Ok, I'll look at creating some tests and will have a look at the
digest authentication :-D
Mike
2008/8/25 Paul Sandoz <Paul.Sandoz_at_sun.com>:
> Hi Mike,
>
> This looks good. We would require tests to an authenticated service. I am
> guessing such services could be written using embedded Jetty and we can make
> them unit tests.
>
> BTW you can do this:
>
> clientRequest.getMetadata().
> putSingle("Authorization", new String(encoded));
>
> I think having this as a separate contribution would be best as it depends
> on the Apache commons.
>
> I agree with Imran that one should avoid having such information in the URI.
> We should stick to utilizing HTTP authorization headers.
>
> Extra bonus points for supporting the digest access authentication scheme
> [1] :-)
>
> Paul.
>
> [1] http://www.ietf.org/rfc/rfc2617.txt
>
> Mike Jones wrote:
>>
>> Hi
>>
>> I've had as quick go at creating a filter for basic authentication. It
>> works well for my tests and uses the Base64 encoder provided with
>> commons-codec:
>>
>> <snip>
>> public class BasicAuthenticationClientFilter extends ClientFilter {
>>
>> public BasicAuthenticationClientFilter(final String username,
>> final String password) {
>> this.username = username;
>> this.password = password;
>> }
>>
>> public ClientResponse handle(ClientRequest clientRequest) throws
>> ClientHandlerException {
>>
>> // encode the password
>> byte[] encoded = Base64.encodeBase64((username + ":" +
>> password).getBytes());
>>
>> // add the header
>> List<Object> headerValue = new ArrayList<Object>();
>> headerValue.add("Basic " + new String(encoded));
>> clientRequest.getMetadata().put("Authorization", headerValue);
>>
>> return getNext().handle(clientRequest);
>> }
>>
>> private String username;
>> private String password;
>> }
>> </snip>
>>
>> I'd like to make it more robust and useful as a contribution to
>> jersey. I need some tests for it and was also wondering if it should
>> check for the username and the password in the URI:
>> http://mike:secret@localhost/ ? Any thoughts?
>>
>> Cheers
>> Mike
>>
>> 2008/8/20 Mike Jones <mike.a.jones_at_gmail.com>:
>>>
>>> Hi Marc
>>>
>>> That worked a treat for the one test I wrote - I think I'll need to
>>> call a Authenticator.setDeault(null) on the tearDown to stop specific
>>> the credentials going across more than one test.
>>>
>>> Paul's idea about the Filter is interesting - I suppose using that you
>>> can support conventions like http://mike:secret@example.org/
>>>
>>> Thanks for the help
>>>
>>> Cheers
>>> Mike
>>>
>>> 2008/8/20 Marc Hadley <Marc.Hadley_at_sun.com>:
>>>>
>>>> Try adding the following to your code before you use the client API:
>>>>
>>>> final String username ="...";
>>>> final String password ="...";
>>>> Authenticator.setDefault(new Authenticator() {
>>>> protected PasswordAuthentication getPasswordAuthentication() {
>>>> return new PasswordAuthentication (username, password.toCharArray());
>>>> }
>>>> });
>>>>
>>>> HTH,
>>>> Marc.
>>>>
>>>> On Aug 20, 2008, at 6:45 AM, Mike Jones wrote:
>>>>
>>>>> Hello
>>>>>
>>>>> I'm using Jersey with Spring security and I'm in the process of
>>>>> creating some tests that use embedded Jetty and the Jersey client. I
>>>>> need to perform some basic authentication with the client - do I need
>>>>> to encode the credentials in Base64 myself and add them to the headers
>>>>> in the jersey client? Am I missing some nice (and probably obvious)
>>>>> helper methods for this?
>>>>>
>>>>> Cheers
>>>>> Mike
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: users-unsubscribe_at_jersey.dev.java.net
>>>>> For additional commands, e-mail: users-help_at_jersey.dev.java.net
>>>>>
>>>> ---
>>>> Marc Hadley <marc.hadley at sun.com>
>>>> CTO Office, Sun Microsystems.
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe_at_jersey.dev.java.net
>>>> For additional commands, e-mail: users-help_at_jersey.dev.java.net
>>>>
>>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe_at_jersey.dev.java.net
>> For additional commands, e-mail: users-help_at_jersey.dev.java.net
>>
>
> --
> | ? + ? = To question
> ----------------\
> Paul Sandoz
> x38109
> +33-4-76188109
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_jersey.dev.java.net
> For additional commands, e-mail: users-help_at_jersey.dev.java.net
>
>