1
2
3
4
5
6
7
8
9
10
11
12
13 package com.eviware.soapui.impl.wsdl.submit.filters;
14
15 import java.io.IOException;
16
17 import org.apache.commons.httpclient.Credentials;
18 import org.apache.commons.httpclient.HttpClient;
19 import org.apache.commons.httpclient.HttpState;
20 import org.apache.commons.httpclient.NTCredentials;
21 import org.apache.commons.httpclient.UsernamePasswordCredentials;
22 import org.apache.commons.httpclient.auth.AuthScheme;
23 import org.apache.commons.httpclient.auth.AuthScope;
24 import org.apache.commons.httpclient.auth.CredentialsNotAvailableException;
25 import org.apache.commons.httpclient.auth.CredentialsProvider;
26 import org.apache.commons.httpclient.auth.NTLMScheme;
27 import org.apache.commons.httpclient.auth.RFC2617Scheme;
28 import org.apache.log4j.Logger;
29
30 import com.eviware.soapui.impl.wsdl.WsdlRequest;
31 import com.eviware.soapui.impl.wsdl.submit.transports.http.BaseHttpRequestTransport;
32 import com.eviware.soapui.impl.wsdl.submit.transports.http.TimeablePostMethod;
33 import com.eviware.soapui.model.iface.SubmitContext;
34 import com.eviware.soapui.model.propertyexpansion.PropertyExpansionUtils;
35 import com.eviware.soapui.model.settings.Settings;
36 import com.eviware.soapui.settings.HttpSettings;
37 import com.eviware.soapui.support.StringUtils;
38
39 /***
40 * RequestFilter for setting preemptive authentication and related credentials
41 */
42
43 public class HttpAuthenticationRequestFilter extends AbstractRequestFilter
44 {
45 public void filterRequest(SubmitContext context, WsdlRequest wsdlRequest)
46 {
47 String username = PropertyExpansionUtils.expandProperties( context, wsdlRequest.getUsername());
48
49
50 if( username == null || username.length() == 0 )
51 return;
52
53 Settings settings = wsdlRequest.getSettings();
54 String password = PropertyExpansionUtils.expandProperties( context, wsdlRequest.getPassword() );
55 String domain = PropertyExpansionUtils.expandProperties( context, wsdlRequest.getDomain() );
56
57 String wssPasswordType = wsdlRequest.getWssPasswordType();
58 if( StringUtils.isNullOrEmpty( wssPasswordType ))
59 {
60 initRequestCredentials( context, username, settings, password, domain );
61 }
62 }
63
64 public static void initRequestCredentials( SubmitContext context, String username, Settings settings, String password, String domain )
65 {
66 HttpClient httpClient = (HttpClient) context.getProperty( BaseHttpRequestTransport.HTTP_CLIENT );
67 TimeablePostMethod postMethod = (TimeablePostMethod) context.getProperty( BaseHttpRequestTransport.POST_METHOD );
68
69 if( StringUtils.isNullOrEmpty( username ) && StringUtils.isNullOrEmpty( password ))
70 {
71 httpClient.getParams().setAuthenticationPreemptive(false);
72 postMethod.setDoAuthentication( false );
73 }
74 else
75 {
76
77 if (settings.getBoolean(HttpSettings.AUTHENTICATE_PREEMPTIVELY))
78 {
79 httpClient.getParams().setAuthenticationPreemptive(true);
80 HttpState state = (HttpState) context.getProperty( SubmitContext.HTTP_STATE_PROPERTY );
81
82 if( state != null )
83 {
84 Credentials defaultcreds = new UsernamePasswordCredentials(username, password);
85 state.setCredentials(AuthScope.ANY, defaultcreds);
86 }
87 }
88 else
89 {
90 httpClient.getParams().setAuthenticationPreemptive(false);
91 }
92
93 postMethod.getParams().setParameter(CredentialsProvider.PROVIDER,
94 new UPDCredentialsProvider( username, password, domain ));
95
96 postMethod.setDoAuthentication(true);
97 }
98 }
99
100 public static class UPDCredentialsProvider implements CredentialsProvider
101 {
102 private boolean checkedCredentials;
103 private final static Logger logger = Logger.getLogger(WsdlRequestCredentialsProvider.class);
104 private final String username;
105 private final String password;
106 private final String domain;
107
108 public UPDCredentialsProvider(String username, String password, String domain)
109 {
110 this.username = username;
111 this.password = password;
112 this.domain = domain;
113 }
114
115 public Credentials getCredentials(final AuthScheme authscheme, final String host, int port, boolean proxy)
116 throws CredentialsNotAvailableException
117 {
118 if (checkedCredentials)
119 throw new CredentialsNotAvailableException("Missing valid credentials");
120
121 if (authscheme == null)
122 {
123 return null;
124 }
125 try
126 {
127 if (authscheme instanceof NTLMScheme)
128 {
129 logger.info(host + ":" + port + " requires Windows authentication");
130 return new NTCredentials(username, password, host, domain );
131 }
132 else if (authscheme instanceof RFC2617Scheme)
133 {
134 logger.info(host + ":" + port + " requires authentication with the realm '" + authscheme.getRealm() + "'");
135 return new UsernamePasswordCredentials(username, password);
136 }
137 else
138 {
139 throw new CredentialsNotAvailableException("Unsupported authentication scheme: "
140 + authscheme.getSchemeName());
141 }
142 }
143 catch (IOException e)
144 {
145 throw new CredentialsNotAvailableException(e.getMessage(), e);
146 }
147 finally
148 {
149 checkedCredentials = true;
150 }
151 }
152 }
153 }