com.kerb4j.client

Class SpnegoHttpURLConnection

java.lang.Object

com.kerb4j.client.SpnegoHttpURLConnection

public final class SpnegoHttpURLConnection
extends Object

This Class may be used by custom clients as a convenience when connecting to a protected HTTP server.

This mechanism is an alternative to HTTP Basic Authentication where the HTTP server does not support Basic Auth but instead has SPNEGO support

A krb5.conf and a login.conf is required when using this class. Take a look at the spnego.sourceforge.net documentation for an example krb5.conf file. Also, you must provide a keytab file, or a username and password, or allowtgtsessionkey.

Example usage (username/password):

     public static void main(final String[] args) throws Exception {
         System.setProperty("java.security.krb5.conf", "krb5.conf");
         System.setProperty("sun.security.krb5.debug", "true");
         System.setProperty("java.security.auth.login.config", "login.conf");

         SpnegoHttpURLConnection spnego = null;

         try {
             spnego = new SpnegoHttpURLConnection("spnego-client", "dfelix", "myp@s5");
             spnego.connect(new URL("http://medusa:8080/index.jsp"));

             System.out.println(spnego.getResponseCode());

         } finally {
             if (null != spnego) {
                 spnego.disconnect();
             }
         }
     }
 

Alternatively, if the server supports HTTP Basic Authentication, this Class is NOT needed and instead you can do something like the following:

     public static void main(final String[] args) throws Exception {
         final String creds = "dfelix:myp@s5";

         final String token = Base64.encodeImpl(creds.getBytes());

         URL url = new URL("http://medusa:8080/index.jsp");

         HttpURLConnection conn = (HttpURLConnection) url.openConnection();

         conn.setRequestProperty(Constants.AUTHZ_HEADER
                 , Constants.BASIC_HEADER + " " + token);

         conn.connect();

         System.out.println("Response Code:" + conn.getResponseCode());
     }
 

To see a working example and instructions on how to use a keytab, take a look at the creating a client keytab example.

Author:

Darwin V. Felix

Constructor Summary

Constructors

Constructor and Description
SpnegoHttpURLConnection(SpnegoClient spnegoClient)
SpnegoHttpURLConnection(String loginModuleName) Deprecated.
SpnegoHttpURLConnection(String loginModuleName, String username, String password) Deprecated.

Method Summary

Modifier and Type	Method and Description
void	addRequestProperty(String key, String value) Adds an HTTP Request property.
HttpURLConnection	connect(URL url) Opens a communications link to the resource referenced by this URL, if such a connection has not already been established.
HttpURLConnection	connect(URL url, ByteArrayOutputStream dooutput) Opens a communications link to the resource referenced by this URL, if such a connection has not already been established.
void	disconnect() Logout and clear request properties.
InputStream	getErrorStream() Returns an error stream that reads from this open connection.
String	getHeaderField(int index) Get header value at specified index.
String	getHeaderField(String name) Get header value by header name.
String	getHeaderFieldKey(int index) Get header field key at specified index.
InputStream	getInputStream() Returns an input stream that reads from this open connection.
OutputStream	getOutputStream() Returns an output stream that writes to this open connection.
int	getResponseCode() Returns HTTP Status code.
String	getResponseMessage() Returns HTTP Status message.
boolean	isContextEstablished() Returns true if GSSContext has been established.
void	requestCredDeleg(boolean requestDelegation) Request that this GSSCredential be allowed for delegation.
void	setRequestMethod(String method) May override the default GET method.
void	setRequestProperty(String key, String value) Sets an HTTP Request property.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SpnegoHttpURLConnection

@Deprecated
public SpnegoHttpURLConnection(String loginModuleName)
                                    throws LoginException

Deprecated.

Creates an instance where the LoginContext relies on a keytab file being specified by "java.security.auth.login.config" or where LoginContext relies on tgtsessionkey.

Parameters:

loginModuleName - loginModuleName

Throws:

LoginException - LoginException

SpnegoHttpURLConnection

@Deprecated
public SpnegoHttpURLConnection(String loginModuleName,
                                           String username,
                                           String password)
                                    throws LoginException

Deprecated.

