View Javadoc

1   /*
2    *  soapUI, copyright (C) 2004-2008 eviware.com 
3    *
4    *  soapUI is free software; you can redistribute it and/or modify it under the 
5    *  terms of version 2.1 of the GNU Lesser General Public License as published by 
6    *  the Free Software Foundation.
7    *
8    *  soapUI is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without 
9    *  even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
10   *  See the GNU Lesser General Public License for more details at gnu.org.
11   */
12  
13  package com.eviware.soapui.impl.wsdl.submit.filters;
14  
15  import com.eviware.soapui.impl.support.AbstractHttpRequest;
16  import com.eviware.soapui.impl.wsdl.WsdlRequest;
17  import com.eviware.soapui.impl.wsdl.submit.transports.http.BaseHttpRequestTransport;
18  import com.eviware.soapui.model.iface.SubmitContext;
19  import com.eviware.soapui.model.propertyexpansion.PropertyExpansionUtils;
20  import com.eviware.soapui.model.settings.Settings;
21  import com.eviware.soapui.settings.HttpSettings;
22  import com.eviware.soapui.support.StringUtils;
23  import org.apache.commons.httpclient.*;
24  import org.apache.commons.httpclient.auth.*;
25  import org.apache.log4j.Logger;
26  
27  import java.io.IOException;
28  
29  /***
30   * RequestFilter for setting preemptive authentication and related credentials
31   */
32  
33  public class HttpAuthenticationRequestFilter extends AbstractRequestFilter
34  {
35     @Override
36     public void filterAbstractHttpRequest( SubmitContext context, AbstractHttpRequest<?> wsdlRequest )
37     {
38        String username = PropertyExpansionUtils.expandProperties( context, wsdlRequest.getUsername() );
39  
40        // check for authorization prerequisites
41        if( username == null || username.length() == 0 )
42           return;
43  
44        Settings settings = wsdlRequest.getSettings();
45        String password = PropertyExpansionUtils.expandProperties( context, wsdlRequest.getPassword() );
46        String domain = PropertyExpansionUtils.expandProperties( context, wsdlRequest.getDomain() );
47  
48        String wssPasswordType = null;
49  
50        if( wsdlRequest instanceof WsdlRequest )
51        {
52           wssPasswordType = PropertyExpansionUtils.expandProperties( context, ( (WsdlRequest) wsdlRequest ).getWssPasswordType() );
53        }
54  
55        if( StringUtils.isNullOrEmpty( wssPasswordType ) )
56        {
57           initRequestCredentials( context, username, settings, password, domain );
58        }
59     }
60  
61     public static void initRequestCredentials( SubmitContext context, String username, Settings settings, String password, String domain )
62     {
63        HttpClient httpClient = (HttpClient) context.getProperty( BaseHttpRequestTransport.HTTP_CLIENT );
64        HttpMethod httpMethod = (HttpMethod) context.getProperty( BaseHttpRequestTransport.HTTP_METHOD );
65  
66        if( StringUtils.isNullOrEmpty( username ) && StringUtils.isNullOrEmpty( password ) )
67        {
68           httpClient.getParams().setAuthenticationPreemptive( false );
69           httpMethod.setDoAuthentication( false );
70        }
71        else
72        {
73           //	 set preemptive authentication
74           if( settings.getBoolean( HttpSettings.AUTHENTICATE_PREEMPTIVELY ) )
75           {
76              httpClient.getParams().setAuthenticationPreemptive( true );
77              HttpState state = (HttpState) context.getProperty( SubmitContext.HTTP_STATE_PROPERTY );
78  
79              if( state != null )
80              {
81                 Credentials defaultcreds = new UsernamePasswordCredentials( username, password == null ? "" : password );
82                 state.setCredentials( AuthScope.ANY, defaultcreds );
83              }
84           }
85           else
86           {
87              httpClient.getParams().setAuthenticationPreemptive( false );
88           }
89  
90           httpMethod.getParams().setParameter( CredentialsProvider.PROVIDER,
91                   new UPDCredentialsProvider( username, password, domain ) );
92  
93           httpMethod.setDoAuthentication( true );
94        }
95     }
96  
97     public static class UPDCredentialsProvider implements CredentialsProvider
98     {
99        private boolean checkedCredentials;
100       private final static Logger logger = Logger.getLogger( WsdlRequestCredentialsProvider.class );
101       private final String username;
102       private final String password;
103       private final String domain;
104 
105       public UPDCredentialsProvider( String username, String password, String domain )
106       {
107          this.username = username;
108          this.password = password == null ? "" : password;
109          this.domain = domain;
110       }
111 
112       public Credentials getCredentials( final AuthScheme authscheme, final String host, int port, boolean proxy )
113               throws CredentialsNotAvailableException
114       {
115          if( checkedCredentials )
116             throw new CredentialsNotAvailableException( "Missing valid credentials" );
117 
118          if( authscheme == null )
119          {
120             return null;
121          }
122          try
123          {
124             if( authscheme instanceof NTLMScheme )
125             {
126                logger.info( host + ":" + port + " requires Windows authentication" );
127                return new NTCredentials( username, password, host, domain );
128             }
129             else if( authscheme instanceof RFC2617Scheme )
130             {
131                logger.info( host + ":" + port + " requires authentication with the realm '" + authscheme.getRealm() + "'" );
132                return new UsernamePasswordCredentials( username, password );
133             }
134             else
135             {
136                throw new CredentialsNotAvailableException( "Unsupported authentication scheme: "
137                        + authscheme.getSchemeName() );
138             }
139          }
140          catch( IOException e )
141          {
142             throw new CredentialsNotAvailableException( e.getMessage(), e );
143          }
144          finally
145          {
146             checkedCredentials = true;
147          }
148       }
149    }
150 }