How to deal with multi-step WWW-Authenticate with the new HttpClient
Chris Hegarty
chris.hegarty at oracle.com
Wed Apr 17 14:58:13 UTC 2019
Thank you for following up with the resolution, Max.
-Chris.
On 17/04/2019 14:24, Weijun Wang wrote:
> Sorry, after adding "-Djdk.httpclient.HttpClient.log=headers,errors,channel" I found out it's my problem.
>
>> On Apr 17, 2019, at 11:09 AM, Weijun Wang <weijun.wang at oracle.com> wrote:
>>
>> Hi, All,
>>
>> I am trying the new HttpClient to deal with a multi-step Negotiate authentication with Windows IIS, and here is my code.
>>
>> HttpClient hc = HttpClient.newBuilder().build();
>> var req = HttpRequest.newBuilder().uri(new URI(args[0]));
>> while (true) {
>> var resp = hc.send(req.build(), HttpResponse.BodyHandlers.ofString());
>> System.out.println("--------------------");
>> System.out.println(resp.statusCode());
>> String auth = resp.headers().allValues("WWW-Authenticate")
>> .stream()
>> .filter(s -> s.startsWith("Negotiate"))
>> .findFirst()
>> .orElseThrow()
>> .substring(9)
>> .trim();
>> System.out.println("incoming " + auth);
>> byte[] in = auth.isEmpty() ? new byte[0] :Base64.getDecoder().decode(auth);
>> byte[] out = calculate_token_from_incoming(in);
>> if (out == null) break; // if status is still >400. No way to continue
>> String sent = Base64.getEncoder().encodeToString(out);
>> System.out.println("--------------------");
>> System.out.println("outgoing " + sent);
>> req.header("Authorization", "Negotiate " + sent);
>
> I am using the wrong method here, should be "setHeader".
>
> Thanks,
> Max
>
>> }
>>
>> This works when there is only one request and one reply, but fails when there is more.
>>
>> Is this the correct way? Is there some keep-connnection thing I need to care about?
>>
>> Thanks,
>> Max
>>
>> p.s. Or maybe there is something wrong with IIS. This is a corner case.
>>
>
More information about the net-dev
mailing list