Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 368777

Summary: [api] support pre-emptive authentication in CommonHttpClient
Product: z_Archived Reporter: David Green <greensopinion>
Component: MylynAssignee: Steffen Pingel <steffen.pingel>
Status: RESOLVED FIXED QA Contact:
Severity: enhancement    
Priority: P3    
Version: unspecified   
Target Milestone: 3.7   
Hardware: All   
OS: All   
Whiteboard:
Bug Depends on:    
Bug Blocks: 335254    
Attachments:
Description Flags
mylyn/context/zip none

Description David Green CLA 2012-01-16 16:25:47 EST 
I've taken a look at using the new org.eclipse.mylyn.commons.repositories.http.core APIs, and the following came up:

* it would be nice to have an easy way to instanticate an IOperationMonitor from an IProgressMonitor using public API.  Currently there appears to be no API implementation of IOperationMonitor, though the internal OperationMonitor looks like it would do the job.  The IOperationMonitor API is complex enough that commons should provide a default implementation.
* it would be nice to have an easy way to implement preemptive auth using CommonHttpClient.  I realize that preemptive HTTP auth is not great practice, however some repositories only support HTTP auth preemptively (the server doesn't ever issue a challenge).  Currently the only way to enable preemptive auth is to write something as follows:

bc.. CommonHttpClient httpClient = new CommonHttpClient(location);
		URL url = new URL(location.getUrl());
		String hostname = url.getHost();
		int port = url.getPort();
		if (port == -1) {
			port = url.getDefaultPort();
		}
		
		HttpHost targetHost = new HttpHost(hostname, port, url.getProtocol());

		UserCredentials credentials = location.getCredentials(AuthenticationType.HTTP);
		if (credentials != null) {
			HttpUtil.configureAuthentication(httpClient.getHttpClient(), location);

			// Create AuthCache instance
			BasicAuthCache authCache = new BasicAuthCache();
			// Generate BASIC scheme object and add it to the local auth cache
			AuthScheme basicAuth = new BasicScheme();
			authCache.put(targetHost, basicAuth);

			httpClient.getContext().setAttribute(ClientContext.AUTH_CACHE, authCache);
		}
Comment 1 David Green CLA 2012-01-16 20:11:49 EST 
I see that @OperationUtil@ is intended to be used by clients wishing to instantiate an @IOperationMonitor@.  Javadoc in @IOperationMonitor@ should point to @OperationUtil@ to make it more discoverable.
Comment 2 Steffen Pingel CLA 2012-01-17 09:51:14 EST 
Thanks for the feedback. As you have pointed out, OperationUtil is intended for working with IOperationMonitor instances. I'll update the documentation as suggested. I have changed the subject to reflect the request for pre-emptive auth.
Comment 3 Steffen Pingel CLA 2012-01-17 18:51:32 EST 
I added a flag named "preemptiveAuthenticationEnabled" to CommonHttpClient. If you set that to true before executing the first request and set credentials on the location, the auth cache is configured for basic auth.
Comment 4 Steffen Pingel CLA 2012-01-17 18:51:35 EST 
Created attachment 209651 [details]
mylyn/context/zip
Comment 5 David Green CLA 2012-01-18 15:46:57 EST 
Thanks Steffen, it works well.  My 10 lines of code is now reduced to one.