Is there an easier way to setup the http client for preemptive basic authentication that what described here?
In previous version (3.x) it used to be a simple method call (eg, httpClient.getParams().setAuthenticationPreemptive(true)).
The main thing I want to avoid is adding the BasicHttpContext to each method I execute.
views:
629answers:
2
A:
I don't quite get your closing comment. It's the HttpClient that has all of that machinery for doing preemptive auth, and you only have to do that once (when you construct and configure your HttpClient). Once you've done that, you construct your method instances the same way as always. You don't "add the BasicHttpContext" to the method.
Your best bet, I'd think, is to have your own object that sets up all of the junk required for preemptive auth, and has a simple method or methods for executing requests on given HTTPMethod objects.
Jonathan Feinberg
2010-01-06 17:11:40
According to the example (and some testing I did) the context must pass whenever I call the execute method: `httpclient.execute(targetHost, httpget, localcontext);`
yossis
2010-01-06 17:21:39
See my second paragraph.
Jonathan Feinberg
2010-01-06 17:25:16
Sure, that's a good idea, I'll wait a little bit to see if someone has an out-of-the-box solution.
yossis
2010-01-06 17:40:07
+3
A:
It's difficult to do this without passing a context through every time, but you can probably do it by using a request interceptor. Here is some code that we use (found from their JIRA, iirc):
// Pre-emptive authentication to speed things up
BasicHttpContext localContext = new BasicHttpContext();
BasicScheme basicAuth = new BasicScheme();
localContext.setAttribute("preemptive-auth", basicAuth);
httpClient.addRequestInterceptor(new PreemptiveAuthInterceptor(), 0);
(...)
static class PreemptiveAuthInterceptor implements HttpRequestInterceptor {
public void process(final HttpRequest request, final HttpContext context) throws HttpException, IOException {
AuthState authState = (AuthState) context.getAttribute(ClientContext.TARGET_AUTH_STATE);
// If no auth scheme avaialble yet, try to initialize it
// preemptively
if (authState.getAuthScheme() == null) {
AuthScheme authScheme = (AuthScheme) context.getAttribute("preemptive-auth");
CredentialsProvider credsProvider = (CredentialsProvider) context.getAttribute(ClientContext.CREDS_PROVIDER);
HttpHost targetHost = (HttpHost) context.getAttribute(ExecutionContext.HTTP_TARGET_HOST);
if (authScheme != null) {
Credentials creds = credsProvider.getCredentials(new AuthScope(targetHost.getHostName(), targetHost.getPort()));
if (creds == null) {
throw new HttpException("No credentials for preemptive authentication");
}
authState.setAuthScheme(authScheme);
authState.setCredentials(creds);
}
}
}
}
Mat Mannion
2010-08-16 13:49:20
Actually I ended up doing something similar (https://subversion.jfrog.org/jfrog/build-info/trunk/build-info-client/src/main/java/org/jfrog/build/client/PreemptiveHttpClient.java).Just forgot to post back.Thanks
yossis
2010-08-17 07:36:04
The correct URL: https://subversion.jfrog.org/jfrog/build-info/trunk/build-info-client/src/main/java/org/jfrog/build/client/PreemptiveHttpClient.java
yossis
2010-08-17 07:45:29
@yossis Your site requires authentication; do you have a link usable without authentication?
Alessandro Vernet
2010-10-05 21:44:15
And make sure not to forget the `0` as second parameter for `addRequestInterceptor()`, as without it, your interceptor will be called after HttpClient's `RequestTargetAuthentication`, which is itself implemented as an interceptor and which processes the `AuthState` you create in your interceptor.
Alessandro Vernet
2010-10-05 21:48:08
Sorry, here is the link again: http://subversion.jfrog.org/jfrog/build-info/trunk/build-info-client/src/main/java/org/jfrog/build/client/PreemptiveHttpClient.java
yossis
2010-10-06 10:27:58