How to deal with multi-step WWW-Authenticate with the new HttpClient
Weijun Wang
weijun.wang at oracle.com
Wed Apr 17 13:24:54 UTC 2019
Sorry, after adding "-Djdk.httpclient.HttpClient.log=headers,errors,channel" I found out it's my problem.
> On Apr 17, 2019, at 11:09 AM, Weijun Wang <weijun.wang at oracle.com> wrote:
>
> Hi, All,
>
> I am trying the new HttpClient to deal with a multi-step Negotiate authentication with Windows IIS, and here is my code.
>
> HttpClient hc = HttpClient.newBuilder().build();
> var req = HttpRequest.newBuilder().uri(new URI(args[0]));
> while (true) {
> var resp = hc.send(req.build(), HttpResponse.BodyHandlers.ofString());
> System.out.println("--------------------");
> System.out.println(resp.statusCode());
> String auth = resp.headers().allValues("WWW-Authenticate")
> .stream()
> .filter(s -> s.startsWith("Negotiate"))
> .findFirst()
> .orElseThrow()
> .substring(9)
> .trim();
> System.out.println("incoming " + auth);
> byte[] in = auth.isEmpty() ? new byte[0] :Base64.getDecoder().decode(auth);
> byte[] out = calculate_token_from_incoming(in);
> if (out == null) break; // if status is still >400. No way to continue
> String sent = Base64.getEncoder().encodeToString(out);
> System.out.println("--------------------");
> System.out.println("outgoing " + sent);
> req.header("Authorization", "Negotiate " + sent);
I am using the wrong method here, should be "setHeader".
Thanks,
Max
> }
>
> This works when there is only one request and one reply, but fails when there is more.
>
> Is this the correct way? Is there some keep-connnection thing I need to care about?
>
> Thanks,
> Max
>
> p.s. Or maybe there is something wrong with IIS. This is a corner case.
>
More information about the net-dev
mailing list