search

TheProjecter / sardine

Automatically exported from code.google.com/p/sardine
0 stars 0 forks source link

Support Kerberos authentication scheme #126

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
I am trying to connect to a WebDAV server (Alfresco) using Kerberos 
authentication.
Is it possible with Sardine?
Is there anything special to do, compared to basic auth?

I receive the following error:
SardineException: Unexpected response (401 Unauthorized)
at ValidatingResponseHandler.validateResponse(ValidationResponseHandler.java:49)

(disclaimer: it might be a problem on my side)

Original issue reported on code.google.com by nicolas.raoul@gmail.com on 18 Jun 2012 at 5:28

GoogleCodeExporter commented 9 years ago 
Discussion belongs on the mailing list, not an issue tracker.

Original comment by latch...@gmail.com on 18 Jun 2012 at 5:50

GoogleCodeExporter commented 9 years ago 
Kerberos support should be possible to implement with the authentication 
mechanisms in Http Components as discussed in 
http://hc.apache.org/httpcomponents-client-ga/tutorial/html/authentication.html.
 You will have to inject your own configured HttpClient instance or it might 
suffice to override SardineImpl#setCredentials. You might want to share your 
findings here and we might add support for Kerberos by default.

Original comment by dkocher@sudo.ch on 18 Jun 2012 at 8:32

GoogleCodeExporter commented 9 years ago 
For reference, here is an example showing how to set up HttpClient for Kerberos:

http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/httpclient/src/e
xamples/org/apache/http/examples/client/ClientKerberosAuthentication.java

Apparently we just need to set a few system properties and call 
httpclient.getCredentialsProvider().setCredentials with the right options.

Original comment by nicolas.raoul@gmail.com on 20 Jun 2012 at 5:57

GoogleCodeExporter commented 9 years ago 
Would it be able to upgrade to httpclient 4.2 ?
Currently Sardine uses httpclient 4.1.2, which did not have SPNegoSchemeFactory.
Thanks a lot!

Original comment by nicolas.raoul@gmail.com on 21 Jun 2012 at 2:51

GoogleCodeExporter commented 9 years ago 
Implemented, not tested yet.

Original comment by nicolas.raoul@gmail.com on 21 Jun 2012 at 4:12

Attachments:

GoogleCodeExporter commented 9 years ago 
Also need to upgrade httpcore-4.1.4 to httpcore-4.2.1

Original comment by nicolas.raoul@gmail.com on 21 Jun 2012 at 6:35

GoogleCodeExporter commented 9 years ago 
Updated HTTP components dependencies in r345.

Original comment by dkocher@sudo.ch on 21 Jun 2012 at 4:27

GoogleCodeExporter commented 9 years ago 
The SPNEGO auth policy is registered by default in 
AbstractHttpClient#createAuthSchemeRegistry. So this possibly  superfluous.

Original comment by dkocher@sudo.ch on 21 Jun 2012 at 4:39

GoogleCodeExporter commented 9 years ago 
Do you have a test system available over the Internet we can use for testing?

Original comment by dkocher@sudo.ch on 21 Jun 2012 at 4:43

GoogleCodeExporter commented 9 years ago 
In r347 I have added the SPNEGO and Kerberos authentication policies to use the 
user supplied credentials. Again, I don't know if this will work out of the box.

Original comment by dkocher@sudo.ch on 21 Jun 2012 at 4:49

GoogleCodeExporter commented 9 years ago 
Thanks!
Unfortunately, my network is not accessible over the internet for testing.
I am now trying to see how Sardine could create a ticket if none exists.

Original comment by nicolas.raoul@gmail.com on 22 Jun 2012 at 12:20

GoogleCodeExporter commented 9 years ago 
Please don't merge my code yet, I have to fix it :-/
I am kind of stuck so any help would be very welcome!

Original comment by nicolas.raoul@gmail.com on 25 Jun 2012 at 11:51

GoogleCodeExporter commented 9 years ago

Original comment by dkocher@sudo.ch on 18 Apr 2013 at 8:26