Creates an instance where the LoginContext does not require a keytab file. However, the "java.security.auth.login.config" property must still be set prior to instantiating this object.

Parameters:

loginModuleName - loginModuleName

username - username

password - password

Throws:

LoginException - LoginException

SpnegoHttpURLConnection

public SpnegoHttpURLConnection(SpnegoClient spnegoClient)

Method Detail

connect

public HttpURLConnection connect(URL url)
                          throws GSSException,
                                 PrivilegedActionException,
                                 IOException

Opens a communications link to the resource referenced by this URL, if such a connection has not already been established.

This implementation simply calls this objects connect(URL, ByteArrayOutputStream) method but passing in a null for the second argument.

Parameters:

url - url

Returns:

an HttpURLConnection object

Throws:

GSSException - GSSException

PrivilegedActionException - PrivilegedActionException

IOException - IOException

See Also:

URLConnection.connect()

connect

public HttpURLConnection connect(URL url,
                                 ByteArrayOutputStream dooutput)
                          throws GSSException,
                                 PrivilegedActionException,
                                 IOException

Opens a communications link to the resource referenced by this URL, if such a connection has not already been established.

Parameters:

url - target URL

dooutput - optional message/payload to send to server

Returns:

an HttpURLConnection object

Throws:

GSSException - GSSException

PrivilegedActionException - PrivilegedActionException

IOException - IOException

See Also:

URLConnection.connect()

disconnect

public void disconnect()

Logout and clear request properties.

See Also:

HttpURLConnection.disconnect()

isContextEstablished

public boolean isContextEstablished()

Returns true if GSSContext has been established.

Returns:

true if GSSContext has been established, false otherwise.

addRequestProperty

public void addRequestProperty(String key,
                               String value)

Adds an HTTP Request property.

Parameters:

key - request property name

value - request propery value

See Also:

URLConnection.addRequestProperty(String, String)

setRequestProperty

public void setRequestProperty(String key,
                               String value)

Sets an HTTP Request property.

Parameters:

key - request property name

value - request property value

See Also:

URLConnection.setRequestProperty(String, String)

getErrorStream

public InputStream getErrorStream()
                           throws IOException

Returns an error stream that reads from this open connection.

Returns:

error stream that reads from this open connection

Throws:

IOException - IOException

See Also:

HttpURLConnection.getErrorStream()

getHeaderField

public String getHeaderField(int index)

Get header value at specified index.

Parameters:

index - index

Returns:

header value at specified index

getHeaderField

public String getHeaderField(String name)

Get header value by header name.

Parameters:

name - name header

Returns:

header value

See Also:

URLConnection.getHeaderField(String)

getHeaderFieldKey

public String getHeaderFieldKey(int index)

Get header field key at specified index.

Parameters:

index - index

Returns:

header field key at specified index

getInputStream

public InputStream getInputStream()
                           throws IOException

Returns an input stream that reads from this open connection.

Returns:

input stream that reads from this open connection

Throws:

IOException - IOException

See Also:

URLConnection.getInputStream()

getOutputStream

public OutputStream getOutputStream()
                             throws IOException

Returns an output stream that writes to this open connection.

Returns:

output stream that writes to this connections

Throws:

IOException - IOException

See Also:

URLConnection.getOutputStream()

getResponseCode

public int getResponseCode()
                    throws IOException

Returns HTTP Status code.

Returns:

HTTP Status Code

Throws:

IOException - IOException

See Also:

HttpURLConnection.getResponseCode()

getResponseMessage

public String getResponseMessage()
                          throws IOException

Returns HTTP Status message.

Returns:

HTTP Status Message

Throws:

IOException - IOException

See Also:

HttpURLConnection.getResponseMessage()

requestCredDeleg

public void requestCredDeleg(boolean requestDelegation)

Request that this GSSCredential be allowed for delegation.

Parameters:

requestDelegation - true to allow/request delegation

setRequestMethod

public void setRequestMethod(String method)

May override the default GET method.

Parameters:

method - method

See Also:

HttpURLConnection.setRequestMethod(String)