1
2
3
4
5
6
7
8
9
10
11
12
13 package com.eviware.soapui.impl.wsdl.submit.filters;
14
15 import java.io.IOException;
16
17 import org.apache.commons.httpclient.Credentials;
18 import org.apache.commons.httpclient.HttpClient;
19 import org.apache.commons.httpclient.HttpMethod;
20 import org.apache.commons.httpclient.HttpState;
21 import org.apache.commons.httpclient.NTCredentials;
22 import org.apache.commons.httpclient.UsernamePasswordCredentials;
23 import org.apache.commons.httpclient.auth.AuthScheme;
24 import org.apache.commons.httpclient.auth.AuthScope;
25 import org.apache.commons.httpclient.auth.CredentialsNotAvailableException;
26 import org.apache.commons.httpclient.auth.CredentialsProvider;
27 import org.apache.commons.httpclient.auth.NTLMScheme;
28 import org.apache.commons.httpclient.auth.RFC2617Scheme;
29 import org.apache.log4j.Logger;
30
31 import com.eviware.soapui.impl.support.AbstractHttpRequest;
32 import com.eviware.soapui.impl.wsdl.WsdlRequest;
33 import com.eviware.soapui.impl.wsdl.submit.transports.http.BaseHttpRequestTransport;
34 import com.eviware.soapui.model.iface.SubmitContext;
35 import com.eviware.soapui.model.propertyexpansion.PropertyExpander;
36 import com.eviware.soapui.model.settings.Settings;
37 import com.eviware.soapui.settings.HttpSettings;
38 import com.eviware.soapui.support.StringUtils;
39
40 /***
41 * RequestFilter for setting preemptive authentication and related credentials
42 */
43
44 public class HttpAuthenticationRequestFilter extends AbstractRequestFilter
45 {
46 @Override
47 public void filterAbstractHttpRequest( SubmitContext context, AbstractHttpRequest<?> wsdlRequest )
48 {
49 String username = PropertyExpander.expandProperties( context, wsdlRequest.getUsername() );
50
51
52 if( username == null || username.length() == 0 )
53 return;
54
55 Settings settings = wsdlRequest.getSettings();
56 String password = PropertyExpander.expandProperties( context, wsdlRequest.getPassword() );
57 String domain = PropertyExpander.expandProperties( context, wsdlRequest.getDomain() );
58
59 String wssPasswordType = null;
60
61 if( wsdlRequest instanceof WsdlRequest )
62 {
63 wssPasswordType = PropertyExpander.expandProperties( context, ( ( WsdlRequest )wsdlRequest )
64 .getWssPasswordType() );
65 }
66
67 if( StringUtils.isNullOrEmpty( wssPasswordType ) )
68 {
69 initRequestCredentials( context, username, settings, password, domain );
70 }
71 }
72
73 public static void initRequestCredentials( SubmitContext context, String username, Settings settings,
74 String password, String domain )
75 {
76 HttpClient httpClient = ( HttpClient )context.getProperty( BaseHttpRequestTransport.HTTP_CLIENT );
77 HttpMethod httpMethod = ( HttpMethod )context.getProperty( BaseHttpRequestTransport.HTTP_METHOD );
78
79 if( StringUtils.isNullOrEmpty( username ) && StringUtils.isNullOrEmpty( password ) )
80 {
81 httpClient.getParams().setAuthenticationPreemptive( false );
82 httpMethod.setDoAuthentication( false );
83 }
84 else
85 {
86
87 if( settings.getBoolean( HttpSettings.AUTHENTICATE_PREEMPTIVELY ) )
88 {
89 httpClient.getParams().setAuthenticationPreemptive( true );
90 HttpState state = ( HttpState )context.getProperty( SubmitContext.HTTP_STATE_PROPERTY );
91
92 if( state != null )
93 {
94 Credentials defaultcreds = new UsernamePasswordCredentials( username, password == null ? "" : password );
95 state.setCredentials( AuthScope.ANY, defaultcreds );
96 }
97 }
98 else
99 {
100 httpClient.getParams().setAuthenticationPreemptive( false );
101 }
102
103 httpMethod.getParams().setParameter( CredentialsProvider.PROVIDER,
104 new UPDCredentialsProvider( username, password, domain ) );
105
106 httpMethod.setDoAuthentication( true );
107 }
108 }
109
110 public static class UPDCredentialsProvider implements CredentialsProvider
111 {
112 private boolean checkedCredentials;
113 private final static Logger logger = Logger.getLogger( WsdlRequestCredentialsProvider.class );
114 private final String username;
115 private final String password;
116 private final String domain;
117
118 public UPDCredentialsProvider( String username, String password, String domain )
119 {
120 this.username = username;
121 this.password = password == null ? "" : password;
122 this.domain = domain;
123 }
124
125 public Credentials getCredentials( final AuthScheme authscheme, final String host, int port, boolean proxy )
126 throws CredentialsNotAvailableException
127 {
128 if( checkedCredentials )
129 throw new CredentialsNotAvailableException( "Missing valid credentials" );
130
131 if( authscheme == null )
132 {
133 return null;
134 }
135 try
136 {
137 if( authscheme instanceof NTLMScheme )
138 {
139 logger.info( host + ":" + port + " requires Windows authentication" );
140 return new NTCredentials( username, password, host, domain );
141 }
142 else if( authscheme instanceof RFC2617Scheme )
143 {
144 logger.info( host + ":" + port + " requires authentication with the realm '" + authscheme.getRealm()
145 + "'" );
146 return new UsernamePasswordCredentials( username, password );
147 }
148 else
149 {
150 throw new CredentialsNotAvailableException( "Unsupported authentication scheme: "
151 + authscheme.getSchemeName() );
152 }
153 }
154 catch( IOException e )
155 {
156 throw new CredentialsNotAvailableException( e.getMessage(), e );
157 }
158 finally
159 {
160 checkedCredentials = true;
161 }
162 }
163 }
164 }