
    registry.register(
            AuthPolicy.SPNEGO,
            new SPNegoSchemeFactory());
    registry.register(
            AuthPolicy.KERBEROS,
            new KerberosSchemeFactory());
    return registry;
}
项目:purecloud-iot    文件:ProxyClient.java    
/**
 * @since 4.3
 */
public ProxyClient(
        final HttpConnectionFactory<HttpRoute, ManagedHttpClientConnection> connFactory,
        final ConnectionConfig connectionConfig,
        final RequestConfig requestConfig) {
    super();
    this.connFactory = connFactory != null ? connFactory : ManagedHttpClientConnectionFactory.INSTANCE;
    this.connectionConfig = connectionConfig != null ? connectionConfig : ConnectionConfig.DEFAULT;
    this.requestConfig = requestConfig != null ? requestConfig : RequestConfig.DEFAULT;
    this.httpProcessor = new ImmutableHttpProcessor(
            new RequestTargetHost(), new RequestClientConnControl(), new RequestUserAgent());
    this.requestExec = new HttpRequestExecutor();
    this.proxyAuthStrategy = new ProxyAuthenticationStrategy();
    this.authenticator = new HttpAuthenticator();
    this.proxyAuthState = new AuthState();
    this.authSchemeRegistry = new AuthSchemeRegistry();
    this.authSchemeRegistry.register(AuthSchemes.BASIC, new BasicSchemeFactory());
    this.authSchemeRegistry.register(AuthSchemes.DIGEST, new DigestSchemeFactory());
    this.authSchemeRegistry.register(AuthSchemes.NTLM, new NTLMSchemeFactory());
    this.authSchemeRegistry.register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory());
    this.authSchemeRegistry.register(AuthSchemes.KERBEROS, new KerberosSchemeFactory());
    this.reuseStrategy = new DefaultConnectionReuseStrategy();
}
项目:binjr    文件:HttpClientKerberosDoAS.java    
private HttpClient getHttpClient() {

        Credentials use_jaas_creds = new Credentials() {
            public String getPassword() {
                return null;
            }

            public Principal getUserPrincipal() {
                return null;
            }
        };

        CredentialsProvider credsProvider = new BasicCredentialsProvider();
        credsProvider.setCredentials(new AuthScope(null, -1, null), use_jaas_creds);
        Registry<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create().register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true)).build();
        CloseableHttpClient httpclient = HttpClients.custom().setDefaultAuthSchemeRegistry(authSchemeRegistry).setDefaultCredentialsProvider(credsProvider).build();

        return httpclient;
    }
项目:hadoop-2.6.0-cdh5.4.3    文件:AuthenticatorTestCase.java    
private SystemDefaultHttpClient getHttpClient() {
  final SystemDefaultHttpClient httpClient = new SystemDefaultHttpClient();
  httpClient.getAuthSchemes().register(AuthPolicy.SPNEGO, new SPNegoSchemeFactory(true));
   Credentials use_jaas_creds = new Credentials() {
     public String getPassword() {
       return null;
     }

     public Principal getUserPrincipal() {
       return null;
     }
   };

   httpClient.getCredentialsProvider().setCredentials(
     AuthScope.ANY, use_jaas_creds);
   return httpClient;
}
项目:elasticsearch-shield-kerberos-realm    文件:AbstractUnitTest.java    
protected final CloseableHttpClient getHttpClient(final boolean useSpnego) throws Exception {

        final CredentialsProvider credsProvider = new BasicCredentialsProvider();
        final HttpClientBuilder hcb = HttpClients.custom();

        if (useSpnego) {
            //SPNEGO/Kerberos setup
            log.debug("SPNEGO activated");
            final AuthSchemeProvider nsf = new SPNegoSchemeFactory(true);//  new NegotiateSchemeProvider();
            final Credentials jaasCreds = new JaasCredentials();
            credsProvider.setCredentials(new AuthScope(null, -1, null, AuthSchemes.SPNEGO), jaasCreds);
            credsProvider.setCredentials(new AuthScope(null, -1, null, AuthSchemes.NTLM), new NTCredentials("Guest", "Guest", "Guest",
                    "Guest"));
            final Registry<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider> create()
                    .register(AuthSchemes.SPNEGO, nsf).register(AuthSchemes.NTLM, new NTLMSchemeFactory()).build();

            hcb.setDefaultAuthSchemeRegistry(authSchemeRegistry);
        }

        hcb.setDefaultCredentialsProvider(credsProvider);
        hcb.setDefaultSocketConfig(SocketConfig.custom().setSoTimeout(10 * 1000).build());
        final CloseableHttpClient httpClient = hcb.build();
        return httpClient;
    }
项目:hops    文件:AuthenticatorTestCase.java    
private SystemDefaultHttpClient getHttpClient() {
  final SystemDefaultHttpClient httpClient = new SystemDefaultHttpClient();
  httpClient.getAuthSchemes().register(AuthPolicy.SPNEGO, new SPNegoSchemeFactory(true));
   Credentials use_jaas_creds = new Credentials() {
     public String getPassword() {
       return null;
     }

     public Principal getUserPrincipal() {
       return null;
     }
   };

