Package org.apache.ivy.util.url

Source Code of org.apache.ivy.util.url.IvyAuthenticator

/*
*  Licensed to the Apache Software Foundation (ASF) under one or more
*  contributor license agreements.  See the NOTICE file distributed with
*  this work for additional information regarding copyright ownership.
*  The ASF licenses this file to You under the Apache License, Version 2.0
*  (the "License"); you may not use this file except in compliance with
*  the License.  You may obtain a copy of the License at
*
*      http://www.apache.org/licenses/LICENSE-2.0
*
*  Unless required by applicable law or agreed to in writing, software
*  distributed under the License is distributed on an "AS IS" BASIS,
*  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
*  See the License for the specific language governing permissions and
*  limitations under the License.
*
*/
package org.apache.ivy.util.url;

import java.lang.reflect.Field;
import java.lang.reflect.Method;
import java.net.Authenticator;
import java.net.PasswordAuthentication;

import org.apache.ivy.util.Credentials;
import org.apache.ivy.util.Message;

/**
*
*/
public final class IvyAuthenticator extends Authenticator {

    private Authenticator original;

    private static boolean securityWarningLogged = false;

    /**
     * Private c'tor to prevent instantiation.
     */
    private IvyAuthenticator(Authenticator original) {
        this.original = original;
    }

    /**
     * Installs an <tt>IvyAuthenticator</tt> as default <tt>Authenticator</tt>. Call this method
     * before opening HTTP(S) connections to enable Ivy authentication.
     */
    public static void install() {
        // We will try to use the original authenticator as backup authenticator.
        // Since there is no getter available, so try to use some reflection to
        // obtain it. If that doesn't work, assume there is no original authenticator
        Authenticator original = null;

        try {
            Field f = Authenticator.class.getDeclaredField("theAuthenticator");
            f.setAccessible(true);
            original = (Authenticator) f.get(null);
        } catch (Throwable t) {
            Message.debug("Error occurred while getting the original authenticator: "
                    + t.getMessage());
        }

        if (!(original instanceof IvyAuthenticator)) {
            try {
                Authenticator.setDefault(new IvyAuthenticator(original));
            } catch (SecurityException e) {
                if (!securityWarningLogged) {
                    securityWarningLogged = true;
                    Message.warn("Not enough permissions to set the IvyAuthenticator. "
                            + "HTTP(S) authentication will be disabled!");
                }
            }
        }
    }

    // API ******************************************************************

    // Overriding Authenticator *********************************************

    protected PasswordAuthentication getPasswordAuthentication() {
        PasswordAuthentication result = null;

        if (isProxyAuthentication()) {
            String proxyUser = System.getProperty("http.proxyUser");
            if ((proxyUser != null) && (proxyUser.trim().length() > 0)) {
                String proxyPass = System.getProperty("http.proxyPassword", "");
                Message.debug("authenicating to proxy server with username [" + proxyUser + "]");
                result = new PasswordAuthentication(proxyUser, proxyPass.toCharArray());
            }
        } else {
            Credentials c = CredentialsStore.INSTANCE.getCredentials(getRequestingPrompt(),
                getRequestingHost());
            Message.debug("authentication: k='"
                    + Credentials.buildKey(getRequestingPrompt(), getRequestingHost()) + "' c='"
                    + c + "'");
            if (c != null) {
                final String password = c.getPasswd() == null ? "" : c.getPasswd();
                result = new PasswordAuthentication(c.getUserName(), password.toCharArray());
            }
        }

        if ((result == null) && (original != null)) {
            Authenticator.setDefault(original);
            try {
                result = Authenticator.requestPasswordAuthentication(getRequestingHost(),
                    getRequestingSite(), getRequestingPort(), getRequestingProtocol(),
                    getRequestingPrompt(), getRequestingScheme());
            } finally {
                Authenticator.setDefault(this);
            }
        }

        return result;
    }

    /**
     * Checks if the current authentication request is for the proxy server. This functionality is
     * not available in JDK1.4, so we check this in a very dirty way which is probably not very
     * portable, but will work for the SUN 1.4 JDKs.
     *
     * @return
     */
    private boolean isProxyAuthentication() {
        try {
            // we first try to invoke the getRequestorType() method which is a JDK1.5+ method
            Method m = Authenticator.class.getDeclaredMethod("getRequestorType", null);
            Object result = m.invoke(this, null);
            return "PROXY".equals(String.valueOf(result));
        } catch (NoSuchMethodException e) {
            // do nothing, this is a JDK1.5+ method
        } catch (Throwable t) {
            Message.debug("Error occurred while checking if the authentication request is for the proxy server: "
                    + t.getMessage());
        }

        // now we will do something very dirty and analyse the stack trace to see
        // if this method is called from within the 'getHttpProxyAuthentication' method
        // or the 'getServerAuthentication' method which are both part of the
        // sun.net.www.protocol.http.HttpURLConnection class.
        // This might not work on other 1.4 JVM's!
        // This code should be removed when Ivy requires JDK1.5+
        StackTraceElement[] stackTrace = (new Exception()).getStackTrace();
        for (int i = 0; i < stackTrace.length; i++) {
            if ("getHttpProxyAuthentication".equals(stackTrace[i].getMethodName())) {
                return true;
            }
            if ("getServerAuthentication".equals(stackTrace[i].getMethodName())) {
                return false;
            }
        }

        // fallback to the Ivy 2.2.0 behavior
        String proxyHost = System.getProperty("http.proxyHost");
        return getRequestingHost().equals(proxyHost);
    }

}
TOP

Related Classes of org.apache.ivy.util.url.IvyAuthenticator

TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.