1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27 package org.apache.hc.client5.testing.sync;
28
29 import java.io.IOException;
30
31 import org.apache.hc.client5.http.auth.AuthScheme;
32 import org.apache.hc.client5.http.auth.AuthSchemeFactory;
33 import org.apache.hc.client5.http.classic.methods.HttpGet;
34 import org.apache.hc.client5.http.auth.StandardAuthScheme;
35 import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
36 import org.apache.hc.client5.http.impl.classic.CloseableHttpResponse;
37 import org.apache.hc.client5.http.impl.classic.HttpClientBuilder;
38 import org.apache.hc.client5.http.impl.win.WinHttpClients;
39 import org.apache.hc.client5.http.impl.win.WindowsNegotiateSchemeGetTokenFail;
40 import org.apache.hc.core5.http.ClassicHttpRequest;
41 import org.apache.hc.core5.http.ClassicHttpResponse;
42 import org.apache.hc.core5.http.HttpException;
43 import org.apache.hc.core5.http.HttpHeaders;
44 import org.apache.hc.core5.http.HttpHost;
45 import org.apache.hc.core5.http.HttpStatus;
46 import org.apache.hc.core5.http.config.Registry;
47 import org.apache.hc.core5.http.config.RegistryBuilder;
48 import org.apache.hc.core5.http.io.HttpRequestHandler;
49 import org.apache.hc.core5.http.io.entity.EntityUtils;
50 import org.apache.hc.core5.http.protocol.HttpContext;
51 import org.junit.Assume;
52 import org.junit.Test;
53
54
55
56
57 public class TestWindowsNegotiateScheme extends LocalServerTestBase {
58
59 @Test(timeout=30000)
60 public void testNoInfiniteLoopOnSPNOutsideDomain() throws Exception {
61 this.server.registerHandler("/", new HttpRequestHandler() {
62
63 @Override
64 public void handle(
65 final ClassicHttpRequest request,
66 final ClassicHttpResponse response,
67 final HttpContext context) throws HttpException, IOException {
68 response.addHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.SPNEGO);
69 response.setCode(HttpStatus.SC_UNAUTHORIZED);
70 }
71
72 });
73 Assume.assumeTrue("Test can only be run on Windows", WinHttpClients.isWinAuthAvailable());
74
75
76
77
78
79
80
81
82
83 final Registry<AuthSchemeFactory> authSchemeRegistry = RegistryBuilder.<AuthSchemeFactory>create()
84 .register(StandardAuthScheme.SPNEGO, new AuthSchemeFactory() {
85 @Override
86 public AuthScheme create(final HttpContext context) {
87 return new WindowsNegotiateSchemeGetTokenFail(StandardAuthScheme.SPNEGO, "HTTP/example.com");
88 }
89 }).build();
90 final CloseableHttpClient customClient = HttpClientBuilder.create()
91 .setDefaultAuthSchemeRegistry(authSchemeRegistry).build();
92
93 final HttpHost target = start();
94 final HttpGet httpGet = new HttpGet("/");
95 try (final CloseableHttpResponse response = customClient.execute(target, httpGet)) {
96 EntityUtils.consume(response.getEntity());
97 }
98 }
99
100 }