   httpClient.getCredentialsProvider().setCredentials(
     AuthScope.ANY, use_jaas_creds);
   return httpClient;
}
项目:ARCLib    文件:SpnegoHelper.java    
public static void addSpnego(HttpClientBuilder clientBuilder) {
    //Add spnego http header processor
    Lookup<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider> create()
            .register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true)).build();
    clientBuilder.setDefaultAuthSchemeRegistry(authSchemeRegistry);
    //There has to be at least this dummy credentials provider or apache http client gives up
    BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();
    credentialsProvider.setCredentials(new AuthScope(null, -1, null), new NullCredentials());
    clientBuilder.setDefaultCredentialsProvider(credentialsProvider);
}
项目:calcite-avatica    文件:AvaticaCommonsHttpClientSpnegoImpl.java    
/**
 * Constructs an HTTP client with user specified by the given credentials.
 *
 * @param url The URL for the Avatica server
 * @param credential The GSS credentials
 */
public AvaticaCommonsHttpClientSpnegoImpl(URL url, GSSCredential credential) {
  this.url = Objects.requireNonNull(url);

  pool = new PoolingHttpClientConnectionManager();
  // Increase max total connection to 100
  final String maxCnxns =
      System.getProperty(CACHED_CONNECTIONS_MAX_KEY, CACHED_CONNECTIONS_MAX_DEFAULT);
  pool.setMaxTotal(Integer.parseInt(maxCnxns));
  // Increase default max connection per route to 25
  final String maxCnxnsPerRoute = System.getProperty(CACHED_CONNECTIONS_MAX_PER_ROUTE_KEY,
      CACHED_CONNECTIONS_MAX_PER_ROUTE_DEFAULT);
  pool.setDefaultMaxPerRoute(Integer.parseInt(maxCnxnsPerRoute));

  this.host = new HttpHost(url.getHost(), url.getPort());

  this.authRegistry = RegistryBuilder.<AuthSchemeProvider>create().register(AuthSchemes.SPNEGO,
      new SPNegoSchemeFactory(STRIP_PORT_ON_SERVER_LOOKUP, USE_CANONICAL_HOSTNAME)).build();

  this.credentialsProvider = new BasicCredentialsProvider();
  if (null != credential) {
    // Non-null credential should be used directly with KerberosCredentials.
    this.credentialsProvider.setCredentials(AuthScope.ANY, new KerberosCredentials(credential));
  } else {
    // A null credential implies that the user is logged in via JAAS using the
    // java.security.auth.login.config system property
    this.credentialsProvider.setCredentials(AuthScope.ANY, EmptyCredentials.INSTANCE);
  }

  this.authCache = new BasicAuthCache();

  // A single thread-safe HttpClient, pooling connections via the ConnectionManager
  this.client = HttpClients.custom()
      .setDefaultAuthSchemeRegistry(authRegistry)
      .setConnectionManager(pool).build();
}
项目:ibm-bpm-rest-client    文件:KerberosBpmClient.java    
private KerberosHttpClient(String user, String password, String domain, String kdc) {
    try {
        File krb5Config = createKrb5Configuration(domain, kdc);
        File loginConfig = createLoginConfiguration();

        System.setProperty("java.security.auth.login.config", loginConfig.toURI().toString());
        System.setProperty("java.security.krb5.conf", krb5Config.toURI().toString());
        System.setProperty("sun.security.krb5.debug", "false");
        //Change this property to true, if you want debug output.
        System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");

        RegistryBuilder<AuthSchemeProvider> registryBuilder = RegistryBuilder.create();
        String id = AuthSchemes.SPNEGO;
        SPNegoSchemeFactory schemeFactory = new SPNegoSchemeFactory(SKIP_PORT_AT_KERBEROS_DATABASE_LOOKUP);
        Lookup<AuthSchemeProvider> authSchemeRegistry = registryBuilder.register(id, schemeFactory).build();

        client = HttpClients.custom().setDefaultAuthSchemeRegistry(authSchemeRegistry)
                .setConnectionManager(createConnectionManager()).build();
        httpContext = getHttpContext();
        loginContext = getLoginContext(user, password);

        //without it, authentication will be failed.
        final Subject subject = loginContext.getSubject();
        final HttpGet get = new HttpGet(KerberosBpmClient.this.rootUri);
        Subject.doAs(subject, this.privilegedExecute(get, httpContext));
    } catch (Exception e) {
        logger.error("Can't create Kerberos client!");
        e.printStackTrace();
        throw new RuntimeException(e);
    }
}
项目:binjr    文件:HttpDataAdapterBase.java    
protected CloseableHttpClient httpClientFactory() throws CannotInitializeDataAdapterException {
    try {
        SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(
                createSslCustomContext(),
                null,
                null,
                SSLConnectionSocketFactory.getDefaultHostnameVerifier());
        RegistryBuilder<AuthSchemeProvider> schemeProviderBuilder = RegistryBuilder.create();
        schemeProviderBuilder.register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory());
        CredentialsProvider credsProvider = new BasicCredentialsProvider();
        credsProvider.setCredentials(
                new AuthScope(null, -1, null),
                new Credentials() {
                    @Override
                    public Principal getUserPrincipal() {
                        return null;
                    }

                    @Override
                    public String getPassword() {
                        return null;
                    }
                });

        return HttpClients.custom()
                .setDefaultAuthSchemeRegistry(schemeProviderBuilder.build())
                .setDefaultCredentialsProvider(credsProvider)
                .setSSLSocketFactory(csf)
                .build();
    } catch (IOException | UnrecoverableKeyException | CertificateException | NoSuchAlgorithmException | KeyStoreException | NoSuchProviderException | KeyManagementException e) {
        throw new CannotInitializeDataAdapterException("Could not initialize adapter to source '" + this.getSourceName() + "': " + e.getMessage(), e);
    }
}
项目:binjr    文件:ClientKerberosAuthentication.java    
public static void main(String[] args) throws Exception {

        System.setProperty("java.security.auth.login.config", ClientKerberosAuthentication.class.getResource("/jaas_login.conf").toExternalForm());
        System.setProperty("sun.security.krb5.debug", "true");
        System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");

