Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.
Bug 368777 - [api] support pre-emptive authentication in CommonHttpClient
Summary: [api] support pre-emptive authentication in CommonHttpClient
Status: RESOLVED FIXED
Alias: None
Product: z_Archived
Classification: Eclipse Foundation
Component: Mylyn (show other bugs)
Version: unspecified   Edit
Hardware: All All
: P3 enhancement (vote)
Target Milestone: 3.7   Edit
Assignee: Steffen Pingel CLA
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: 335254
  Show dependency tree
 
Reported: 2012-01-16 16:25 EST by David Green CLA
Modified: 2012-01-18 15:46 EST (History)
0 users

See Also:

Attachments
mylyn/context/zip (69.87 KB, application/octet-stream)
2012-01-17 18:51 EST, Steffen Pingel CLA 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description David Green CLA 2012-01-16 16:25:47 EST 
I've taken a look at using the new org.eclipse.mylyn.commons.repositories.http.core APIs, and the following came up:

* it would be nice to have an easy way to instanticate an IOperationMonitor from an IProgressMonitor using public API.  Currently there appears to be no API implementation of IOperationMonitor, though the internal OperationMonitor looks like it would do the job.  The IOperationMonitor API is complex enough that commons should provide a default implementation.
* it would be nice to have an easy way to implement preemptive auth using CommonHttpClient.  I realize that preemptive HTTP auth is not great practice, however some repositories only support HTTP auth preemptively (the server doesn't ever issue a challenge).  Currently the only way to enable preemptive auth is to write something as follows:

bc.. CommonHttpClient httpClient = new CommonHttpClient(location);
		URL url = new URL(location.getUrl());
		String hostname = url.getHost();
		int port = url.getPort();
		if (port == -1) {
			port = url.getDefaultPort();
		}
		
		HttpHost targetHost = new HttpHost(hostname, port, url.getProtocol());

		UserCredentials credentials = location.getCredentials(AuthenticationType.HTTP);
		if (credentials != null) {
			HttpUtil.configureAuthentication(httpClient.getHttpClient(), location);

			// Create AuthCache instance
			BasicAuthCache authCache = new BasicAuthCache();
			// Generate BASIC scheme object and add it to the local auth cache
			AuthScheme basicAuth = new BasicScheme();
			authCache.put(targetHost, basicAuth);

			httpClient.getContext().setAttribute(ClientContext.AUTH_CACHE, authCache);
		}
Comment 1 David Green CLA 2012-01-16 20:11:49 EST 
I see that @OperationUtil@ is intended to be used by clients wishing to instantiate an @IOperationMonitor@.  Javadoc in @IOperationMonitor@ should point to @OperationUtil@ to make it more discoverable.
Comment 2 Steffen Pingel CLA 2012-01-17 09:51:14 EST 
Thanks for the feedback. As you have pointed out, OperationUtil is intended for working with IOperationMonitor instances. I'll update the documentation as suggested. I have changed the subject to reflect the request for pre-emptive auth.
Comment 3 Steffen Pingel CLA 2012-01-17 18:51:32 EST 
I added a flag named "preemptiveAuthenticationEnabled" to CommonHttpClient. If you set that to true before executing the first request and set credentials on the location, the auth cache is configured for basic auth.
Comment 4 Steffen Pingel CLA 2012-01-17 18:51:35 EST 
Created attachment 209651 [details]
mylyn/context/zip
Comment 5 David Green CLA 2012-01-18 15:46:57 EST 
Thanks Steffen, it works well.  My 10 lines of code is now reduced to one.