        String targetUrl;
        if (args.length < 1) {
            throw new IllegalArgumentException("Please specify a target URL");
        }
        targetUrl = args[0];
        /* ***********************************************************************************************/
        RegistryBuilder<AuthSchemeProvider> schemeProviderBuilder = RegistryBuilder.create();
        schemeProviderBuilder.register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory());

        CredentialsProvider credsProvider = new BasicCredentialsProvider();
        credsProvider.setCredentials(
                new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, AuthScope.ANY_REALM),
                new Credentials() {
                    @Override
                    public Principal getUserPrincipal() {
                        System.out.print("Get principal!");
                        return null;
                    }

                    @Override
                    public String getPassword() {
                        System.out.print("Get pwd!");
                        return null;
                    }
                });

        CloseableHttpClient httpClient = HttpClients.custom()
                .setDefaultAuthSchemeRegistry(schemeProviderBuilder.build())
                .setDefaultCredentialsProvider(credsProvider)
                .build();

        doGet(httpClient, targetUrl);
        httpClient.close();
    }
项目:tempto    文件:SpnegoHttpRequestsExecutor.java    
private HttpContext createSpnegoAwareHttpContext()
{
    HttpClientContext httpContext = HttpClientContext.create();
    Lookup<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create()
            .register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true, useCanonicalHostname)).build();
    httpContext.setAuthSchemeRegistry(authSchemeRegistry);

    BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();
    credentialsProvider.setCredentials(new AuthScope(null, -1, null), new NullCredentials());
    httpContext.setCredentialsProvider(credentialsProvider);
    return httpContext;
}
项目:Pinot    文件:DataLoadTool.java    
private static HttpClient getHttpClient()
{
  Credentials use_jaas_creds = new Credentials()
  {
    public String getPassword()
    {
      return null;
    }

    public Principal getUserPrincipal()
    {
      return null;
    }
  };

  CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
  credentialsProvider.setCredentials(new AuthScope(null, -1, null), use_jaas_creds);

  Registry<AuthSchemeProvider> authSchemeRegistry
          = RegistryBuilder.<AuthSchemeProvider>create()
                           .register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true)).build();

  return HttpClients.custom()
                    .setDefaultAuthSchemeRegistry(authSchemeRegistry)
                    .setDefaultCredentialsProvider(credentialsProvider)
                    .build();
}
项目:datacollector    文件:SdcKrb5HttpClientConfigurer.java    
public static boolean setSPNegoAuth(DefaultHttpClient httpClient) {
  // Begin change for SDC-2962
  // Instead of checking existence of JAAS file, do the following if solr kerberos is enabled
  //String configValue = System.getProperty("java.security.auth.login.config");
  //if(configValue != null) {
    //logger.info("Setting up SPNego auth with config: " + configValue);
  // End change for SDC-2962
    String useSubjectCredsProp = "javax.security.auth.useSubjectCredsOnly";
    String useSubjectCredsVal = System.getProperty("javax.security.auth.useSubjectCredsOnly");
    if(useSubjectCredsVal == null) {
      System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
    } else if(!useSubjectCredsVal.toLowerCase(Locale.ROOT).equals("false")) {
      logger.warn("System Property: javax.security.auth.useSubjectCredsOnly set to: " + useSubjectCredsVal + " not false.  SPNego authentication may not be successful.");
    }

    // Change for SDC-2962
    //Configuration.setConfiguration(jaasConf);
    httpClient.getAuthSchemes().register("negotiate", new SPNegoSchemeFactory(true));
    Credentials use_jaas_creds = new Credentials() {
      public String getPassword() {
        return null;
      }

      public Principal getUserPrincipal() {
        return null;
      }
    };
    httpClient.getCredentialsProvider().setCredentials(AuthScope.ANY, use_jaas_creds);
    return true;
  /*} else {
    httpClient.getCredentialsProvider().clear();
    return false;
  }*/
}
项目:fiware-cygnus    文件:HttpClientFactory.java    
/**
 * Gets a HTTP client.
 * @param ssl True if SSL connections are desired. False otherwise
 * @param krb5Auth.
 * @return A http client obtained from the (SSL) Connections Manager.
 */
public DefaultHttpClient getHttpClient(boolean ssl, boolean krb5Auth) {
    DefaultHttpClient httpClient;

    if (ssl) {
        httpClient = new DefaultHttpClient(sslConnectionsManager);
    } else {
        httpClient = new DefaultHttpClient(connectionsManager);
    } // if else

    if (krb5Auth) {
        // http://stackoverflow.com/questions/21629132/httpclient-set-credentials-for-kerberos-authentication

        System.setProperty("java.security.auth.login.config", loginConfFile);
        System.setProperty("java.security.krb5.conf", krb5ConfFile);
        System.setProperty("sun.security.krb5.debug", "false");
        System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
        Credentials jaasCredentials = new Credentials() {

            @Override
            public String getPassword() {
                return null;
            } // getPassword

            @Override
            public Principal getUserPrincipal() {
                return null;
            } // getUserPrincipal

        };

        // 'true' means the port is stripped from the principal names
        SPNegoSchemeFactory spnegoSchemeFactory = new SPNegoSchemeFactory(true);
        httpClient.getAuthSchemes().register(AuthPolicy.SPNEGO, spnegoSchemeFactory);
        httpClient.getCredentialsProvider().setCredentials(new AuthScope(null, -1, null), jaasCredentials);
    } // if

    return httpClient;
}
项目:apache-jmeter-2.10    文件:AuthManager.java    
/**
 * Configure credentials and auth scheme on client if an authorization is 
 * available for url
 * @param client {@link HttpClient}
 * @param url URL to test 
 * @param credentialsProvider {@link CredentialsProvider}
 * @param localHost host running JMeter
 */
public void setupCredentials(HttpClient client, URL url,
        CredentialsProvider credentialsProvider, String localHost) {
    Authorization auth = getAuthForURL(url);
    if (auth != null) {
        String username = auth.getUser();
        String realm = auth.getRealm();
        String domain = auth.getDomain();
        if (log.isDebugEnabled()){
            log.debug(username + " > D="+domain+" R="+realm + " M="+auth.getMechanism());
        }
        if (Mechanism.KERBEROS.equals(auth.getMechanism())) {
            ((AbstractHttpClient) client).getAuthSchemes().register(AuthPolicy.SPNEGO, new SPNegoSchemeFactory(true));
            credentialsProvider.setCredentials(new AuthScope(null, -1, null), USE_JAAS_CREDENTIALS);
        } else {
            credentialsProvider.setCredentials(
                    new AuthScope(url.getHost(), url.getPort(), realm.length()==0 ? null : realm),
                    new NTCredentials(username, auth.getPass(), localHost, domain));
        }
    }
}
项目:Gw2InfoViewer    文件:ClientKerberosAuthentication.java    
public static void main(String[] args) throws Exception {

        System.setProperty("java.security.auth.login.config", "login.conf");
        System.setProperty("java.security.krb5.conf", "krb5.conf");
        System.setProperty("sun.security.krb5.debug", "true");
        System.setProperty("javax.security.auth.useSubjectCredsOnly","false");

        DefaultHttpClient httpclient = new DefaultHttpClient();
        try {
            httpclient.getAuthSchemes().register(AuthPolicy.SPNEGO, new SPNegoSchemeFactory());

            Credentials use_jaas_creds = new Credentials() {

                public String getPassword() {
                    return null;
                }

                public Principal getUserPrincipal() {
                    return null;
                }

            };

            httpclient.getCredentialsProvider().setCredentials(
                    new AuthScope(null, -1, null),
                    use_jaas_creds);

            HttpUriRequest request = new HttpGet("http://kerberoshost/");
            HttpResponse response = httpclient.execute(request);
            HttpEntity entity = response.getEntity();

            System.out.println("----------------------------------------");
            System.out.println(response.getStatusLine());
            System.out.println("----------------------------------------");
            if (entity != null) {
                System.out.println(EntityUtils.toString(entity));
            }
            System.out.println("----------------------------------------");

            // This ensures the connection gets released back to the manager
            EntityUtils.consume(entity);

        } finally {
            // When HttpClient instance is no longer needed,
            // shut down the connection manager to ensure
            // immediate deallocation of all system resources
            httpclient.getConnectionManager().shutdown();
        }
    }
项目:pentaho-kettle    文件:SessionConfigurator.java    
private Header spnegoAuthenticate( boolean stripPort, URI uri ) throws Exception {
  SPNegoSchemeFactory spNegoSchemeFactory = new SPNegoSchemeFactory( stripPort );
  // using newInstance method instead of create method to be compatible httpclient library from 4.2 to 4.5
  // the create method was introduced at version 4.3
  SPNegoScheme spNegoScheme = (SPNegoScheme) spNegoSchemeFactory.newInstance( null );
  spNegoScheme.processChallenge( AUTHENTICATE_HEADER );
  return spNegoScheme.authenticate( credentials, new HttpGet( "" ), getContext( uri ) );
}
项目:cyberduck    文件:HttpConnectionPoolBuilder.java    
/**
 * @param listener Log listener
 * @param prompt   Prompt for proxy credentials
 * @return Builder for HTTP client
 */
public HttpClientBuilder build(final TranscriptListener listener, final LoginCallback prompt) {
    final HttpClientBuilder configuration = HttpClients.custom();
    // Use HTTP Connect proxy implementation provided here instead of
    // relying on internal proxy support in socket factory
    final Proxy proxy = proxyFinder.find(host);
    switch(proxy.getType()) {
        case HTTP:
        case HTTPS:
            final HttpHost h = new HttpHost(proxy.getHostname(), proxy.getPort(), StringUtils.lowerCase(proxy.getType().name()));
            if(log.isInfoEnabled()) {
                log.info(String.format("Setup proxy %s", h));
            }
            configuration.setProxy(h);
            configuration.setProxyAuthenticationStrategy(new CallbackProxyAuthenticationStrategy(ProxyCredentialsStoreFactory.get(), host, prompt));
            break;
    }
    configuration.setUserAgent(new PreferencesUseragentProvider().get());
    final int timeout = preferences.getInteger("connection.timeout.seconds") * 1000;
    configuration.setDefaultSocketConfig(SocketConfig.custom()
        .setTcpNoDelay(true)
        .setSoTimeout(timeout)
        .build());
    configuration.setDefaultRequestConfig(this.createRequestConfig(timeout));
    final String encoding;
    if(null == host.getEncoding()) {
        encoding = preferences.getProperty("browser.charset.encoding");
    }
    else {
        encoding = host.getEncoding();
    }
    configuration.setDefaultConnectionConfig(ConnectionConfig.custom()
        .setBufferSize(preferences.getInteger("http.socket.buffer"))
        .setCharset(Charset.forName(encoding))
        .build());
    if(preferences.getBoolean("http.connections.reuse")) {
        configuration.setConnectionReuseStrategy(new DefaultClientConnectionReuseStrategy());
    }
    else {
        configuration.setConnectionReuseStrategy(new NoConnectionReuseStrategy());
    }
    configuration.setRetryHandler(new ExtendedHttpRequestRetryHandler(preferences.getInteger("http.connections.retry")));
    configuration.setServiceUnavailableRetryStrategy(new DisabledServiceUnavailableRetryStrategy());
    if(!preferences.getBoolean("http.compression.enable")) {
        configuration.disableContentCompression();
    }
    configuration.setRequestExecutor(new LoggingHttpRequestExecutor(listener));
    // Always register HTTP for possible use with proxy. Contains a number of protocol properties such as the
    // default port and the socket factory to be used to create the java.net.Socket instances for the given protocol
    configuration.setConnectionManager(this.createConnectionManager(this.createRegistry()));
    configuration.setDefaultAuthSchemeRegistry(RegistryBuilder.<AuthSchemeProvider>create()
        .register(AuthSchemes.BASIC, new BasicSchemeFactory(
            Charset.forName(preferences.getProperty("http.credentials.charset"))))
        .register(AuthSchemes.DIGEST, new DigestSchemeFactory(
            Charset.forName(preferences.getProperty("http.credentials.charset"))))
        .register(AuthSchemes.NTLM, new NTLMSchemeFactory())
        .register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory())
        .register(AuthSchemes.KERBEROS, new KerberosSchemeFactory()).build());
    return configuration;
}
项目:solr-hadoop-common    文件:FusionKrb5HttpClientConfigurer.java    
@SuppressWarnings("deprecation")
public void configure(org.apache.http.impl.client.DefaultHttpClient httpClient, SolrParams config) {
  super.configure(httpClient, config);
  if (System.getProperty(FUSION_LOGIN_CONFIG) != null) {
    String configValue = System.getProperty(FUSION_LOGIN_CONFIG);
    if (configValue != null) {
      logger.debug("Setting up kerberos auth with config: " + configValue);
      System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
      if (fusionPrincipal != null) {
        Subject subject = new Subject(false, Sets.newHashSet(new KerberosPrincipal(fusionPrincipal)),
            Collections.emptySet(), Collections.emptySet());
        LoginContext loginContext;
        try {
          loginContext = new LoginContext("", subject, null, jaasConfig);
          loginContext.login();
          logger.debug("Successful Fusion Login with principal: " + fusionPrincipal);
        } catch (LoginException e) {
          String errorMessage = "Unsuccessful Fusion Login with principal: " + fusionPrincipal;
          logger.error(errorMessage, e);
          throw new RuntimeException(errorMessage, e);
        }
      }

      Configuration.setConfiguration(jaasConfig);
      httpClient.getAuthSchemes().register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true, false));
      Credentials useJaasCreds = new Credentials() {
        public String getPassword() {
          return null;
        }

        public Principal getUserPrincipal() {
          return null;
        }
      };
      httpClient.getCredentialsProvider().setCredentials(AuthScope.ANY, useJaasCreds);
      httpClient.addRequestInterceptor(this.bufferedEntityInterceptor);
    } else {
      httpClient.getCredentialsProvider().clear();
    }
  }
}
项目:storm-solr    文件:FusionKrb5HttpClientConfigurer.java    
public void configure(DefaultHttpClient httpClient, SolrParams config) {
  super.configure(httpClient, config);
  if (System.getProperty(LOGIN_CONFIG_PROP) != null) {
    String configValue = System.getProperty(LOGIN_CONFIG_PROP);
    if (configValue != null) {
      logger.debug("Setting up kerberos auth with config: " + configValue);
      System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");

      if (fusionPrincipal != null) {
        Subject subject = new Subject(false, Sets.newHashSet(new KerberosPrincipal(fusionPrincipal)),
            Collections.emptySet(), Collections.emptySet());
        LoginContext loginContext;
        try {
          loginContext = new LoginContext("", subject, null, jaasConfig);
          loginContext.login();
          logger.debug("Successful Fusion Login with principal: " + fusionPrincipal);
        } catch (LoginException e) {
          String errorMessage = "Unsuccessful Fusion Login with principal: " + fusionPrincipal;
          logger.error(errorMessage, e);
          throw new RuntimeException(errorMessage, e);
        }
      }

      Configuration.setConfiguration(jaasConfig);
      httpClient.getAuthSchemes().register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true, false));
      Credentials useJaasCreds = new Credentials() {
        public String getPassword() {
          return null;
        }

        public Principal getUserPrincipal() {
          return null;
        }
      };
      httpClient.getCredentialsProvider().setCredentials(AuthScope.ANY, useJaasCreds);
      httpClient.addRequestInterceptor(this.bufferedEntityInterceptor);
    } else {
      httpClient.getCredentialsProvider().clear();
    }
  }
}
项目:armor    文件:AbstractUnitTest.java    
protected final HeaderAwareJestHttpClient getJestClient(final String serverUri, final String username, final String password)
        throws Exception {// http://hc.apache.org/httpcomponents-client-ga/tutorial/html/authentication.html

    final CredentialsProvider credsProvider = new BasicCredentialsProvider();

    final HttpClientConfig clientConfig1 = new HttpClientConfig.Builder(serverUri).multiThreaded(true).build();

    // Construct a new Jest client according to configuration via factory
    final HeaderAwareJestClientFactory factory1 = new HeaderAwareJestClientFactory();

    factory1.setHttpClientConfig(clientConfig1);

    final HeaderAwareJestHttpClient c = factory1.getObject();

    final HttpClientBuilder hcb = HttpClients.custom();

    if (username != null) {
        credsProvider.setCredentials(new AuthScope(AuthScope.ANY), new UsernamePasswordCredentials(username, password));
    }

    if (useSpnego) {
        //SPNEGO/Kerberos setup
        log.debug("SPNEGO activated");
        final AuthSchemeProvider nsf = new SPNegoSchemeFactory(true,false);//  new NegotiateSchemeProvider();
        final Credentials jaasCreds = new JaasCredentials();
        credsProvider.setCredentials(new AuthScope(null, -1, null, AuthSchemes.SPNEGO), jaasCreds);
        credsProvider.setCredentials(new AuthScope(null, -1, null, AuthSchemes.NTLM), new NTCredentials("Guest", "Guest", "Guest",
                "Guest"));
        final Registry<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create()
                .register(AuthSchemes.SPNEGO, nsf).register(AuthSchemes.NTLM, new NTLMSchemeFactory()).build();

        hcb.setDefaultAuthSchemeRegistry(authSchemeRegistry);
    }

    hcb.setDefaultCredentialsProvider(credsProvider);

    if (serverUri.startsWith("https")) {
        log.debug("Configure Jest with SSL");

        final KeyStore myTrustStore = KeyStore.getInstance("JKS");
        myTrustStore.load(new FileInputStream(SecurityUtil.getAbsoluteFilePathFromClassPath("ArmorTS.jks")),
                "changeit".toCharArray());

        final KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(new FileInputStream(SecurityUtil.getAbsoluteFilePathFromClassPath("ArmorKS.jks")), "changeit".toCharArray());

        final SSLContext sslContext = SSLContexts.custom().useTLS().loadKeyMaterial(keyStore, "changeit".toCharArray())
                .loadTrustMaterial(myTrustStore).build();

        String[] protocols = null;

        if (enableSSLv3Only) {
            protocols = new String[]{"SSLv3"};
        } else {
            protocols = SecurityUtil.ENABLED_SSL_PROTOCOLS;
        }

        final SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, protocols,
                SecurityUtil.ENABLED_SSL_CIPHERS, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

        hcb.setSSLSocketFactory(sslsf);

    }

    hcb.setDefaultSocketConfig(SocketConfig.custom().setSoTimeout(60 * 1000).build());

    final CloseableHttpClient httpClient = hcb.build();

    c.setHttpClient(httpClient);
    return c;

}
项目:WhereHows    文件:HadoopJobHistoryNodeExtractor.java    
/**
 * Use HTTPClient to connect to Hadoop job history server.
 * Need to set the environment for kerberos, keytab...
 * @param prop
 * @throws Exception
 */
public HadoopJobHistoryNodeExtractor(Properties prop)
  throws Exception {
  this.serverURL = prop.getProperty(Constant.AZ_HADOOP_JOBHISTORY_KEY);

  String CURRENT_DIR = System.getProperty("user.dir");
  String WHZ_KRB5_DIR = System.getenv("WHZ_KRB5_DIR");
  String APP_HOME = System.getenv("APP_HOME");
  String USER_HOME = System.getenv("HOME") + "/.kerberos";

  String[] searchPath = new String[]{CURRENT_DIR, WHZ_KRB5_DIR, APP_HOME, USER_HOME, "/etc"};

  System.setProperty("java.security.auth.login.config", findFileInSearchPath(searchPath, "gss-jaas.conf"));
  System.setProperty("java.security.krb5.conf", findFileInSearchPath(searchPath, "krb5.conf"));

  if (System.getProperty("java.security.auth.login.config") == null
    || System.getProperty("java.security.krb5.conf") == null) {
    log.warn("Can't find Java security config [krb5.conf, gss-jass.conf] for Kerberos! Trying other authentication methods...");
  }

  if (log.isTraceEnabled()) {
    System.setProperty("sun.security.krb5.debug", "true");
  } else {
    System.setProperty("sun.security.krb5.debug", "false");
  }
  System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");

  System.setProperty("java.security.krb5.realm", prop.getProperty(Constant.KRB5_REALM));
  System.setProperty("java.security.krb5.kdc", prop.getProperty(Constant.KRB5_KDC));

  PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager();
  cm.setMaxTotal(200);
  cm.setDefaultMaxPerRoute(100);

  CredentialsProvider credsProvider = new BasicCredentialsProvider();
  credsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("DUMMY", null));

  Lookup<AuthSchemeProvider> authRegistry =
    RegistryBuilder.<AuthSchemeProvider>create()
      .register(AuthSchemes.BASIC, new BasicSchemeFactory())
      .register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory())
      .register(AuthSchemes.KERBEROS, new KerberosSchemeFactory()).build();

  httpClient =
    HttpClients.custom().setDefaultCredentialsProvider(credsProvider).setDefaultAuthSchemeRegistry(authRegistry)
      .setConnectionManager(cm).build();
}
项目:datacollector    文件:SdcKrb5HttpClientConfigurer.java    
public void configure(DefaultHttpClient httpClient, SolrParams config) {
  super.configure(httpClient, config);

  // Begin change for SDC-2962
  // Instead of checking existence of JAAS file, do the following if solr kerberos is enabled
  //if (System.getProperty(LOGIN_CONFIG_PROP) != null) {
    //String configValue = System.getProperty(LOGIN_CONFIG_PROP);

    //if (configValue != null) {
     // logger.info("Setting up SPNego auth with config: " + configValue);
      final String useSubjectCredsProp = "javax.security.auth.useSubjectCredsOnly";
      String useSubjectCredsVal = System.getProperty(useSubjectCredsProp);

      // "javax.security.auth.useSubjectCredsOnly" should be false so that the underlying
      // authentication mechanism can load the credentials from the JAAS configuration.
      if (useSubjectCredsVal == null) {
        System.setProperty(useSubjectCredsProp, "false");
      }
      else if (!useSubjectCredsVal.toLowerCase(Locale.ROOT).equals("false")) {
        // Don't overwrite the prop value if it's already been written to something else,
        // but log because it is likely the Credentials won't be loaded correctly.
        logger.warn("System Property: " + useSubjectCredsProp + " set to: " + useSubjectCredsVal
            + " not false.  SPNego authentication may not be successful.");
      }

      // Change for SDC-2962
      //javax.security.auth.login.Configuration.setConfiguration(jaasConfig);
      //Enable only SPNEGO authentication scheme.
      AuthSchemeRegistry registry = new AuthSchemeRegistry();
      registry.register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true, false));
      httpClient.setAuthSchemes(registry);
      // Get the credentials from the JAAS configuration rather than here
      Credentials useJaasCreds = new Credentials() {
        public String getPassword() {
          return null;
        }
        public Principal getUserPrincipal() {
          return null;
        }
      };

      SolrPortAwareCookieSpecFactory cookieFactory = new SolrPortAwareCookieSpecFactory();
      httpClient.getCookieSpecs().register(cookieFactory.POLICY_NAME, cookieFactory);
      httpClient.getParams().setParameter(ClientPNames.COOKIE_POLICY, cookieFactory.POLICY_NAME);

      httpClient.getCredentialsProvider().setCredentials(AuthScope.ANY, useJaasCreds);

      httpClient.addRequestInterceptor(bufferedEntityInterceptor);
    //} else {
      //httpClient.getCredentialsProvider().clear();
    //}
 // }
}
项目:hbase    文件:TestSpnegoHttpServer.java    
@Test
public void testAllowedClient() throws Exception {
  // Create the subject for the client
  final Subject clientSubject = JaasKrbUtil.loginUsingKeytab(CLIENT_PRINCIPAL, clientKeytab);
  final Set<Principal> clientPrincipals = clientSubject.getPrincipals();
  // Make sure the subject has a principal
  assertFalse(clientPrincipals.isEmpty());

  // Get a TGT for the subject (might have many, different encryption types). The first should
  // be the default encryption type.
  Set<KerberosTicket> privateCredentials =
          clientSubject.getPrivateCredentials(KerberosTicket.class);
  assertFalse(privateCredentials.isEmpty());
  KerberosTicket tgt = privateCredentials.iterator().next();
  assertNotNull(tgt);

  // The name of the principal
  final String principalName = clientPrincipals.iterator().next().getName();

  // Run this code, logged in as the subject (the client)
  HttpResponse resp = Subject.doAs(clientSubject,
      new PrivilegedExceptionAction<HttpResponse>() {
    @Override
    public HttpResponse run() throws Exception {
      // Logs in with Kerberos via GSS
      GSSManager gssManager = GSSManager.getInstance();
      // jGSS Kerberos login constant
      Oid oid = new Oid("1.2.840.113554.1.2.2");
      GSSName gssClient = gssManager.createName(principalName, GSSName.NT_USER_NAME);
      GSSCredential credential = gssManager.createCredential(gssClient,
          GSSCredential.DEFAULT_LIFETIME, oid, GSSCredential.INITIATE_ONLY);

      HttpClientContext context = HttpClientContext.create();
      Lookup<AuthSchemeProvider> authRegistry = RegistryBuilder.<AuthSchemeProvider>create()
          .register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true, true))
          .build();

      HttpClient client = HttpClients.custom().setDefaultAuthSchemeRegistry(authRegistry).build();
      BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();
      credentialsProvider.setCredentials(AuthScope.ANY, new KerberosCredentials(credential));

      URL url = new URL(getServerURL(server), "/echo?a=b");
      context.setTargetHost(new HttpHost(url.getHost(), url.getPort()));
      context.setCredentialsProvider(credentialsProvider);
      context.setAuthSchemeRegistry(authRegistry);

      HttpGet get = new HttpGet(url.toURI());
      return client.execute(get, context);
    }
  });

  assertNotNull(resp);
  assertEquals(HttpURLConnection.HTTP_OK, resp.getStatusLine().getStatusCode());
  assertEquals("a:b", EntityUtils.toString(resp.getEntity()).trim());
}
项目:fiware-cosmos-ambari    文件:AppCookieManager.java    
/**
 * Returns hadoop.auth cookie, doing needed SPNego authentication
 * 
 * @param endpoint
 *          the URL of the Hadoop service
 * @param refresh
 *          flag indicating wehther to refresh the cookie, if
 *          <code>true</code>, we do a new SPNego authentication and refresh
 *          the cookie even if the cookie already exists in local cache
 * @return hadoop.auth cookie value
 * @throws IOException
 *           in case of problem getting hadoop.auth cookie
 */
public String getAppCookie(String endpoint, boolean refresh)
    throws IOException {

  HttpUriRequest outboundRequest = new HttpGet(endpoint);
  URI uri = outboundRequest.getURI();
  String scheme = uri.getScheme();
  String host = uri.getHost();
  int port = uri.getPort();
  String path = uri.getPath();
  if (!refresh) {
    String appCookie = endpointCookieMap.get(endpoint);
    if (appCookie != null) {
      return appCookie;
    }
  }

  clearAppCookie(endpoint);

  DefaultHttpClient client = new DefaultHttpClient();
  SPNegoSchemeFactory spNegoSF = new SPNegoSchemeFactory(/* stripPort */true);
  // spNegoSF.setSpengoGenerator(new BouncySpnegoTokenGenerator());
  client.getAuthSchemes().register(AuthPolicy.SPNEGO, spNegoSF);
  client.getCredentialsProvider().setCredentials(
      new AuthScope(/* host */null, /* port */-1, /* realm */null),
      EMPTY_JAAS_CREDENTIALS);

  String hadoopAuthCookie = null;
  HttpResponse httpResponse = null;
  try {
    HttpHost httpHost = new HttpHost(host, port, scheme);
    HttpRequest httpRequest = new HttpOptions(path);
    httpResponse = client.execute(httpHost, httpRequest);
    Header[] headers = httpResponse.getHeaders(SET_COOKIE);
    hadoopAuthCookie = getHadoopAuthCookieValue(headers);
    if (hadoopAuthCookie == null) {
      LOG.error("SPNego authentication failed, can not get hadoop.auth cookie for URL: " + endpoint);
      throw new IOException(
          "SPNego authentication failed, can not get hadoop.auth cookie");
    }
  } finally {
    if (httpResponse != null) {
      HttpEntity entity = httpResponse.getEntity();
      if (entity != null) {
        entity.getContent().close();
      }
    }

  }

  hadoopAuthCookie = HADOOP_AUTH_EQ + quote(hadoopAuthCookie);
  setAppCookie(endpoint, hadoopAuthCookie);
  if (LOG.isInfoEnabled()) {
    LOG.info("Successful SPNego authentication to URL:" + uri.toString());
  }
  return hadoopAuthCookie;
}
项目:byps    文件:AsfClient.java    
private static CloseableHttpClient internalCreateHttpClient() {
  if (log.isDebugEnabled()) log.debug("internalCreateHttpClient(");

  String maxConnStr = System.getProperty("http.maxConnections");
  int maxConnections = maxConnStr != null && maxConnStr.length() != 0 ? Integer.parseInt(maxConnStr) : 100;
  log.info("maxConnections=" + maxConnections);

  PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager();
  cm.setMaxTotal(maxConnections);
  cm.setDefaultMaxPerRoute(maxConnections);

  RegistryBuilder<AuthSchemeProvider> builder = RegistryBuilder.<AuthSchemeProvider>create();

  String authSchemasSystemProperty = System.getProperty(AsfClientFactory.SSO_AUTHENTICATION_SCHEMAS);
  log.info(AsfClientFactory.SSO_AUTHENTICATION_SCHEMAS + "=" + authSchemasSystemProperty);

  // Use special classes for Windows authentication schemas?
  if (isNTLMAuthenticationEnabled()) {

    // Service prinzipal name (DC name)
    String servicePrincipalName = System.getProperty(AsfClientFactory.SSO_AUTHENTICATION_SPN);
    log.info(AsfClientFactory.SSO_AUTHENTICATION_SPN + "=" + servicePrincipalName);

    // NTLM authentication works servicePrincipalName=null too.
    log.info("Register NTLM");
    builder.register(AuthSchemes.NTLM, new WindowsNTLMSchemeFactory(servicePrincipalName));

    // SPNEGO authentication works only with servicePrincipalName!=null in my test environment.
    if (servicePrincipalName != null && isSPNEGOAuthenticationEnabled()) 
    {
      log.info("Register SPNEGO (Negotiate)");
      builder.register(AuthSchemes.SPNEGO, new WindowsNegotiateSchemeFactory(servicePrincipalName));
    }
    else {
      log.info("For using SPNEGO (Negotiate), system property " + AsfClientFactory.SSO_AUTHENTICATION_SCHEMAS + " must include SPNEGO and " + AsfClientFactory.SSO_AUTHENTICATION_SPN + " must specify the FQN of an AD server.");
    }

  }
  else {
    // if the port does not match the kerberos database entry, skip it during the lookup
    log.info("Register SPNEGO (Negotate) over JAAS");
    boolean skipPortAtKerberosDatabaseLookup = true;
    builder.register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(skipPortAtKerberosDatabaseLookup));
    // SSO �ber SPNEGO/Kerberos funktioniert nur, wenn der Test unter einem Windows-Benutzerkonto l�uft, dass nicht lokaler Administrator ist.
  }

  log.info("Ignore WARN Authentication scheme Negotiate not supported."); 
  log.info("Ignore WARN Authentication scheme Basic not supported."); 

  Lookup<AuthSchemeProvider> authSchemeRegistry = builder.build();

  CloseableHttpClient httpclient = HttpClients.custom()
          .setConnectionManager(cm)
          .setDefaultAuthSchemeRegistry(authSchemeRegistry)
          .build();

  if (log.isDebugEnabled()) log.debug(")internalCreateHttpClient");
  return httpclient;
}
项目:LibraryH3lp-Transfer-Bot    文件:ClientKerberosAuthentication.java    
public static void main(String[] args) throws Exception {

        System.setProperty("java.security.auth.login.config", "login.conf");
        System.setProperty("java.security.krb5.conf", "krb5.conf");
        System.setProperty("sun.security.krb5.debug", "true");
        System.setProperty("javax.security.auth.useSubjectCredsOnly","false");

        DefaultHttpClient httpclient = new DefaultHttpClient();
        try {
            httpclient.getAuthSchemes().register(AuthPolicy.SPNEGO, new SPNegoSchemeFactory());

            Credentials use_jaas_creds = new Credentials() {

                public String getPassword() {
                    return null;
                }

                public Principal getUserPrincipal() {
                    return null;
                }

            };

            httpclient.getCredentialsProvider().setCredentials(
                    new AuthScope(null, -1, null),
                    use_jaas_creds);

            HttpUriRequest request = new HttpGet("http://kerberoshost/");
            HttpResponse response = httpclient.execute(request);
            HttpEntity entity = response.getEntity();

            System.out.println("----------------------------------------");
            System.out.println(response.getStatusLine());
            System.out.println("----------------------------------------");
            if (entity != null) {
                System.out.println(EntityUtils.toString(entity));
            }
            System.out.println("----------------------------------------");

            // This ensures the connection gets released back to the manager
            EntityUtils.consume(entity);

        } finally {
            // When HttpClient instance is no longer needed,
            // shut down the connection manager to ensure
            // immediate deallocation of all system resources
            httpclient.getConnectionManager().shutdown();
        }
    }